$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa File: cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa (raw, json) Hash identifier: ovSgC4g0s9+iWXjHBRLQtbGE1mCHoixW+B/Pbe+wVb8= Subject key identifier: 67:81:75:23:67:BE:7D:79:13:68:E0:69:C9:FA:14:8D:7A:38:2E:2A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5A602B58CB4004B5C29A6A8C739A5A8D84DE4A16 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa Signing time: Wed 17 Jul 2024 00:00:00 +0000 ROA not before: Wed 17 Jul 2024 00:00:00 +0000 ROA not after: Wed 21 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:60:2b:58:cb:40:04:b5:c2:9a:6a:8c:73:9a:5a:8d:84:de:4a:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 17 00:00:00 2024 GMT Not After : Aug 21 23:59:59 2024 GMT Subject: serialNumber=2a36e4af16051eed723040d60a46ffb4feb2e536491cc2ce5a3d3d160dc0bfc6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:69:73:ae:15:21:8a:1a:c7:ca:f4:6f:c5:45: ff:52:33:f8:53:2e:cb:70:38:b7:9e:9e:3c:c7:6e: 13:74:da:66:b4:9a:86:1d:10:26:81:10:19:65:97: 1a:7f:36:f5:ba:ed:1b:dc:53:3b:ca:2c:16:10:1b: 58:f4:fb:6b:89:34:c1:45:a6:16:3a:23:c3:a2:d8: 90:1e:90:25:8b:ca:54:69:a6:bc:cf:ad:d4:d1:ae: bf:72:5c:ee:8f:83:03:ff:44:ab:17:9b:25:da:5a: 52:b1:f6:76:49:65:2b:0d:26:68:a1:00:72:b0:7d: f1:9d:27:2c:59:17:b7:a8:be:a8:81:6d:f7:9e:c2: 15:67:01:75:b8:51:b7:0c:fb:aa:96:3d:05:cd:1d: a0:d4:7a:ea:34:f3:53:6b:8a:19:eb:40:e5:44:7b: 2e:f5:c9:c5:ea:81:4d:24:38:39:d7:3f:38:c0:36: 88:1b:3c:f5:12:14:2f:a1:50:d8:94:fb:f4:2c:71: 0e:1e:fa:bf:fe:7f:f2:bd:e9:69:cd:48:48:68:88: fc:e4:56:3f:78:bd:3f:a7:46:7e:24:00:e7:c3:ee: 0f:5e:26:e4:64:f6:6e:02:73:8d:5a:8c:b5:96:45: 34:8f:58:f6:0c:1f:f5:c5:af:0f:d5:e3:6c:67:1e: a3:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:81:75:23:67:BE:7D:79:13:68:E0:69:C9:FA:14:8D:7A:38:2E:2A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:c000::/40 Signature Algorithm: sha256WithRSAEncryption 1f:54:a4:47:ed:8c:6e:b6:c2:25:36:32:27:16:39:81:71:db: 6d:57:94:d8:11:8d:73:1d:40:34:bd:1b:de:70:c5:8a:73:25: c4:b4:7d:21:d6:8b:59:1f:87:6b:46:99:bf:4d:e1:c6:7a:49: ba:ec:98:9b:48:71:d1:37:cc:7a:05:b9:ff:31:14:d7:fd:4f: 9c:11:7b:29:34:db:4e:af:d1:16:12:0f:39:72:bd:1f:13:cf: 6b:5b:b2:8a:58:09:a6:a4:15:07:1d:66:4f:ce:4c:20:7f:9a: f0:4c:e9:c9:b9:77:e4:13:6d:ed:8f:6b:52:8e:66:c2:2f:4b: de:c7:53:3a:30:c0:12:87:36:0d:8f:63:ba:6d:2f:01:15:f9: a3:4e:4c:9c:c4:68:0b:df:3a:03:3e:48:53:e7:2b:d4:46:a9: 22:a6:1b:cd:f5:a7:b9:dc:10:0b:bc:65:52:c4:41:5a:18:ef: 46:62:af:47:b2:32:bb:33:84:c7:15:ec:12:58:f2:83:5c:67: de:06:ee:a4:d4:32:57:bf:41:00:f3:78:bd:ab:c6:8a:44:a4: ee:95:bd:df:24:f5:c4:78:df:33:a1:61:9f:80:2d:63:b3:11: 66:0d:b3:6e:70:4b:bb:e8:6f:db:cd:cc:18:14:f6:c9:43:42: 6e:8a:46:81 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWmArWMtABLXCmmqMc5pajYTeShYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNzAwMDAwMFoX DTI0MDgyMTIzNTk1OVowejFJMEcGA1UEBRNAMmEzNmU0YWYxNjA1MWVlZDcyMzA0 MGQ2MGE0NmZmYjRmZWIyZTUzNjQ5MWNjMmNlNWEzZDNkMTYwZGMwYmZjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGlzrhUhihrHyvRvxUX/UjP4Uy7L cDi3np48x24TdNpmtJqGHRAmgRAZZZcafzb1uu0b3FM7yiwWEBtY9PtriTTBRaYW OiPDotiQHpAli8pUaaa8z63U0a6/clzuj4MD/0SrF5sl2lpSsfZ2SWUrDSZooQBy sH3xnScsWRe3qL6ogW33nsIVZwF1uFG3DPuqlj0FzR2g1HrqNPNTa4oZ60DlRHsu 9cnF6oFNJDg51z84wDaIGzz1EhQvoVDYlPv0LHEOHvq//n/yvelpzUhIaIj85FY/ eL0/p0Z+JADnw+4PXibkZPZuAnONWoy1lkU0j1j2DB/1xa8P1eNsZx6jhQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGeBdSNnvn15E2jgacn6FI16OC4qMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NiZjMxYjk3LWExOTEtNGE2MC1hOWRlLTZmMjliYmVmOGIyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9MAwDQYJKoZIhvcNAQELBQADggEBAB9UpEftjG62wiU2MicW OYFx221XlNgRjXMdQDS9G95wxYpzJcS0fSHWi1kfh2tGmb9N4cZ6SbrsmJtIcdE3 zHoFuf8xFNf9T5wReyk0206v0RYSDzlyvR8Tz2tbsopYCaakFQcdZk/OTCB/mvBM 6cm5d+QTbe2Pa1KOZsIvS97HUzowwBKHNg2PY7ptLwEV+aNOTJzEaAvfOgM+SFPn K9RGqSKmG831p7ncEAu8ZVLEQVoY70Zir0eyMrszhMcV7BJY8oNcZ94G7qTUMle/ QQDzeL2rxopEpO6Vvd8k9cR43zOhYZ+ALWOzEWYNs25wS7vob9vNzBgU9slDQm6K RoE= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:17 2024 by rpki-client on console-fra.rpki-client.org