$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c4d437d8-9f85-4f44-8dad-68b1ce24fa4d.roa File: c4d437d8-9f85-4f44-8dad-68b1ce24fa4d.roa (raw, json) Hash identifier: Re7NTdRy05BtK0zo8uNoCw1m+1PZPOaMT96zRHt+BBI= Subject key identifier: E8:CF:F7:F2:D9:44:0F:F3:67:CC:6E:C0:7A:82:94:A2:61:0E:6A:90 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 01A8163C58CD1C0A5514BA4102D1CD2ED04B3EB2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c4d437d8-9f85-4f44-8dad-68b1ce24fa4d.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:a8:16:3c:58:cd:1c:0a:55:14:ba:41:02:d1:cd:2e:d0:4b:3e:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=fe42f5c32340db4f98d5396342756d1c87df7af81be8f1b73c60abe938db2118, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:1a:e1:51:af:8f:a7:84:b8:7f:19:5f:81:2f: 06:b9:01:4d:6b:e0:44:79:2f:1b:61:a6:fa:d4:92: d9:41:e3:04:ab:a8:06:09:86:93:89:9f:8d:fb:68: 80:61:da:15:98:c9:14:59:42:fe:1e:5f:20:62:63: a4:d1:6d:93:e2:45:65:20:55:dc:a3:11:b9:d3:9b: 01:72:7e:af:ad:5a:ca:ba:58:a3:cf:cc:6e:75:a9: fa:6a:31:5e:9c:32:76:ec:fc:30:b2:03:57:02:ab: 64:f1:00:b2:ef:b3:57:34:4d:9a:9f:c0:7b:59:87: c5:aa:de:ce:13:86:a7:a3:c0:c4:c9:7a:63:63:d1: 6e:7e:8c:09:2b:97:af:c0:46:17:0f:81:7e:5f:0a: 2b:14:77:3f:31:5e:df:fe:de:38:7f:56:b8:a8:5d: 2e:5d:3c:ed:07:b4:ae:81:95:b2:05:ec:cc:d9:1c: 90:ad:46:aa:15:cc:ca:72:dc:6c:94:23:14:c5:25: 3f:38:24:59:90:93:ee:51:84:0c:72:ad:ef:14:0e: 16:3d:3b:d6:6d:2a:42:d3:0c:0d:da:ed:94:7c:58: 0c:6c:31:a8:a2:17:1c:0c:af:4b:66:fc:7d:05:15: f1:5c:6b:58:57:b4:f5:5d:07:8b:69:5b:04:63:b0: 13:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:CF:F7:F2:D9:44:0F:F3:67:CC:6E:C0:7A:82:94:A2:61:0E:6A:90 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c4d437d8-9f85-4f44-8dad-68b1ce24fa4d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:8000::/40 Signature Algorithm: sha256WithRSAEncryption 68:26:a8:74:53:e3:cd:b9:93:05:27:20:2f:f4:fb:b1:78:b9: 71:2a:a3:e1:7c:09:4d:9a:bd:40:81:0d:58:98:38:17:28:d0: cf:a3:3b:e0:9d:1b:bd:f0:e8:76:45:00:9a:e7:e0:51:24:60: ee:94:47:03:25:fe:22:bb:28:75:99:eb:ee:45:c7:ea:dc:e4: 8d:df:48:4e:29:cb:7e:88:bb:d3:9e:74:3f:64:6b:f1:0b:99: 45:79:5a:64:6b:42:ab:d8:06:14:36:4d:67:eb:0b:fd:d9:ae: 65:39:a0:57:2a:b8:ac:24:31:b8:27:cc:50:c5:a5:4e:c1:06: ca:e5:00:c7:12:35:a5:6f:ab:ae:b7:99:6f:56:e9:f4:08:a8: bf:50:d6:59:98:45:98:b3:eb:66:35:ea:82:6b:7e:b3:ec:8c: 0f:72:ae:5a:d2:9d:9b:6f:43:85:22:45:e1:8f:e8:c4:d7:a7: ed:fc:ac:29:b3:e1:46:30:48:d4:4c:3f:94:26:8e:28:db:46: 32:53:19:5c:94:d0:8f:1e:00:09:0d:50:c7:10:40:73:08:7d: 12:14:30:8a:5d:8d:35:0e:50:29:d8:3b:65:d3:6b:0a:d3:41: 56:5b:2b:98:29:97:8a:2f:84:8e:cc:76:d5:4a:81:dd:ff:d0: 97:a8:6c:66 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAagWPFjNHApVFLpBAtHNLtBLPrIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAZmU0MmY1YzMyMzQwZGI0Zjk4ZDUz OTYzNDI3NTZkMWM4N2RmN2FmODFiZThmMWI3M2M2MGFiZTkzOGRiMjExODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxrhUa+Pp4S4fxlfgS8GuQFNa+BE eS8bYab61JLZQeMEq6gGCYaTiZ+N+2iAYdoVmMkUWUL+Hl8gYmOk0W2T4kVlIFXc oxG505sBcn6vrVrKulijz8xudan6ajFenDJ27PwwsgNXAqtk8QCy77NXNE2an8B7 WYfFqt7OE4ano8DEyXpjY9FufowJK5evwEYXD4F+XworFHc/MV7f/t44f1a4qF0u XTztB7SugZWyBezM2RyQrUaqFczKctxslCMUxSU/OCRZkJPuUYQMcq3vFA4WPTvW bSpC0wwN2u2UfFgMbDGoohccDK9LZvx9BRXxXGtYV7T1XQeLaVsEY7ATWQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOjP9/LZRA/zZ8xuwHqClKJhDmqQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M0ZDQzN2Q4LTlmODUtNGY0NC04ZGFkLTY4YjFjZTI0ZmE0ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/IAwDQYJKoZIhvcNAQELBQADggEBAGgmqHRT4825kwUnIC/0 +7F4uXEqo+F8CU2avUCBDViYOBco0M+jO+CdG73w6HZFAJrn4FEkYO6URwMl/iK7 KHWZ6+5Fx+rc5I3fSE4py36Iu9OedD9ka/ELmUV5WmRrQqvYBhQ2TWfrC/3ZrmU5 oFcquKwkMbgnzFDFpU7BBsrlAMcSNaVvq663mW9W6fQIqL9Q1lmYRZiz62Y16oJr frPsjA9yrlrSnZtvQ4UiReGP6MTXp+38rCmz4UYwSNRMP5QmjijbRjJTGVyU0I8e AAkNUMcQQHMIfRIUMIpdjTUOUCnYO2XTawrTQVZbK5gpl4ovhI7MdtVKgd3/0Jeo bGY= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:16 2024 by rpki-client on console-fra.rpki-client.org