$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa File: bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa (raw, json) Hash identifier: /js/LcOIh37/t5Rbu4PVX/p6KKxkH7SJlqWMylbFrUo= Subject key identifier: 2B:C0:FC:EB:21:25:8F:CA:F8:52:17:6E:71:F6:65:A8:F7:72:6C:CB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 423B740378CDF08D28C5E5CEFE4ABDFE331EF24B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa Signing time: Tue 23 Apr 2024 00:00:00 +0000 ROA not before: Tue 23 Apr 2024 00:00:00 +0000 ROA not after: Tue 28 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 00:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:3b:74:03:78:cd:f0:8d:28:c5:e5:ce:fe:4a:bd:fe:33:1e:f2:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 23 00:00:00 2024 GMT Not After : May 28 23:59:59 2024 GMT Subject: serialNumber=498d2ffdc128ea0b63ef7b3fe430b3f0dc4cdae7e839511983066810dc4ab826, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:2e:4c:38:4c:a4:41:68:e4:49:f4:f1:56:aa: ae:a2:41:05:9e:b5:a5:b9:a5:c1:44:24:fc:df:80: 35:dc:e6:25:c0:06:67:71:98:6f:45:37:a3:b0:26: 1d:3e:5f:23:1a:ae:a7:c2:fd:55:32:6d:d5:57:76: 94:25:84:04:38:93:d3:88:94:82:d7:af:c3:63:f6: f1:c3:a9:f3:f6:7b:1a:2d:64:73:c3:64:58:75:b9: dd:e9:4d:77:2b:9d:97:08:5b:6b:f5:cd:36:0a:04: c2:2c:4e:43:a9:3b:2d:ae:21:c0:cd:5f:7e:58:b0: 4e:b0:fb:87:96:e6:70:90:86:d9:57:3b:00:59:cf: 22:56:64:ed:a1:e4:46:4c:65:7b:fc:24:f1:ce:eb: 4b:9a:0f:90:97:09:39:88:b2:93:75:2a:c1:de:f0: 89:c3:e1:9f:24:f7:97:20:f4:82:7a:f0:b7:91:23: 7e:b5:7e:96:66:e1:52:7f:96:c3:b6:1f:30:e3:87: 5e:60:03:c3:9f:14:9b:0f:10:e1:27:1d:70:02:7b: 05:cb:7d:06:44:5e:c4:c8:7c:21:6b:29:f3:40:f1: 2f:0e:62:20:f2:bb:2b:ff:bd:2d:5b:4f:59:b7:04: d3:85:1f:f2:3d:35:f1:e6:7f:d0:5d:8a:16:42:0b: 9c:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:C0:FC:EB:21:25:8F:CA:F8:52:17:6E:71:F6:65:A8:F7:72:6C:CB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:c800::/40 Signature Algorithm: sha256WithRSAEncryption bc:44:c0:19:9b:a0:4d:32:20:1c:48:45:9d:09:e3:ae:1f:be: e7:c1:1d:aa:33:b2:1c:9b:64:c5:f4:52:52:01:6e:c3:b4:cf: a6:3e:30:dc:5d:27:cf:0f:19:f8:f4:50:68:06:e5:15:63:33: b1:bd:97:94:6f:ec:a1:d0:85:9a:c4:32:8e:2d:31:9c:bc:3c: 51:b5:e2:8a:25:35:ae:39:cd:0e:37:c9:cc:8b:96:44:7e:b7: 9b:6d:bb:c3:61:27:5c:d3:dd:b5:da:95:4b:63:50:53:c0:98: 35:58:70:78:46:2a:18:fc:d1:6e:4d:74:89:44:d1:e4:91:ca: bc:41:02:60:23:15:61:48:8f:f3:e7:32:79:d4:cc:10:92:57: b0:d1:8d:06:9f:e0:dc:97:bd:21:a9:d2:90:7b:19:fb:25:f3: 22:8b:ae:34:6c:39:bc:e5:72:f5:61:32:f8:42:0c:e6:47:07: 29:4a:0e:07:2f:cf:66:e5:0b:91:ec:7e:76:de:21:93:25:db: af:78:71:26:1f:57:e2:f9:a7:05:5f:61:bc:83:ca:3a:94:5d: d4:d3:02:f8:60:51:f3:d7:1c:f1:d9:56:50:fa:f1:03:2d:15: 70:24:ef:ac:53:fd:5f:88:53:93:83:cf:f4:ce:e9:b5:c7:bf: 59:20:f2:e0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQjt0A3jN8I0oxeXO/kq9/jMe8kswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyMzAwMDAwMFoX DTI0MDUyODIzNTk1OVowejFJMEcGA1UEBRNANDk4ZDJmZmRjMTI4ZWEwYjYzZWY3 YjNmZTQzMGIzZjBkYzRjZGFlN2U4Mzk1MTE5ODMwNjY4MTBkYzRhYjgyNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0S5MOEykQWjkSfTxVqquokEFnrWl uaXBRCT834A13OYlwAZncZhvRTejsCYdPl8jGq6nwv1VMm3VV3aUJYQEOJPTiJSC 16/DY/bxw6nz9nsaLWRzw2RYdbnd6U13K52XCFtr9c02CgTCLE5DqTstriHAzV9+ WLBOsPuHluZwkIbZVzsAWc8iVmTtoeRGTGV7/CTxzutLmg+Qlwk5iLKTdSrB3vCJ w+GfJPeXIPSCevC3kSN+tX6WZuFSf5bDth8w44deYAPDnxSbDxDhJx1wAnsFy30G RF7EyHwhaynzQPEvDmIg8rsr/70tW09ZtwTThR/yPTXx5n/QXYoWQgucEQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCvA/OshJY/K+FIXbnH2Zaj3cmzLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmN2RmY2Y4LWJhMGMtNDdlOS04ZGRiLTZhNmQ4ZWM3MDQxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoMgwDQYJKoZIhvcNAQELBQADggEBALxEwBmboE0yIBxIRZ0J 464fvufBHaozshybZMX0UlIBbsO0z6Y+MNxdJ88PGfj0UGgG5RVjM7G9l5Rv7KHQ hZrEMo4tMZy8PFG14oolNa45zQ43ycyLlkR+t5ttu8NhJ1zT3bXalUtjUFPAmDVY cHhGKhj80W5NdIlE0eSRyrxBAmAjFWFIj/PnMnnUzBCSV7DRjQaf4NyXvSGp0pB7 Gfsl8yKLrjRsObzlcvVhMvhCDOZHBylKDgcvz2blC5HsfnbeIZMl2694cSYfV+L5 pwVfYbyDyjqUXdTTAvhgUfPXHPHZVlD68QMtFXAk76xT/V+IU5ODz/TO6bXHv1kg 8uA= -----END CERTIFICATE-----Generated at Sun May 5 01:11:59 2024 by rpki-client on console-ams.rpki-client.org