$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c38cd6ef-d936-4881-ae08-1dfd77740a38.roa File: c38cd6ef-d936-4881-ae08-1dfd77740a38.roa (raw, json) Hash identifier: doTsjO4K3E6my3h82mD2YeAanlBMmTisExg/Tmk8fdY= Subject key identifier: 49:99:B8:8F:17:43:E4:6C:0B:B1:F9:E0:AB:8A:A6:EC:98:F6:58:96 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E7696C693456769119ECF2D249793494B53818A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c38cd6ef-d936-4881-ae08-1dfd77740a38.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:76:96:c6:93:45:67:69:11:9e:cf:2d:24:97:93:49:4b:53:81:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=34dc844e75304ee97eb5e6cd301d4317104cab0b2608993dd7a3b0b2683b284f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:b1:8f:31:2b:b2:08:4f:f5:2a:5d:7a:d1:d6: 14:e6:52:d5:66:ac:34:c1:09:7b:e4:c1:7e:cc:fa: 86:df:0f:11:00:28:75:9f:28:ea:5f:5b:5d:57:df: 60:20:b0:f0:0c:96:36:21:e4:6c:bd:56:e0:02:ec: 46:6e:9a:db:40:1b:b5:df:ff:72:7f:38:73:05:4a: 05:6d:39:14:b3:8a:92:56:72:9a:a2:36:1c:c2:00: f5:42:ac:fa:0c:a4:79:86:e8:df:32:ae:1f:37:cd: 71:b0:47:91:84:75:6e:58:5a:47:37:2e:8c:f7:c9: 7f:bc:a8:ea:c4:5d:0e:74:04:70:e3:a2:5a:44:99: 74:c0:63:65:4d:c3:19:e5:b3:2a:19:88:39:8f:0d: 83:c8:39:cd:44:d2:bf:0d:b9:6c:20:bc:f7:5f:0b: 65:4e:93:0f:fd:41:af:f9:f9:49:78:19:a7:bc:87: 2c:4d:9c:5b:a6:82:ab:23:e0:78:91:9c:cb:70:5c: 86:53:e0:00:a6:bf:53:cc:b2:f7:ba:ca:91:4a:68: 04:ec:9f:b1:64:6f:73:d6:5e:46:80:70:05:54:2b: 23:31:60:53:f3:9c:c9:59:fb:d5:ce:58:ae:a6:19: e5:1c:18:38:b4:57:42:d5:a8:6a:2a:3c:cf:34:0b: d9:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:99:B8:8F:17:43:E4:6C:0B:B1:F9:E0:AB:8A:A6:EC:98:F6:58:96 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c38cd6ef-d936-4881-ae08-1dfd77740a38.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4000::/40 Signature Algorithm: sha256WithRSAEncryption 7c:27:78:4d:99:41:9e:72:dc:fb:49:26:94:3a:6e:35:e3:60: f9:08:4f:cc:12:90:78:f9:d6:a3:68:83:8c:4e:55:52:8a:97: ab:fb:24:80:01:42:70:02:4d:a5:88:16:ae:6b:e8:4c:ad:f6: 6d:c2:6f:3e:2c:d8:b3:9f:47:4e:94:9f:bb:76:21:5b:20:37: f2:5a:49:e3:c7:13:19:64:cd:7f:38:cd:19:cb:f3:91:57:e5: d0:ad:64:d0:8f:ae:a3:5b:90:6e:f7:09:c8:5c:9f:2f:6c:22: c1:0b:19:fc:b5:7d:bf:72:a0:4a:f5:6f:cb:cb:07:bf:4d:53: 6f:92:ba:22:39:6a:e4:ce:66:22:7e:fd:72:40:36:ef:8b:45: 49:40:9c:51:bf:d3:90:41:f4:2d:42:e2:c5:86:3f:a3:ad:ee: a4:6b:39:f2:55:c1:bf:b9:03:bd:b1:8a:13:4c:59:07:f2:1c: 73:45:f0:df:c9:b5:d4:d8:71:31:dd:34:df:24:ab:bd:83:81: 8f:cc:ec:7a:58:19:0d:18:c2:eb:f5:54:88:05:89:46:66:f9: e1:57:0e:31:2d:02:30:e6:2b:45:29:51:82:b9:81:be:11:47: f8:f0:43:d9:59:bf:e6:b6:11:8c:fa:72:48:07:05:a6:02:02: ae:09:b9:09 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHnaWxpNFZ2kRns8tJJeTSUtTgYowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAMzRkYzg0NGU3NTMwNGVlOTdlYjVl NmNkMzAxZDQzMTcxMDRjYWIwYjI2MDg5OTNkZDdhM2IwYjI2ODNiMjg0ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrGPMSuyCE/1Kl160dYU5lLVZqw0 wQl75MF+zPqG3w8RACh1nyjqX1tdV99gILDwDJY2IeRsvVbgAuxGbprbQBu13/9y fzhzBUoFbTkUs4qSVnKaojYcwgD1Qqz6DKR5hujfMq4fN81xsEeRhHVuWFpHNy6M 98l/vKjqxF0OdARw46JaRJl0wGNlTcMZ5bMqGYg5jw2DyDnNRNK/DblsILz3Xwtl TpMP/UGv+flJeBmnvIcsTZxbpoKrI+B4kZzLcFyGU+AApr9TzLL3usqRSmgE7J+x ZG9z1l5GgHAFVCsjMWBT85zJWfvVzliuphnlHBg4tFdC1ahqKjzPNAvZGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEmZuI8XQ+RsC7H54KuKpuyY9liWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MzOGNkNmVmLWQ5MzYtNDg4MS1hZTA4LTFkZmQ3Nzc0MGEzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEAwDQYJKoZIhvcNAQELBQADggEBAHwneE2ZQZ5y3PtJJpQ6 bjXjYPkIT8wSkHj51qNog4xOVVKKl6v7JIABQnACTaWIFq5r6Eyt9m3Cbz4s2LOf R06Un7t2IVsgN/JaSePHExlkzX84zRnL85FX5dCtZNCPrqNbkG73Cchcny9sIsEL Gfy1fb9yoEr1b8vLB79NU2+SuiI5auTOZiJ+/XJANu+LRUlAnFG/05BB9C1C4sWG P6Ot7qRrOfJVwb+5A72xihNMWQfyHHNF8N/JtdTYcTHdNN8kq72DgY/M7HpYGQ0Y wuv1VIgFiUZm+eFXDjEtAjDmK0UpUYK5gb4RR/jwQ9lZv+a2EYz6ckgHBaYCAq4J uQk= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org