$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c2d40877-6bad-4811-bf05-3515b26fc91b.roa File: c2d40877-6bad-4811-bf05-3515b26fc91b.roa (raw, json) Hash identifier: e4eGVytXryC/L6zGFWyOsR8OTaH8X0S859ywMz+ZFZY= Subject key identifier: C5:83:62:A7:EC:2D:47:E6:72:58:F9:93:7E:11:F6:C1:44:29:4F:27 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68CF6F9C824A397829B46A7CF4FF0BAE655C7E62 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c2d40877-6bad-4811-bf05-3515b26fc91b.roa Signing time: Thu 02 May 2024 00:00:00 +0000 ROA not before: Thu 02 May 2024 00:00:00 +0000 ROA not after: Thu 06 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:cf:6f:9c:82:4a:39:78:29:b4:6a:7c:f4:ff:0b:ae:65:5c:7e:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:00 2024 GMT Not After : Jun 6 23:59:59 2024 GMT Subject: serialNumber=e5ce7d41d1c619a1b0ee2702d4a903018bc1cc43e998a9a6a09112e143bd24fb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:bb:fe:ef:3d:2e:9d:e3:f4:af:c7:bf:8a:40: 9d:8c:14:f2:3a:d7:b3:23:00:24:c7:5e:98:75:59: f8:df:cf:55:e4:c0:50:43:c7:1f:81:4f:fd:e0:f5: c7:a2:80:78:7e:de:73:a7:af:40:ec:b2:14:fa:c9: bd:27:4c:05:55:a7:49:64:38:12:95:ba:72:d8:10: 55:7b:54:f5:ce:78:83:de:c6:ac:b0:ff:93:39:d8: bc:2f:f0:2e:6e:49:eb:3d:cd:0c:9c:b6:8a:87:9f: 80:40:2b:83:e8:d2:4d:e4:2a:80:94:8d:3a:ba:b3: 3e:cb:5a:d3:58:0b:ee:3f:0d:ee:08:bd:74:da:e0: 8c:e4:d2:71:74:08:17:30:8c:a5:20:e7:dd:9b:18: c7:d9:7d:7c:5b:11:61:99:cf:47:77:89:17:b3:b8: 9b:9b:45:3e:be:8a:9a:e5:bb:13:e9:7c:46:82:f0: 1f:36:9a:90:d9:53:10:57:c5:64:1f:17:f1:42:8e: d8:56:c9:ba:6e:0f:1b:ed:80:e6:2e:d2:6d:2e:99: ff:56:ed:5d:f0:37:0c:20:90:6c:aa:40:b0:a2:12: 37:cf:3a:ed:53:8f:cf:b6:79:b6:9d:9a:cf:8d:c9: 91:3e:3e:20:b8:c1:11:14:0e:db:c5:01:d2:c8:f0: 59:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:83:62:A7:EC:2D:47:E6:72:58:F9:93:7E:11:F6:C1:44:29:4F:27 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c2d40877-6bad-4811-bf05-3515b26fc91b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4800::/40 Signature Algorithm: sha256WithRSAEncryption 72:73:d1:11:32:47:72:5d:95:58:2f:74:85:fb:86:eb:a6:a4: 3d:ca:1b:d9:20:7e:74:b1:18:3e:46:65:5b:9d:3c:1b:f3:29: ed:28:cb:ae:c4:e0:e6:8e:fc:73:b4:ee:4c:12:6e:20:f4:f1: 62:92:9d:95:f5:7a:57:56:b6:21:27:c0:c8:0b:fc:85:cd:d7: 7c:90:15:c9:01:b6:21:e4:e1:aa:14:a2:15:c3:04:81:06:69: f7:37:23:9a:17:f0:5e:79:88:67:e0:35:ee:c6:f1:fc:f0:d2: 8a:55:cf:b0:54:95:d1:dc:7a:a8:7e:57:e9:2d:ad:78:04:14: 51:0e:8c:8e:23:5c:71:99:b4:86:d6:45:4b:ee:fb:2b:ec:64: 32:54:f6:dd:a9:4d:0b:2c:a1:cf:92:ea:ac:cf:0e:73:2c:de: 81:54:5b:bf:bc:34:86:1e:ea:05:49:ed:67:79:a8:97:e9:ff: 33:98:a1:02:94:21:c9:6e:ce:1d:45:9e:28:ae:b7:ed:06:24: 10:f2:12:3b:44:1e:27:46:10:b8:20:a5:0d:62:19:c6:a4:21: ed:a0:01:cc:fd:de:3c:c8:99:78:b6:b6:a3:ea:6c:a2:e6:b8: 8f:7e:a4:72:7d:43:71:50:e6:e0:f6:32:82:86:7f:b6:90:32: b0:d5:f5:99 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaM9vnIJKOXgptGp89P8LrmVcfmIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMjAwMDAwMFoX DTI0MDYwNjIzNTk1OVowejFJMEcGA1UEBRNAZTVjZTdkNDFkMWM2MTlhMWIwZWUy NzAyZDRhOTAzMDE4YmMxY2M0M2U5OThhOWE2YTA5MTEyZTE0M2JkMjRmYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7v+7z0uneP0r8e/ikCdjBTyOtez IwAkx16YdVn4389V5MBQQ8cfgU/94PXHooB4ft5zp69A7LIU+sm9J0wFVadJZDgS lbpy2BBVe1T1zniD3sassP+TOdi8L/AubknrPc0MnLaKh5+AQCuD6NJN5CqAlI06 urM+y1rTWAvuPw3uCL102uCM5NJxdAgXMIylIOfdmxjH2X18WxFhmc9Hd4kXs7ib m0U+voqa5bsT6XxGgvAfNpqQ2VMQV8VkHxfxQo7YVsm6bg8b7YDmLtJtLpn/Vu1d 8DcMIJBsqkCwohI3zzrtU4/Ptnm2nZrPjcmRPj4guMERFA7bxQHSyPBZSQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMWDYqfsLUfmclj5k34R9sFEKU8nMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MyZDQwODc3LTZiYWQtNDgxMS1iZjA1LTM1MTViMjZmYzkxYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOEgwDQYJKoZIhvcNAQELBQADggEBAHJz0REyR3JdlVgvdIX7 huumpD3KG9kgfnSxGD5GZVudPBvzKe0oy67E4OaO/HO07kwSbiD08WKSnZX1eldW tiEnwMgL/IXN13yQFckBtiHk4aoUohXDBIEGafc3I5oX8F55iGfgNe7G8fzw0opV z7BUldHceqh+V+ktrXgEFFEOjI4jXHGZtIbWRUvu+yvsZDJU9t2pTQssoc+S6qzP DnMs3oFUW7+8NIYe6gVJ7Wd5qJfp/zOYoQKUIcluzh1Fniiut+0GJBDyEjtEHidG ELggpQ1iGcakIe2gAcz93jzImXi2tqPqbKLmuI9+pHJ9Q3FQ5uD2MoKGf7aQMrDV 9Zk= -----END CERTIFICATE-----Generated at Thu May 23 02:37:47 2024 by rpki-client on console-ams.rpki-client.org