$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa File: c017ae6c-65e9-495c-a109-f29969b4159f.roa (raw, json) Hash identifier: Tg5Pb5F7wCSrH4cYSc1w6ioB3chO+u+P16iJ9ELA93w= Subject key identifier: 4D:6E:21:7B:E5:42:2E:7F:63:51:8A:73:00:A3:36:7B:04:BA:D9:29 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 407ADD3DD5CEAD4643F67913B9C0B0E142D5D33E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:7a:dd:3d:d5:ce:ad:46:43:f6:79:13:b9:c0:b0:e1:42:d5:d3:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=cbc7dc8eff920fa131f91bbcdabe9577315b92debf92af26ce5b467072516aa9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:24:eb:a7:6a:3c:69:57:01:ae:00:10:9b:32: ac:88:bc:b4:87:38:96:9e:21:8a:5e:1b:41:81:3a: f5:87:c0:7c:9a:b4:14:70:d5:ef:36:c7:7a:bf:6d: f7:23:c3:9c:b3:b0:a8:94:67:f6:f0:01:99:86:46: 04:8d:3d:e7:8f:d7:b7:c7:fd:9c:90:ce:7c:8d:7b: 6f:f2:79:35:51:6a:d3:ce:77:7b:77:05:dc:73:80: 63:40:ed:f7:32:9d:b2:fa:bb:96:19:41:e5:0c:d2: fa:f7:0e:53:67:6e:ce:4d:40:8c:88:d6:1d:31:0b: 4f:fb:01:e0:8f:ea:8e:92:b3:cc:55:b5:92:f9:d6: 71:45:07:95:b8:42:f5:5d:a6:99:fe:d5:ac:53:c7: dd:fd:24:e0:b5:4a:8c:0a:83:90:f3:8a:7e:11:c1: 5e:cf:a4:1b:6c:76:48:f1:3f:16:b2:52:f4:e6:0a: 39:fd:06:26:08:0f:99:83:ee:ca:3c:42:e7:2b:4f: 02:6f:c0:51:1b:e8:96:97:c2:ab:71:41:a9:2a:5b: 42:dc:ba:0d:3e:4b:77:26:f0:0c:56:4e:87:3f:3d: 8c:af:b0:9c:f2:59:a9:b9:72:43:ed:f2:01:46:f5: 56:ef:cd:80:fd:09:95:ba:eb:9b:66:f6:77:1a:36: 15:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:6E:21:7B:E5:42:2E:7F:63:51:8A:73:00:A3:36:7B:04:BA:D9:29 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:2000::/40 Signature Algorithm: sha256WithRSAEncryption 70:c4:22:70:d7:7a:40:77:f0:30:eb:7b:59:20:ad:19:c4:43: b3:42:c5:30:b5:ed:bc:1f:0d:10:51:7b:c6:bf:cf:12:c5:7a: 60:b3:ff:ed:33:7e:df:49:1a:cf:54:69:76:c2:56:cf:99:11: ac:53:ab:05:a0:e2:81:07:d7:5b:a1:8d:56:dc:33:e9:20:a3: 77:1e:f8:5c:56:97:1a:0e:2e:9f:57:2b:8c:8d:bf:9c:fd:dc: 99:cc:31:d8:85:a6:77:8b:07:09:91:15:e8:ec:ba:f3:f3:15: 09:91:3f:75:6d:e0:28:22:36:6e:04:a3:e0:62:f1:f1:b9:d0: df:c0:60:21:d3:36:43:c5:da:72:cd:fe:4e:28:93:80:92:bc: 0a:d5:b7:80:bf:3b:86:d1:57:fe:62:47:c7:f0:64:f2:e3:4d: fc:30:4a:49:2a:93:9d:c2:0d:bd:d7:11:02:d2:39:59:21:ab: ba:cb:9a:b7:33:17:14:f1:98:34:82:d6:8c:f8:f5:55:5c:1e: 07:9e:1f:91:3c:c1:29:18:9a:67:1c:4b:fa:c0:0b:0f:02:7d: ef:d8:45:3c:df:19:11:55:e7:c1:1c:5c:e7:bc:b1:58:4b:2b: 3b:f4:21:7e:0c:0e:0a:2c:d7:16:9d:65:b8:20:a5:63:56:a4: 70:76:58:e7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQHrdPdXOrUZD9nkTucCw4ULV0z4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAY2JjN2RjOGVmZjkyMGZhMTMxZjkx YmJjZGFiZTk1NzczMTViOTJkZWJmOTJhZjI2Y2U1YjQ2NzA3MjUxNmFhOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4STrp2o8aVcBrgAQmzKsiLy0hziW niGKXhtBgTr1h8B8mrQUcNXvNsd6v233I8Ocs7ColGf28AGZhkYEjT3nj9e3x/2c kM58jXtv8nk1UWrTznd7dwXcc4BjQO33Mp2y+ruWGUHlDNL69w5TZ27OTUCMiNYd MQtP+wHgj+qOkrPMVbWS+dZxRQeVuEL1XaaZ/tWsU8fd/STgtUqMCoOQ84p+EcFe z6QbbHZI8T8WslL05go5/QYmCA+Zg+7KPELnK08Cb8BRG+iWl8KrcUGpKltC3LoN Pkt3JvAMVk6HPz2Mr7Cc8lmpuXJD7fIBRvVW782A/QmVuuubZvZ3GjYVowIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFE1uIXvlQi5/Y1GKcwCjNnsEutkpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwMTdhZTZjLTY1ZTktNDk1Yy1hMTA5LWYyOTk2OWI0MTU5Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+iAwDQYJKoZIhvcNAQELBQADggEBAHDEInDXekB38DDre1kg rRnEQ7NCxTC17bwfDRBRe8a/zxLFemCz/+0zft9JGs9UaXbCVs+ZEaxTqwWg4oEH 11uhjVbcM+kgo3ce+FxWlxoOLp9XK4yNv5z93JnMMdiFpneLBwmRFejsuvPzFQmR P3Vt4CgiNm4Eo+Bi8fG50N/AYCHTNkPF2nLN/k4ok4CSvArVt4C/O4bRV/5iR8fw ZPLjTfwwSkkqk53CDb3XEQLSOVkhq7rLmrczFxTxmDSC1oz49VVcHgeeH5E8wSkY mmccS/rACw8Cfe/YRTzfGRFV58EcXOe8sVhLKzv0IX4MDgos1xadZbggpWNWpHB2 WOc= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org