$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5b142c8-152a-44c1-8d16-8f131bc73b00.roa File: c5b142c8-152a-44c1-8d16-8f131bc73b00.roa (raw, json) Hash identifier: 5rO1zIf2ybsmMygoiz5ZFIrA21CF5H8EeVzMzED/5t0= Subject key identifier: 1A:D3:28:85:6E:E7:C4:E1:BA:31:21:16:B4:86:A1:75:44:51:E8:A9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 45A3477A853B26816B1C9473628EF3AA67467016 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5b142c8-152a-44c1-8d16-8f131bc73b00.roa Signing time: Wed 28 Aug 2024 00:00:00 +0000 ROA not before: Wed 28 Aug 2024 00:00:00 +0000 ROA not after: Wed 02 Oct 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Sep 2024 00:08:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:a3:47:7a:85:3b:26:81:6b:1c:94:73:62:8e:f3:aa:67:46:70:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 28 00:00:00 2024 GMT Not After : Oct 2 23:59:59 2024 GMT Subject: serialNumber=d8f675c88dae5b034ff5efda0e4235e04c01eaf2285997fba3e57ae17ea3ccef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:34:7e:56:9d:56:ac:7f:5b:12:8a:15:da:d5: 12:db:bd:f6:cf:06:5b:ea:cf:b4:d9:2e:69:d7:50: 19:68:85:ff:67:29:9e:99:d3:52:20:12:13:76:08: 4d:31:20:17:cd:b3:10:41:e7:47:05:cc:0f:a0:36: f3:87:dd:9c:09:b2:93:60:bb:fa:8d:47:d4:bf:2f: 3a:55:27:fa:c9:01:4e:26:e8:1e:be:e6:de:9f:fc: 86:9b:bc:9a:12:cc:04:09:a0:37:5a:49:b3:04:fa: 92:3c:df:66:12:27:40:77:52:c0:3f:0e:bd:fa:32: 4e:b0:8b:4c:0c:a8:b0:27:bb:40:78:c5:1b:e0:e2: 63:2f:cf:e8:2c:31:2c:bf:50:91:e0:c0:79:f3:15: 9f:70:6e:1c:6a:10:68:2a:4d:49:02:77:d2:19:ef: c6:8b:b1:02:b9:6f:03:f1:2a:92:4f:11:e4:e3:34: 99:dc:3a:ee:66:c4:3f:d4:1b:7a:59:8f:aa:6c:54: 43:69:44:be:9e:4a:fb:83:b1:d2:f0:6e:41:5d:48: 77:28:ec:32:75:8f:fd:1e:84:bb:1a:1a:84:3f:f1: fb:76:af:e5:f5:da:e3:3e:4d:ba:64:3e:33:40:17: 88:79:a3:ae:50:25:62:0c:57:fc:05:4e:33:27:9f: 99:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:D3:28:85:6E:E7:C4:E1:BA:31:21:16:B4:86:A1:75:44:51:E8:A9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5b142c8-152a-44c1-8d16-8f131bc73b00.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 81:a3:b9:77:98:09:c0:db:f4:31:f1:5c:8b:be:6e:d2:d6:60: 0e:b5:4c:74:ab:21:35:fe:94:10:f0:4c:29:c3:c1:06:99:5a: 8e:21:51:95:6e:18:f7:a5:01:0d:02:39:a0:36:81:8f:f0:7f: 09:a0:37:f7:5e:b0:93:10:b1:32:b9:39:e7:9d:b9:b7:df:43: 30:8b:2a:11:43:90:54:36:2a:cf:8e:bb:40:3a:70:5c:95:4e: 35:ce:a4:e8:23:4f:9f:fa:64:aa:e9:73:b3:b1:f3:00:12:0c: 57:00:59:f2:b3:8c:e7:53:94:23:0f:72:a1:8e:28:dc:42:7c: f6:b1:63:c2:15:0a:7d:4f:2a:a2:77:c5:4e:8b:ba:85:34:86: 66:97:19:79:16:a2:b6:22:84:84:d9:6a:5e:19:91:d8:7e:22: b6:a8:9a:ec:4b:37:bc:8e:fc:58:ce:12:2e:c5:41:35:e0:a5: 50:f3:b5:36:40:94:49:1a:f5:f3:52:17:97:be:23:65:e1:5c: 32:cc:41:6b:fa:75:a6:84:ae:77:59:7c:0d:df:a6:81:8f:8b: 9d:aa:d7:44:16:fe:96:d0:38:6f:4f:f2:d9:b3:3f:34:a2:d9: da:ff:84:b9:5d:1c:cf:06:3b:57:f9:a2:0e:75:bb:f4:12:a0: 58:6f:be:99 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURaNHeoU7JoFrHJRzYo7zqmdGcBYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDgyODAwMDAwMFoX DTI0MTAwMjIzNTk1OVowejFJMEcGA1UEBRNAZDhmNjc1Yzg4ZGFlNWIwMzRmZjVl ZmRhMGU0MjM1ZTA0YzAxZWFmMjI4NTk5N2ZiYTNlNTdhZTE3ZWEzY2NlZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjR+Vp1WrH9bEooV2tUS2732zwZb 6s+02S5p11AZaIX/ZymemdNSIBITdghNMSAXzbMQQedHBcwPoDbzh92cCbKTYLv6 jUfUvy86VSf6yQFOJugevuben/yGm7yaEswECaA3WkmzBPqSPN9mEidAd1LAPw69 +jJOsItMDKiwJ7tAeMUb4OJjL8/oLDEsv1CR4MB58xWfcG4cahBoKk1JAnfSGe/G i7ECuW8D8SqSTxHk4zSZ3DruZsQ/1Bt6WY+qbFRDaUS+nkr7g7HS8G5BXUh3KOwy dY/9HoS7GhqEP/H7dq/l9drjPk26ZD4zQBeIeaOuUCViDFf8BU4zJ5+ZkwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBrTKIVu58ThujEhFrSGoXVEUeipMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M1YjE0MmM4LTE1MmEtNDRjMS04ZDE2LThmMTMxYmM3M2IwMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba94DAMA0GCSqGSIb3DQEBCwUAA4IBAQCBo7l3mAnA2/Qx8VyL vm7S1mAOtUx0qyE1/pQQ8Ewpw8EGmVqOIVGVbhj3pQENAjmgNoGP8H8JoDf3XrCT ELEyuTnnnbm330MwiyoRQ5BUNirPjrtAOnBclU41zqToI0+f+mSq6XOzsfMAEgxX AFnys4znU5QjD3KhjijcQnz2sWPCFQp9Tyqid8VOi7qFNIZmlxl5FqK2IoSE2Wpe GZHYfiK2qJrsSze8jvxYzhIuxUE14KVQ87U2QJRJGvXzUheXviNl4VwyzEFr+nWm hK53WXwN36aBj4udqtdEFv6W0DhvT/LZsz80otna/4S5XRzPBjtX+aIOdbv0EqBY b76Z -----END CERTIFICATE-----Generated at Sat Sep 7 02:13:02 2024 by rpki-client on console-fra.rpki-client.org