$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc8e290b-8648-47ee-bd2f-426c31d42b90.roa File: cc8e290b-8648-47ee-bd2f-426c31d42b90.roa (raw, json) Hash identifier: PwPZFbyIigBK3LK8R95Pswx0oWI1ILMv69Y64C/d4BY= Subject key identifier: 93:78:2E:BD:4A:C0:47:FB:19:E7:C6:C2:D4:D8:D2:65:EC:17:13:FD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D62361542A3EF9BC4F07996FE2E7BBC72FE5332 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc8e290b-8648-47ee-bd2f-426c31d42b90.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Apr 2024 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:62:36:15:42:a3:ef:9b:c4:f0:79:96:fe:2e:7b:bc:72:fe:53:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=2b36ce761ac75f41a61df4afb940bb50dbf19bba09aa164d6b35f30386189592, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:63:3d:28:ef:75:6f:a5:1c:dc:a3:9b:d7:22: d9:d8:2b:4b:2c:ae:83:67:e5:13:a9:5f:ac:38:5c: 22:6f:57:8e:9c:42:89:ac:30:af:e6:be:7f:07:8f: 83:b1:06:dc:e4:f9:39:b0:34:24:35:e0:3f:d3:e2: 80:6b:4a:cb:88:e1:6d:9b:2f:e3:b5:6d:df:cc:ed: 9f:53:e1:00:61:bf:4f:3e:74:e1:57:53:e1:18:42: 01:2e:c2:71:4c:9c:4d:61:03:f8:9d:af:74:8d:62: 74:4a:c5:5a:af:5a:cb:09:42:0d:e0:df:d3:f4:73: b1:96:e4:23:c8:63:e8:dd:45:12:df:ef:d4:b0:8e: 9d:c7:94:c3:fd:75:ae:c3:ec:c2:d8:0f:a9:a8:cd: d4:f4:dc:54:93:0f:44:ae:ce:dd:05:43:ba:6b:94: 4f:80:82:eb:c7:c6:fb:44:16:38:d6:7a:ef:69:40: a1:0b:b5:57:07:14:e3:cf:89:b9:48:d6:ab:05:d8: ba:5d:42:ea:50:3e:bf:f9:1e:ca:2a:a6:79:fe:a6: 6d:6f:c2:f9:df:91:47:dc:e9:d3:45:6a:8d:17:96: a6:94:35:b1:04:12:fa:b8:7e:da:09:b3:79:a4:cc: 87:f6:86:50:75:bf:1e:7f:55:14:27:a9:15:c8:f8: 77:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:78:2E:BD:4A:C0:47:FB:19:E7:C6:C2:D4:D8:D2:65:EC:17:13:FD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc8e290b-8648-47ee-bd2f-426c31d42b90.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:4000::/40 Signature Algorithm: sha256WithRSAEncryption af:36:bb:f2:5a:8f:1e:e1:e3:2a:3a:45:c8:a3:57:ca:88:f9: 54:15:60:02:0b:4c:d6:ec:79:c2:a1:a4:2c:4d:f5:e8:92:67: 7d:67:8e:f6:cc:6d:73:76:3d:83:9e:4b:7c:0a:2c:5e:bb:67: bb:7a:0e:d5:70:77:3f:45:d7:2c:d5:0f:24:f0:7d:8c:3e:ee: f2:c8:22:f9:06:8d:21:35:01:13:0c:fb:6b:ed:86:10:9e:92: 7f:17:45:8f:a0:05:8d:55:84:4c:1c:ef:5a:2e:29:e4:e1:bc: 6e:a2:9b:04:72:48:ae:53:ae:ca:68:48:71:cd:4e:f1:4f:22: 0a:76:89:68:49:f7:7b:b7:84:79:1c:8b:dc:1e:01:df:c3:81: cc:b1:b1:59:7f:96:71:a9:b8:cb:a8:9f:c3:2b:2e:be:5d:2e: 50:33:39:7d:97:38:1f:15:14:55:b4:20:bc:c6:d9:3a:2f:60: b4:b6:b1:d5:69:d3:62:df:0e:6c:2a:70:53:a9:b0:5a:a8:3c: c6:df:3e:76:ff:21:38:0a:09:6b:d9:d2:c0:83:58:ca:0c:04: eb:ec:08:a3:49:ba:19:1f:94:7a:82:7b:76:e4:e9:44:e9:19: 12:91:76:38:6b:80:39:ab:2d:85:e9:0f:a9:9a:06:29:b8:5d: de:c1:30:a6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPWI2FUKj75vE8HmW/i57vHL+UzIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMmIzNmNlNzYxYWM3NWY0MWE2MWRm NGFmYjk0MGJiNTBkYmYxOWJiYTA5YWExNjRkNmIzNWYzMDM4NjE4OTU5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmM9KO91b6Uc3KOb1yLZ2CtLLK6D Z+UTqV+sOFwib1eOnEKJrDCv5r5/B4+DsQbc5Pk5sDQkNeA/0+KAa0rLiOFtmy/j tW3fzO2fU+EAYb9PPnThV1PhGEIBLsJxTJxNYQP4na90jWJ0SsVar1rLCUIN4N/T 9HOxluQjyGPo3UUS3+/UsI6dx5TD/XWuw+zC2A+pqM3U9NxUkw9Ers7dBUO6a5RP gILrx8b7RBY41nrvaUChC7VXBxTjz4m5SNarBdi6XULqUD6/+R7KKqZ5/qZtb8L5 35FH3OnTRWqNF5amlDWxBBL6uH7aCbN5pMyH9oZQdb8ef1UUJ6kVyPh3SQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJN4Lr1KwEf7GefGwtTY0mXsFxP9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NjOGUyOTBiLTg2NDgtNDdlZS1iZDJmLTQyNmMzMWQ0MmI5MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+EAwDQYJKoZIhvcNAQELBQADggEBAK82u/Jajx7h4yo6Rcij V8qI+VQVYAILTNbsecKhpCxN9eiSZ31njvbMbXN2PYOeS3wKLF67Z7t6DtVwdz9F 1yzVDyTwfYw+7vLIIvkGjSE1ARMM+2vthhCekn8XRY+gBY1VhEwc71ouKeThvG6i mwRySK5TrspoSHHNTvFPIgp2iWhJ93u3hHkci9weAd/DgcyxsVl/lnGpuMuon8Mr Lr5dLlAzOX2XOB8VFFW0ILzG2TovYLS2sdVp02LfDmwqcFOpsFqoPMbfPnb/ITgK CWvZ0sCDWMoMBOvsCKNJuhkflHqCe3bk6UTpGRKRdjhrgDmrLYXpD6maBim4Xd7B MKY= -----END CERTIFICATE-----Generated at Thu Apr 18 03:48:27 2024 by rpki-client on console-fra.rpki-client.org