$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c38cd6ef-d936-4881-ae08-1dfd77740a38.roa File: c38cd6ef-d936-4881-ae08-1dfd77740a38.roa (raw, json) Hash identifier: EKzsD0qjRiysjvBJE6yD9HQ6G0hJh0VeWJJDWWlmBso= Subject key identifier: D3:C6:FD:F0:D1:B2:A8:00:56:DD:38:18:7B:0E:3C:9A:FB:92:D0:E0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E61C482AEB9949738AFAFC75FF5F5AA48C9A276 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c38cd6ef-d936-4881-ae08-1dfd77740a38.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Apr 2024 00:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:61:c4:82:ae:b9:94:97:38:af:af:c7:5f:f5:f5:aa:48:c9:a2:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=47e8e04666fc169e2c222bbfaec7b5752a3005d137f0fadbd6cffd7c5723a114, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:33:cf:28:11:2c:33:72:da:a6:cf:1e:35:53: 4f:1f:9c:5b:9e:4f:e3:e9:88:36:0d:fe:1b:64:3d: df:0b:9c:a0:78:fb:80:71:f1:77:96:9d:e8:2d:a8: 45:99:81:02:c6:e2:99:2f:c0:6f:ea:80:ce:32:05: c8:d5:75:9e:c9:01:bf:b9:ce:0f:3c:84:bc:92:26: 53:9b:9d:0f:2a:5c:d7:66:21:e8:83:06:b7:78:a5: 9d:05:61:32:c2:ae:2d:62:24:ed:6f:4d:1e:16:d5: 5c:50:9a:0b:39:c1:14:f3:5e:ce:16:af:81:f5:a4: 9c:a6:2b:28:52:9f:28:b0:c7:c8:42:20:9b:94:41: 7b:71:fd:b2:eb:05:93:7c:e7:24:99:1d:b7:44:3a: 73:25:a6:5a:b0:b7:4d:ea:f0:2f:09:c1:19:a9:7d: 96:ac:3a:fc:0b:35:28:db:2d:91:62:a3:f6:d6:58: 14:8d:75:a3:13:17:2c:41:df:ca:a0:62:46:23:14: e6:e2:cd:7c:4c:31:ec:3d:4a:d2:46:49:61:d0:83: 31:a4:b1:26:73:6d:97:ab:b1:9d:0a:91:fd:ea:11: d0:bf:f9:30:1d:19:ed:b6:93:96:da:ec:c6:09:a6: 35:e0:8d:ee:a9:d9:46:e4:9b:f5:bb:92:73:63:5f: e6:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:C6:FD:F0:D1:B2:A8:00:56:DD:38:18:7B:0E:3C:9A:FB:92:D0:E0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c38cd6ef-d936-4881-ae08-1dfd77740a38.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4000::/40 Signature Algorithm: sha256WithRSAEncryption 71:24:a7:d7:88:ed:81:ca:c9:18:5c:b3:c6:58:31:82:fb:61: b6:34:91:db:87:04:96:de:6b:8c:7a:5e:1e:94:e2:70:a6:5f: 9e:18:df:33:f3:e0:ff:51:5f:00:78:0c:a5:20:d3:ff:c1:64: 6b:44:aa:09:5f:82:40:83:7c:0c:0c:55:42:77:4f:1b:2e:c7: e7:e7:27:46:8e:a9:71:e2:ff:e0:05:52:32:12:c3:cd:38:8d: 0c:b3:94:3a:b5:99:bd:18:6d:e2:a0:b2:68:61:6c:9a:6f:04: 1e:79:f6:c3:e9:d2:dc:f1:e9:35:3a:08:03:2a:bb:cf:43:bc: 74:de:d8:ec:c4:e8:9a:46:a7:73:5c:b0:8f:cc:95:6c:7f:e0: 62:87:9a:84:c2:ca:f1:59:20:a0:33:9e:7c:fc:7a:fa:ce:fc: 08:3d:e3:4e:bc:c6:e0:e0:a7:ab:34:90:6a:b4:5b:7b:5e:f3: 76:d6:1a:23:77:db:1f:60:77:2b:a4:47:f3:e7:3b:4c:ce:29: 13:aa:7c:c6:90:57:43:84:da:16:ec:9d:50:90:be:3d:1c:58: e3:08:a9:b8:ab:3e:45:f4:69:e0:28:0f:d9:6c:d6:d1:e8:ff: 4b:73:03:88:c8:bf:b5:2e:0e:81:dc:90:95:8f:4a:71:b1:0f: ef:86:cb:5f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbmHEgq65lJc4r6/HX/X1qkjJonYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNANDdlOGUwNDY2NmZjMTY5ZTJjMjIy YmJmYWVjN2I1NzUyYTMwMDVkMTM3ZjBmYWRiZDZjZmZkN2M1NzIzYTExNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zPPKBEsM3Laps8eNVNPH5xbnk/j 6Yg2Df4bZD3fC5ygePuAcfF3lp3oLahFmYECxuKZL8Bv6oDOMgXI1XWeyQG/uc4P PIS8kiZTm50PKlzXZiHogwa3eKWdBWEywq4tYiTtb00eFtVcUJoLOcEU817OFq+B 9aScpisoUp8osMfIQiCblEF7cf2y6wWTfOckmR23RDpzJaZasLdN6vAvCcEZqX2W rDr8CzUo2y2RYqP21lgUjXWjExcsQd/KoGJGIxTm4s18TDHsPUrSRklh0IMxpLEm c22Xq7GdCpH96hHQv/kwHRnttpOW2uzGCaY14I3uqdlG5Jv1u5JzY1/miQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNPG/fDRsqgAVt04GHsOPJr7ktDgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MzOGNkNmVmLWQ5MzYtNDg4MS1hZTA4LTFkZmQ3Nzc0MGEzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEAwDQYJKoZIhvcNAQELBQADggEBAHEkp9eI7YHKyRhcs8ZY MYL7YbY0kduHBJbea4x6Xh6U4nCmX54Y3zPz4P9RXwB4DKUg0//BZGtEqglfgkCD fAwMVUJ3Txsux+fnJ0aOqXHi/+AFUjISw804jQyzlDq1mb0YbeKgsmhhbJpvBB55 9sPp0tzx6TU6CAMqu89DvHTe2OzE6JpGp3NcsI/MlWx/4GKHmoTCyvFZIKAznnz8 evrO/Ag94068xuDgp6s0kGq0W3te83bWGiN32x9gdyukR/PnO0zOKROqfMaQV0OE 2hbsnVCQvj0cWOMIqbirPkX0aeAoD9ls1tHo/0tzA4jIv7UuDoHckJWPSnGxD++G y18= -----END CERTIFICATE-----Generated at Fri Apr 26 11:00:09 2024 by rpki-client on console-ams.rpki-client.org