$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc8e290b-8648-47ee-bd2f-426c31d42b90.roa File: cc8e290b-8648-47ee-bd2f-426c31d42b90.roa (raw, json) Hash identifier: 0wxa342cbWp2sl/LreYZUnRr1RklGHrG5Cycf8iPiC8= Subject key identifier: FA:E8:39:AB:56:FE:C2:80:46:E6:75:D4:E6:29:0E:48:C5:64:97:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2BBCF1DEA19BEB24FBB141D99BA7B77B296D472D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc8e290b-8648-47ee-bd2f-426c31d42b90.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:bc:f1:de:a1:9b:eb:24:fb:b1:41:d9:9b:a7:b7:7b:29:6d:47:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=58a5e42e1db44e3b6c75baa04d9757c7a10bed516347dad2dd2d1118b71db9c9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:14:3a:87:d3:6f:ce:f6:05:d4:84:18:70:37: ca:5d:bb:b3:f2:65:39:87:f0:56:3e:7b:9a:20:17: 57:00:67:22:69:99:4a:cd:8d:54:9b:fd:8e:ff:5c: 20:c1:aa:ed:6e:8b:c7:e7:21:e7:cf:2a:4a:fe:41: 20:a1:bf:ae:10:3c:95:51:85:57:b2:85:4f:e4:fc: 92:98:b7:cf:1c:86:7b:91:21:d0:b2:f2:21:4e:6a: f1:ec:0d:38:5e:35:2d:12:90:b9:c4:b2:c9:4b:7c: f5:6a:45:2d:50:78:cf:9b:70:03:ae:a2:65:38:10: f1:ed:41:91:19:f8:38:59:a3:91:51:dd:55:df:a2: c6:9d:88:10:88:95:89:20:00:a4:f8:2c:40:4c:54: e7:49:a8:f4:d6:93:10:d9:fe:b2:b0:cf:82:46:a9: a9:3d:3f:31:f4:e8:1f:5e:65:71:2f:5a:94:10:ac: 56:a5:4b:a3:66:41:52:3a:37:de:4c:f5:12:f0:ee: c4:58:e7:9d:1c:db:a5:26:de:c6:60:9b:49:92:68: 5d:b1:84:67:36:de:56:dd:d8:f6:56:85:15:cc:26: 0e:f8:57:da:b7:53:1a:ed:86:3e:81:b3:4c:36:3c: a0:ce:ba:f8:5b:e6:2f:b1:22:39:5f:69:9d:78:ff: 03:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:E8:39:AB:56:FE:C2:80:46:E6:75:D4:E6:29:0E:48:C5:64:97:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc8e290b-8648-47ee-bd2f-426c31d42b90.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:4000::/40 Signature Algorithm: sha256WithRSAEncryption 05:e3:95:9f:4f:47:ca:27:97:f5:20:39:02:b3:6c:39:79:37: da:c7:de:3f:cf:35:37:6a:8b:1d:03:fa:21:73:10:84:53:e4: 75:66:e3:6f:59:09:b8:33:ab:1c:64:57:bf:99:97:4e:2f:5e: df:5b:04:1e:2c:ec:ae:30:26:2a:24:04:b1:4e:84:10:04:ff: 42:89:33:97:01:9d:6b:ce:15:5f:80:2f:1f:e4:2c:93:6b:19: 6d:e5:b8:66:5b:55:fd:0e:75:d6:02:9f:91:5a:71:28:aa:e4: a7:d4:2c:a1:5f:71:9b:54:ee:83:0a:30:bb:b8:21:c5:ae:d5: 4a:c4:26:42:61:b5:cc:f5:bd:ed:35:4b:ec:75:8d:44:8a:6b: 2c:69:cb:69:40:83:7e:b4:e6:23:0d:87:2e:45:d9:7d:db:5d: 4c:fa:a0:d4:1c:9f:13:19:55:5d:12:6b:a0:47:fb:51:5e:cf: 6e:c2:d5:25:dd:57:c9:5e:0a:f2:f3:e9:c3:0c:db:f3:54:ec: 49:79:4e:12:0a:af:47:a8:56:92:9b:21:d9:74:d3:20:29:31: 10:7f:fb:f1:de:92:f6:b8:77:63:dc:be:4b:9d:a1:de:ea:fc: d8:67:f0:4f:b3:7e:87:65:90:bb:a4:f1:5a:fe:02:da:a1:32: 9f:e0:4a:ae -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUK7zx3qGb6yT7sUHZm6e3eyltRy0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNANThhNWU0MmUxZGI0NGUzYjZjNzVi YWEwNGQ5NzU3YzdhMTBiZWQ1MTYzNDdkYWQyZGQyZDExMThiNzFkYjljOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBQ6h9NvzvYF1IQYcDfKXbuz8mU5 h/BWPnuaIBdXAGciaZlKzY1Um/2O/1wgwartbovH5yHnzypK/kEgob+uEDyVUYVX soVP5PySmLfPHIZ7kSHQsvIhTmrx7A04XjUtEpC5xLLJS3z1akUtUHjPm3ADrqJl OBDx7UGRGfg4WaORUd1V36LGnYgQiJWJIACk+CxATFTnSaj01pMQ2f6ysM+CRqmp PT8x9OgfXmVxL1qUEKxWpUujZkFSOjfeTPUS8O7EWOedHNulJt7GYJtJkmhdsYRn Nt5W3dj2VoUVzCYO+Ffat1Ma7YY+gbNMNjygzrr4W+YvsSI5X2mdeP8D/QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFProOatW/sKARuZ11OYpDkjFZJf4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NjOGUyOTBiLTg2NDgtNDdlZS1iZDJmLTQyNmMzMWQ0MmI5MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+EAwDQYJKoZIhvcNAQELBQADggEBAAXjlZ9PR8onl/UgOQKz bDl5N9rH3j/PNTdqix0D+iFzEIRT5HVm429ZCbgzqxxkV7+Zl04vXt9bBB4s7K4w JiokBLFOhBAE/0KJM5cBnWvOFV+ALx/kLJNrGW3luGZbVf0OddYCn5FacSiq5KfU LKFfcZtU7oMKMLu4IcWu1UrEJkJhtcz1ve01S+x1jUSKayxpy2lAg3605iMNhy5F 2X3bXUz6oNQcnxMZVV0Sa6BH+1Fez27C1SXdV8leCvLz6cMM2/NU7El5ThIKr0eo VpKbIdl00yApMRB/+/Hekva4d2Pcvkudod7q/Nhn8E+zfodlkLuk8Vr+AtqhMp/g Sq4= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org