$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa File: cf01a13f-5374-4ae1-873e-34447bf4f7af.roa (raw, json) Hash identifier: Z64KYdKAEQ1b62QaBbF0ryGz2xNpY5gcJb2wZGJSkTU= Subject key identifier: 40:CF:F2:66:95:0D:23:A6:C7:8D:EE:9B:31:59:35:FE:9A:6C:01:82 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2FAB59FD536C0E5746770615E8F4F252EAC2AB87 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa Signing time: Tue 09 Apr 2024 00:00:00 +0000 ROA not before: Tue 09 Apr 2024 00:00:00 +0000 ROA not after: Tue 14 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 00:10:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:ab:59:fd:53:6c:0e:57:46:77:06:15:e8:f4:f2:52:ea:c2:ab:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 9 00:00:00 2024 GMT Not After : May 14 23:59:59 2024 GMT Subject: serialNumber=c878c5c7b3fc339dc24fb41034a8261c34239c9064dce9df2f0dc6d7f82d255c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:02:17:0a:b5:2d:17:40:8f:07:3d:91:bb:c5: db:18:1e:ef:eb:04:2b:05:e6:81:2a:fd:31:e8:59: 7e:e1:4c:e3:ca:49:b9:b8:d9:ab:fb:21:ea:33:7b: b3:19:c1:74:9e:46:30:9d:35:12:65:a7:6e:da:48: fa:62:cf:80:29:e0:34:30:17:2c:6d:ff:f3:8b:49: 28:8d:a8:8a:71:ea:ba:e0:95:f9:93:4a:68:4e:8b: a6:48:cb:d0:df:15:78:ce:07:50:1b:1e:a2:3e:d5: 9f:32:7d:45:f5:d6:8e:f8:ef:d1:62:51:dd:00:cd: d3:bd:51:0b:26:21:7e:6b:e3:ce:7e:d0:81:20:34: 94:93:28:8a:bc:8b:d1:81:d8:7b:ab:8b:69:d1:b1: 50:59:a3:97:30:db:7f:41:3f:77:8d:07:98:b8:ce: f0:0e:e3:2c:66:b0:13:3e:a9:a3:d2:c1:c6:fd:0f: 85:ee:85:0c:3d:c3:19:36:86:4a:e5:23:82:77:22: 11:07:32:b8:a4:61:ba:d7:52:8d:04:e8:4a:bd:9f: ae:c6:8d:21:65:7f:fe:c8:25:41:25:e8:d2:a4:ec: ec:b4:97:8a:d6:58:83:c4:f2:4c:2b:53:69:c3:92: b2:d9:be:70:e0:b4:35:6e:a6:84:08:29:0a:5e:f7: c4:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:CF:F2:66:95:0D:23:A6:C7:8D:EE:9B:31:59:35:FE:9A:6C:01:82 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:800::/40 Signature Algorithm: sha256WithRSAEncryption 8e:f4:12:e8:76:97:2e:ad:96:50:22:c2:c4:7c:44:a9:70:4d: ae:3a:6e:25:2d:1b:64:fb:cf:d7:a1:2a:f6:f6:c5:85:f1:dc: 3c:04:df:5c:0f:f8:53:b4:9e:c9:d2:30:b4:55:16:ec:06:9e: b9:9c:c2:9a:53:4f:e6:53:84:61:01:ae:55:9c:33:c0:a3:4f: dd:34:03:d7:79:58:b6:b8:a9:f2:b3:8f:60:4e:02:65:af:22: 29:6a:da:55:d7:91:37:54:ca:7b:0e:19:f4:6f:b7:3e:bc:e4: 22:2c:e7:a5:c1:a3:3e:0e:79:58:99:ad:c4:ce:f1:c3:1a:6f: 82:48:65:52:38:86:2c:da:08:cc:4f:de:47:98:64:76:cd:47: 6f:1a:fc:b5:b4:2f:d5:67:00:c3:c7:1b:96:bd:ba:45:5a:80: 65:c1:3b:28:7b:b7:2d:5d:2b:35:fa:4b:3e:9e:40:01:55:60: 2b:86:6c:11:7b:b5:2d:d7:9c:ba:71:c0:5a:ef:69:04:22:cc: 03:bf:ab:5c:fd:38:42:af:26:ab:7f:81:3e:1f:e7:fc:11:fc: 5d:64:97:fb:85:d9:c6:68:01:e6:0d:f5:2e:4a:24:de:9d:f6: 92:75:02:31:1b:f8:54:55:a7:5e:8e:af:67:5b:76:e2:5c:eb: 79:27:75:69 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUL6tZ/VNsDldGdwYV6PTyUurCq4cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwOTAwMDAwMFoX DTI0MDUxNDIzNTk1OVowejFJMEcGA1UEBRNAYzg3OGM1YzdiM2ZjMzM5ZGMyNGZi NDEwMzRhODI2MWMzNDIzOWM5MDY0ZGNlOWRmMmYwZGM2ZDdmODJkMjU1YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwIXCrUtF0CPBz2Ru8XbGB7v6wQr BeaBKv0x6Fl+4Uzjykm5uNmr+yHqM3uzGcF0nkYwnTUSZadu2kj6Ys+AKeA0MBcs bf/zi0kojaiKceq64JX5k0poToumSMvQ3xV4zgdQGx6iPtWfMn1F9daO+O/RYlHd AM3TvVELJiF+a+POftCBIDSUkyiKvIvRgdh7q4tp0bFQWaOXMNt/QT93jQeYuM7w DuMsZrATPqmj0sHG/Q+F7oUMPcMZNoZK5SOCdyIRBzK4pGG611KNBOhKvZ+uxo0h ZX/+yCVBJejSpOzstJeK1liDxPJMK1Npw5Ky2b5w4LQ1bqaECCkKXvfE0wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEDP8maVDSOmx43umzFZNf6abAGCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmMDFhMTNmLTUzNzQtNGFlMS04NzNlLTM0NDQ3YmY0ZjdhZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8ggwDQYJKoZIhvcNAQELBQADggEBAI70Euh2ly6tllAiwsR8 RKlwTa46biUtG2T7z9ehKvb2xYXx3DwE31wP+FO0nsnSMLRVFuwGnrmcwppTT+ZT hGEBrlWcM8CjT900A9d5WLa4qfKzj2BOAmWvIilq2lXXkTdUynsOGfRvtz685CIs 56XBoz4OeViZrcTO8cMab4JIZVI4hizaCMxP3keYZHbNR28a/LW0L9VnAMPHG5a9 ukVagGXBOyh7ty1dKzX6Sz6eQAFVYCuGbBF7tS3XnLpxwFrvaQQizAO/q1z9OEKv Jqt/gT4f5/wR/F1kl/uF2cZoAeYN9S5KJN6d9pJ1AjEb+FRVp16Or2dbduJc63kn dWk= -----END CERTIFICATE-----Generated at Fri May 3 01:27:45 2024 by rpki-client on console-fra.rpki-client.org