$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cb72aad8-7ed7-4ae9-9686-3f71e3f49e01.roa File: cb72aad8-7ed7-4ae9-9686-3f71e3f49e01.roa (raw, json) Hash identifier: rdK2r8OHwEEWpqlcFuCcKc8GOozL6gaAxhMeDMEQRCg= Subject key identifier: 3F:86:D5:96:4C:8B:5D:94:DF:99:E7:9C:11:2F:45:D5:73:95:DB:8D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D4304D3D5850AD89391D65591C0E18D65ED1038 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cb72aad8-7ed7-4ae9-9686-3f71e3f49e01.roa Signing time: Sat 20 Jul 2024 00:00:00 +0000 ROA not before: Sat 20 Jul 2024 00:00:00 +0000 ROA not after: Sat 24 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:43:04:d3:d5:85:0a:d8:93:91:d6:55:91:c0:e1:8d:65:ed:10:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 20 00:00:00 2024 GMT Not After : Aug 24 23:59:59 2024 GMT Subject: serialNumber=6cb02e4bafac5c206678687d6fd5da0b29c7dc0c2448802e5213bead319db81e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:84:8c:13:98:87:7b:81:ce:c1:ae:65:e4:3c: dc:75:51:78:3b:da:1b:ea:b6:9f:44:8d:57:cb:04: cb:45:43:3d:0e:9f:e1:af:6f:bc:40:78:8a:e7:d6: 28:83:6a:0d:cd:b0:dc:25:0b:ba:0c:b7:fa:04:da: 63:69:df:82:97:a5:80:d9:94:91:16:53:42:1b:6d: f0:f8:8a:25:4e:dd:4e:cb:69:18:6c:ec:9f:c3:be: 61:e3:fc:13:23:b4:06:f9:5c:bb:0e:57:18:81:54: 02:06:13:8d:78:d8:f2:59:19:18:aa:28:ce:ae:01: 30:92:c6:ce:2f:e2:ec:f5:44:5b:b4:04:b8:83:6d: 06:38:d6:b4:77:cb:ff:1a:5c:1a:1d:3b:f6:de:00: 48:e0:a6:80:da:33:3b:c6:d3:a2:dd:91:80:3b:a4: 50:d9:66:09:fa:a7:8e:21:ab:26:8e:64:de:41:bf: 56:1f:79:fb:8c:0a:8e:c1:71:45:e2:ec:14:f4:af: eb:d9:7a:22:e7:bb:6a:12:00:47:7a:f1:4d:eb:44: df:7b:4f:c7:fc:b9:ae:52:5f:82:f7:0a:1f:c0:c9: 46:08:f9:e3:29:fe:f8:f9:ed:9c:9a:bd:00:40:49: 87:2f:73:5c:4f:a2:44:a2:49:6e:68:ab:6e:b7:c5: b1:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:86:D5:96:4C:8B:5D:94:DF:99:E7:9C:11:2F:45:D5:73:95:DB:8D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cb72aad8-7ed7-4ae9-9686-3f71e3f49e01.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:c000::/40 Signature Algorithm: sha256WithRSAEncryption 4b:dc:1a:5e:ff:73:19:49:b6:14:eb:aa:09:22:40:e1:64:2f: 8d:dc:52:b2:4b:07:ae:18:b7:70:49:20:a0:76:f6:73:09:c6: 8f:c7:f3:ec:17:91:8f:2b:4f:8b:f7:ff:44:7f:72:52:eb:a6: 28:6d:47:59:ec:64:c1:9f:b8:81:26:ec:41:e0:31:cb:ae:93: b1:25:5e:05:95:98:47:18:8b:b8:a6:77:1e:c4:af:3b:76:a9: 34:de:8b:2e:7f:2a:a5:82:0e:3f:7b:87:a7:44:f4:d5:2e:65: da:e8:f8:f1:d2:ff:88:bc:ef:66:d2:ef:db:a9:5f:19:ec:cb: 99:91:24:78:53:63:aa:5e:7c:b2:a2:8b:d0:4c:e1:c0:d5:b0: 35:41:d1:fc:d4:42:78:72:d6:3b:f2:e5:54:27:76:5e:25:a7: 94:b6:a4:01:77:44:ac:6a:2e:67:6b:f7:f0:07:89:61:76:f2: ab:6e:56:59:83:8c:8b:87:6a:33:ad:97:f9:f6:4a:48:37:ec: 47:1b:e2:cc:95:0e:c7:91:13:69:09:f0:8c:95:f6:00:04:c4: e4:aa:16:1c:96:be:28:ff:c2:d1:94:5c:5c:dd:37:5d:10:7b: 38:a2:e4:af:13:0d:11:4c:8d:15:15:36:3d:57:d1:c2:3b:90: 33:30:d1:b8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPUME09WFCtiTkdZVkcDhjWXtEDgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcyMDAwMDAwMFoX DTI0MDgyNDIzNTk1OVowejFJMEcGA1UEBRNANmNiMDJlNGJhZmFjNWMyMDY2Nzg2 ODdkNmZkNWRhMGIyOWM3ZGMwYzI0NDg4MDJlNTIxM2JlYWQzMTlkYjgxZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoSME5iHe4HOwa5l5DzcdVF4O9ob 6rafRI1XywTLRUM9Dp/hr2+8QHiK59Yog2oNzbDcJQu6DLf6BNpjad+Cl6WA2ZSR FlNCG23w+IolTt1Oy2kYbOyfw75h4/wTI7QG+Vy7DlcYgVQCBhONeNjyWRkYqijO rgEwksbOL+Ls9URbtAS4g20GONa0d8v/GlwaHTv23gBI4KaA2jM7xtOi3ZGAO6RQ 2WYJ+qeOIasmjmTeQb9WH3n7jAqOwXFF4uwU9K/r2Xoi57tqEgBHevFN60Tfe0/H /LmuUl+C9wofwMlGCPnjKf74+e2cmr0AQEmHL3NcT6JEokluaKtut8WxbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD+G1ZZMi12U35nnnBEvRdVzlduNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NiNzJhYWQ4LTdlZDctNGFlOS05Njg2LTNmNzFlM2Y0OWUwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9sAwDQYJKoZIhvcNAQELBQADggEBAEvcGl7/cxlJthTrqgki QOFkL43cUrJLB64Yt3BJIKB29nMJxo/H8+wXkY8rT4v3/0R/clLrpihtR1nsZMGf uIEm7EHgMcuuk7ElXgWVmEcYi7imdx7Erzt2qTTeiy5/KqWCDj97h6dE9NUuZdro +PHS/4i872bS79upXxnsy5mRJHhTY6pefLKii9BM4cDVsDVB0fzUQnhy1jvy5VQn dl4lp5S2pAF3RKxqLmdr9/AHiWF28qtuVlmDjIuHajOtl/n2Skg37Ecb4syVDseR E2kJ8IyV9gAExOSqFhyWvij/wtGUXFzdN10Qezii5K8TDRFMjRUVNj1X0cI7kDMw 0bg= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:17 2024 by rpki-client on console-fra.rpki-client.org