$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbb078e9-a430-471e-97da-98312e84ae50.roa File: cbb078e9-a430-471e-97da-98312e84ae50.roa (raw, json) Hash identifier: 4LPj3ewZh+5OltwS75idLxD/pQXV6W54w2b11E+dMyk= Subject key identifier: DF:05:2B:79:25:0B:F3:04:65:D2:CD:AF:B0:0E:48:46:CF:58:CF:10 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 10FF31895D4AF41C18EC54CB541E3249228AA3A1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbb078e9-a430-471e-97da-98312e84ae50.roa Signing time: Sat 20 Jul 2024 00:00:00 +0000 ROA not before: Sat 20 Jul 2024 00:00:00 +0000 ROA not after: Sat 24 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:ff:31:89:5d:4a:f4:1c:18:ec:54:cb:54:1e:32:49:22:8a:a3:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 20 00:00:00 2024 GMT Not After : Aug 24 23:59:59 2024 GMT Subject: serialNumber=8f0954c283e294fd8ddb447f76ad4b6e1824e339024c1642fb430b0d2acbb7f0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:5b:a0:f3:74:0f:29:ba:57:96:9b:3d:7f:1a: ab:a3:a8:28:90:be:43:18:e0:58:d4:57:52:b8:d7: f5:88:d8:98:1e:cb:a0:8f:20:f6:20:10:51:c4:ef: 9d:6b:3b:7d:11:76:56:d8:0f:d6:ca:51:54:55:af: c4:15:13:cd:eb:43:ea:18:04:3a:94:1e:e5:92:7f: e3:fd:bb:75:cb:72:05:75:4b:a1:85:1e:9c:73:65: 59:7c:1f:91:7d:0d:58:16:76:b1:3e:12:77:81:72: a2:df:d5:77:95:82:48:3d:2d:22:f4:91:88:11:39: 02:a2:91:a5:7b:90:a3:73:aa:a9:91:b9:7a:bb:45: 77:89:1d:53:07:ce:f5:09:4e:9e:ce:5f:d9:cf:b5: db:4d:b9:d7:a7:c0:9c:5c:a7:fa:5a:d3:fe:88:0f: fb:73:4e:af:1a:4f:d8:5b:af:09:fa:f6:cd:31:43: b8:c0:94:d8:ca:43:82:72:cb:32:81:25:fa:c0:cd: 61:7a:8d:ce:8c:31:98:a5:43:b9:bb:ab:1c:b0:c4: 68:1e:88:9c:95:5a:04:9c:1c:82:61:4b:e6:af:93: 36:d4:df:ca:50:c6:ea:23:b0:ee:ff:9b:23:ce:fe: 62:34:9c:ca:dd:ce:0d:e1:44:bd:28:de:f3:4b:d6: eb:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:05:2B:79:25:0B:F3:04:65:D2:CD:AF:B0:0E:48:46:CF:58:CF:10 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbb078e9-a430-471e-97da-98312e84ae50.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:4000::/40 Signature Algorithm: sha256WithRSAEncryption af:0c:49:9a:a7:f5:67:16:c0:40:a4:8f:a3:52:32:7c:fb:67: 8a:ea:47:3a:40:24:2c:29:b1:ff:1d:39:2f:04:2d:cf:88:53: 84:d0:ea:93:f8:22:cb:90:c9:d8:ca:e7:06:5e:fc:b2:aa:07: 1f:17:c8:1b:f8:c7:80:76:ec:c5:ee:af:b0:36:dd:6f:04:c9: 29:0d:c6:37:5f:bc:f0:8f:0e:78:5b:22:26:89:5a:76:d1:1b: 3c:0d:41:87:17:d2:14:53:c9:0b:82:9d:02:26:a9:2b:76:0f: 33:43:ec:c6:be:bb:31:19:6f:6b:5e:2c:c6:be:b1:6b:bd:03: 0e:9d:50:98:9c:3b:e8:cd:92:5f:a6:45:6d:95:6f:9f:b6:47: 9b:44:bc:e6:a1:9e:44:4e:51:7b:24:59:5a:ed:33:a5:66:c5: 86:15:1e:24:7a:f3:db:74:5c:2d:96:67:85:b9:c7:a6:cc:df: 3b:f9:b5:3e:e4:84:ab:9f:38:44:94:50:b1:00:2b:67:67:ed: e1:b1:40:9d:c1:9a:b3:86:87:26:ab:29:20:62:f8:3b:60:c3: db:3e:f8:29:1b:6d:7c:24:3a:e5:49:6b:b4:55:7c:a0:57:17: 9c:91:ba:30:84:d2:3e:ed:df:34:77:79:d3:7a:15:75:3f:ba: fb:b6:22:d0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEP8xiV1K9BwY7FTLVB4ySSKKo6EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcyMDAwMDAwMFoX DTI0MDgyNDIzNTk1OVowejFJMEcGA1UEBRNAOGYwOTU0YzI4M2UyOTRmZDhkZGI0 NDdmNzZhZDRiNmUxODI0ZTMzOTAyNGMxNjQyZmI0MzBiMGQyYWNiYjdmMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlug83QPKbpXlps9fxqro6gokL5D GOBY1FdSuNf1iNiYHsugjyD2IBBRxO+dazt9EXZW2A/WylFUVa/EFRPN60PqGAQ6 lB7lkn/j/bt1y3IFdUuhhR6cc2VZfB+RfQ1YFnaxPhJ3gXKi39V3lYJIPS0i9JGI ETkCopGle5Cjc6qpkbl6u0V3iR1TB871CU6ezl/Zz7XbTbnXp8CcXKf6WtP+iA/7 c06vGk/YW68J+vbNMUO4wJTYykOCcssygSX6wM1heo3OjDGYpUO5u6scsMRoHoic lVoEnByCYUvmr5M21N/KUMbqI7Du/5sjzv5iNJzK3c4N4US9KN7zS9brlQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN8FK3klC/MEZdLNr7AOSEbPWM8QMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NiYjA3OGU5LWE0MzAtNDcxZS05N2RhLTk4MzEyZTg0YWU1MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaUAwDQYJKoZIhvcNAQELBQADggEBAK8MSZqn9WcWwECkj6NS Mnz7Z4rqRzpAJCwpsf8dOS8ELc+IU4TQ6pP4IsuQydjK5wZe/LKqBx8XyBv4x4B2 7MXur7A23W8EySkNxjdfvPCPDnhbIiaJWnbRGzwNQYcX0hRTyQuCnQImqSt2DzND 7Ma+uzEZb2teLMa+sWu9Aw6dUJicO+jNkl+mRW2Vb5+2R5tEvOahnkROUXskWVrt M6VmxYYVHiR689t0XC2WZ4W5x6bM3zv5tT7khKufOESUULEAK2dn7eGxQJ3BmrOG hyarKSBi+Dtgw9s++CkbbXwkOuVJa7RVfKBXF5yRujCE0j7t3zR3edN6FXU/uvu2 ItA= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:17 2024 by rpki-client on console-fra.rpki-client.org