$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa File: c7a048e9-67c5-415d-88d4-0acc3454af62.roa (raw, json) Hash identifier: AkSAZFGreEqcI6nR0yqBHQbcpzX6Yo6iTnkoS9g6fRw= Subject key identifier: F7:17:0B:B0:E3:A0:30:50:A8:6B:46:85:82:6C:7C:35:E1:67:1F:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7498568A1362D3E31EE50392D15FDAA6ED1C6D2E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:98:56:8a:13:62:d3:e3:1e:e5:03:92:d1:5f:da:a6:ed:1c:6d:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=c332318059dcbdafbe10d15a4a17e162a90c2098c504de5fb2260e0f7b57384f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c9:bc:38:b9:34:69:51:0f:03:09:8c:09:92: a7:ff:7c:fc:fc:65:53:d5:22:d9:19:66:9c:ee:3d: 73:da:3b:98:51:53:29:bf:47:a8:94:e5:b8:45:0a: 9e:67:da:1c:9a:88:72:0a:1d:73:e4:bc:db:eb:4e: d0:74:76:12:e8:6b:70:20:62:d8:45:9f:5c:38:58: 8b:e1:54:da:e3:fa:9d:d1:2d:90:14:12:91:33:a4: ad:3f:70:86:77:6f:09:e4:f0:06:16:53:b4:89:91: 14:3e:de:26:85:63:5c:17:d3:2d:e2:50:dd:bb:6c: b8:00:bb:f3:df:99:4a:3d:d6:24:b9:df:42:13:7b: 89:bf:8e:5d:18:08:31:66:26:77:66:f7:78:b8:6f: 11:b5:b8:23:de:44:43:dc:89:99:c9:1c:b4:bd:3f: ce:fa:04:5f:67:7f:74:b6:d4:ea:41:d8:c6:2c:bc: e0:59:99:ef:20:64:a0:72:3a:76:04:fc:7c:2b:ad: e5:56:78:ed:98:6b:27:ee:93:94:c5:42:f7:74:de: 61:73:94:25:23:31:4d:b8:51:31:8b:84:a8:b3:8c: 6a:bd:98:f0:83:69:7f:d1:5d:73:e9:75:ee:9d:30: 2e:8b:de:ed:39:66:5d:16:71:fa:ab:a1:e6:bc:c1: aa:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:17:0B:B0:E3:A0:30:50:A8:6B:46:85:82:6C:7C:35:E1:67:1F:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:8000::/40 Signature Algorithm: sha256WithRSAEncryption 7e:2d:2f:2c:87:b8:69:b1:f6:f7:96:99:da:dd:0b:c6:8a:cd: 3e:76:75:7a:f8:17:d6:fd:63:ef:97:37:5d:49:fd:63:61:9e: d0:27:95:52:62:8c:a2:cb:00:2f:58:55:f4:5c:26:24:3a:82: 46:c4:8e:46:74:67:d3:ab:42:dd:89:6c:22:13:c3:8b:74:cf: 84:db:1f:59:d7:6b:bf:dd:22:47:b3:c8:69:3f:ac:cf:fc:42: fa:a2:0b:0e:3c:5b:a0:6c:b1:09:df:55:7e:33:22:7a:4c:5c: be:61:27:93:b6:6a:e2:05:d2:d7:51:f6:13:8a:88:31:d5:12: be:53:ce:c7:e5:ff:1d:f2:42:a3:2e:5c:cb:df:5b:aa:9e:3d: 69:05:0e:04:71:1f:2b:59:e3:8f:e6:5c:f4:cc:a1:4a:99:10: 6f:59:0d:d7:35:7e:18:19:c1:75:d8:26:5c:63:28:11:19:81: bd:e4:1a:9e:56:14:64:c0:d1:67:46:45:38:ac:64:04:90:32: 2e:60:70:3b:4d:a8:80:4a:b1:57:ce:60:22:83:ba:54:8a:86: d8:be:40:5d:e0:65:08:95:39:61:ee:cd:0c:0f:35:1f:cb:21: b3:b9:11:16:a9:9e:5d:f1:be:93:5d:4f:19:23:18:67:af:b0: fd:fc:ac:6e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdJhWihNi0+Me5QOS0V/apu0cbS4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAYzMzMjMxODA1OWRjYmRhZmJlMTBk MTVhNGExN2UxNjJhOTBjMjA5OGM1MDRkZTVmYjIyNjBlMGY3YjU3Mzg0ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsm8OLk0aVEPAwmMCZKn/3z8/GVT 1SLZGWac7j1z2juYUVMpv0eolOW4RQqeZ9ocmohyCh1z5Lzb607QdHYS6GtwIGLY RZ9cOFiL4VTa4/qd0S2QFBKRM6StP3CGd28J5PAGFlO0iZEUPt4mhWNcF9Mt4lDd u2y4ALvz35lKPdYkud9CE3uJv45dGAgxZiZ3Zvd4uG8Rtbgj3kRD3ImZyRy0vT/O +gRfZ390ttTqQdjGLLzgWZnvIGSgcjp2BPx8K63lVnjtmGsn7pOUxUL3dN5hc5Ql IzFNuFExi4Sos4xqvZjwg2l/0V1z6XXunTAui97tOWZdFnH6q6HmvMGqwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPcXC7DjoDBQqGtGhYJsfDXhZx+dMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YTA0OGU5LTY3YzUtNDE1ZC04OGQ0LTBhY2MzNDU0YWY2Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/oAwDQYJKoZIhvcNAQELBQADggEBAH4tLyyHuGmx9veWmdrd C8aKzT52dXr4F9b9Y++XN11J/WNhntAnlVJijKLLAC9YVfRcJiQ6gkbEjkZ0Z9Or Qt2JbCITw4t0z4TbH1nXa7/dIkezyGk/rM/8QvqiCw48W6BssQnfVX4zInpMXL5h J5O2auIF0tdR9hOKiDHVEr5Tzsfl/x3yQqMuXMvfW6qePWkFDgRxHytZ44/mXPTM oUqZEG9ZDdc1fhgZwXXYJlxjKBEZgb3kGp5WFGTA0WdGRTisZASQMi5gcDtNqIBK sVfOYCKDulSKhti+QF3gZQiVOWHuzQwPNR/LIbO5ERapnl3xvpNdTxkjGGevsP38 rG4= -----END CERTIFICATE-----Generated at Thu Apr 25 00:30:40 2024 by rpki-client on console-fra.rpki-client.org