$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa File: c7a048e9-67c5-415d-88d4-0acc3454af62.roa (raw, json) Hash identifier: rc2/TQCFiDx67bEJd9e3epiKS6qnyf3eBtWNpHP0Fho= Subject key identifier: D1:B4:40:56:72:4D:2C:81:B1:0B:AF:99:E6:9D:95:28:E6:8C:78:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 50C7BDE42E840761034036753130A75C0971D460 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:c7:bd:e4:2e:84:07:61:03:40:36:75:31:30:a7:5c:09:71:d4:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=fda86c34cbbfaa3aeb95c5aae9b86cb9ae8855ce497c71e7bd73d110b8666347, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ed:86:62:9b:0b:a2:d1:98:5d:86:fb:54:5d: 7d:c2:ec:29:fd:34:45:62:8a:7c:b5:35:5e:0c:f7: 4e:df:bb:96:ce:fa:8b:92:23:2e:64:6f:81:b4:9c: c1:35:c2:65:35:a1:e2:bf:4b:bb:64:18:d3:2a:c2: 18:39:2d:c6:85:fd:fe:dc:b9:da:ca:bd:da:d0:8e: 27:7b:d1:77:1a:d6:b9:2a:43:06:5b:cb:c0:be:d9: d5:31:2f:db:c9:e5:98:ee:af:94:5b:4b:85:df:13: 52:24:a2:e0:00:89:ae:42:18:b3:3f:e4:5a:70:24: ce:c6:3e:87:0e:d6:ef:96:2a:b1:06:b1:84:16:1c: 16:45:6c:6a:a1:a9:88:02:77:c5:aa:5f:97:ab:04: bc:5f:17:5c:d1:9d:36:88:b8:58:6d:80:16:43:fc: 59:77:81:85:d7:28:d3:ae:23:69:9a:d1:ad:c2:3d: b9:fa:8f:d6:d3:97:d2:13:9d:d4:63:53:53:0d:56: d9:80:10:e7:22:ae:1f:83:23:9c:98:ca:d2:b3:f2: b5:f3:ca:8d:25:af:28:f3:73:4f:0a:91:e7:0f:05: 4e:23:36:db:31:a9:c4:c5:15:34:a8:ec:83:6f:fa: 14:7e:e8:9c:18:ad:6e:66:f9:99:a7:d1:2f:b0:78: e4:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:B4:40:56:72:4D:2C:81:B1:0B:AF:99:E6:9D:95:28:E6:8C:78:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:8000::/40 Signature Algorithm: sha256WithRSAEncryption 02:d4:41:05:86:a8:8c:81:cf:8a:9b:b3:51:23:42:a4:10:89: 26:77:17:aa:63:2f:1b:f9:d4:75:8c:ba:e0:ae:73:a4:5b:8e: 3b:a0:6e:fe:d7:5a:0e:40:21:2a:8b:3a:6b:96:55:21:dd:e8: 38:ec:a0:4c:95:d2:a8:ee:6a:f9:fb:c0:dd:3b:f8:4e:88:44: bb:fc:90:55:4d:fd:74:f7:fd:9d:3e:df:70:ec:81:5e:74:d3: 06:63:01:aa:1b:73:82:11:16:87:52:0a:e3:15:be:db:b6:cf: c3:93:3f:85:26:02:31:fa:26:c2:da:78:dd:d2:f6:9e:da:0d: b4:b3:59:37:27:36:d9:29:5d:6c:aa:38:07:2f:45:25:b8:f4: 7d:6f:97:b2:08:15:65:22:89:13:92:50:9d:a1:1c:fc:43:b8: 65:ff:48:49:95:63:a7:3d:c6:17:6f:a3:da:b6:10:da:79:cb: b1:26:e7:1e:f0:18:67:b4:3a:b9:72:2a:44:67:f8:5c:5a:f3: 5d:0b:72:a2:ec:6e:3d:5d:58:00:ef:f3:d8:3d:43:95:48:82: 1f:e7:d3:a6:8d:ff:57:6c:be:e2:f4:03:87:24:82:32:67:96: 67:69:ba:31:f0:63:f3:c5:30:3f:94:af:c1:af:1e:8f:24:59: e3:5d:f4:d0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUMe95C6EB2EDQDZ1MTCnXAlx1GAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAZmRhODZjMzRjYmJmYWEzYWViOTVj NWFhZTliODZjYjlhZTg4NTVjZTQ5N2M3MWU3YmQ3M2QxMTBiODY2NjM0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+2GYpsLotGYXYb7VF19wuwp/TRF Yop8tTVeDPdO37uWzvqLkiMuZG+BtJzBNcJlNaHiv0u7ZBjTKsIYOS3Ghf3+3Lna yr3a0I4ne9F3Gta5KkMGW8vAvtnVMS/byeWY7q+UW0uF3xNSJKLgAImuQhizP+Ra cCTOxj6HDtbvliqxBrGEFhwWRWxqoamIAnfFql+XqwS8Xxdc0Z02iLhYbYAWQ/xZ d4GF1yjTriNpmtGtwj25+o/W05fSE53UY1NTDVbZgBDnIq4fgyOcmMrSs/K188qN Ja8o83NPCpHnDwVOIzbbManExRU0qOyDb/oUfuicGK1uZvmZp9EvsHjkrwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNG0QFZyTSyBsQuvmeadlSjmjHhTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YTA0OGU5LTY3YzUtNDE1ZC04OGQ0LTBhY2MzNDU0YWY2Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/oAwDQYJKoZIhvcNAQELBQADggEBAALUQQWGqIyBz4qbs1Ej QqQQiSZ3F6pjLxv51HWMuuCuc6Rbjjugbv7XWg5AISqLOmuWVSHd6DjsoEyV0qju avn7wN07+E6IRLv8kFVN/XT3/Z0+33DsgV500wZjAaobc4IRFodSCuMVvtu2z8OT P4UmAjH6JsLaeN3S9p7aDbSzWTcnNtkpXWyqOAcvRSW49H1vl7IIFWUiiROSUJ2h HPxDuGX/SEmVY6c9xhdvo9q2ENp5y7Em5x7wGGe0OrlyKkRn+Fxa810LcqLsbj1d WADv89g9Q5VIgh/n06aN/1dsvuL0A4ckgjJnlmdpujHwY/PFMD+Ur8GvHo8kWeNd 9NA= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org