$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa File: cf01a13f-5374-4ae1-873e-34447bf4f7af.roa (raw, json) Hash identifier: +WJKLk2iP5WUdO5+von5UK0Ejvu9OeBACPnHczOG64Q= Subject key identifier: 93:47:32:D4:EF:0C:6E:D1:0D:A7:CA:23:41:A0:D5:1A:F6:4B:2C:4B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0A0C252BAC9BD014B1BC94C2895967AE375E3AB0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa Signing time: Fri 19 Jul 2024 00:00:00 +0000 ROA not before: Fri 19 Jul 2024 00:00:00 +0000 ROA not after: Fri 23 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:0c:25:2b:ac:9b:d0:14:b1:bc:94:c2:89:59:67:ae:37:5e:3a:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 19 00:00:00 2024 GMT Not After : Aug 23 23:59:59 2024 GMT Subject: serialNumber=adbb8b93375a7c4a2b16f46dbd511ffd12d1dd8384cb9d28bd965d6bc84759f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:3f:4e:31:9c:dc:86:f0:0c:ea:38:c8:02:e1: 9b:0b:bd:97:83:f7:fd:bb:b7:38:fc:23:4d:f0:8f: eb:60:b7:e0:f4:91:d5:73:42:8d:c9:dc:b2:9b:71: 7c:e1:9f:1a:eb:f6:e0:90:07:35:80:c2:68:12:47: 2c:e2:c2:a2:c1:49:14:ce:c0:1d:7a:0c:57:d4:ae: fe:4d:6f:3c:4a:4c:f9:97:8d:33:ed:83:98:d7:67: 19:d6:bb:b7:0e:28:e1:aa:47:70:3f:4d:ac:63:77: a9:fa:05:57:2e:c0:9d:c7:e8:34:53:49:45:4a:17: c1:b6:a4:1d:f4:75:36:6c:6c:27:27:05:47:0b:80: 8e:c0:08:b3:ba:bf:8b:8e:32:e0:60:24:b5:5e:29: 18:77:4f:8f:01:69:ac:be:65:7a:01:4f:72:16:a6: 8f:76:6a:7f:4a:27:43:8e:1a:ed:4a:73:d2:d7:50: b8:6c:4e:91:67:b5:1c:1c:87:58:bc:4b:24:c3:ec: d2:74:a7:36:97:63:43:49:b4:15:fd:a4:69:a4:0a: c8:a3:b7:94:08:25:fe:5f:57:e4:f9:63:13:88:1b: d7:f9:a4:2b:e1:54:e7:34:03:98:b7:73:77:4b:71: e7:6a:ad:dc:76:57:a0:50:dd:86:75:1f:99:7d:1c: e5:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:47:32:D4:EF:0C:6E:D1:0D:A7:CA:23:41:A0:D5:1A:F6:4B:2C:4B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:800::/40 Signature Algorithm: sha256WithRSAEncryption 88:a3:a3:56:19:01:45:ae:34:79:ac:83:ed:a1:e0:88:a6:f0: f9:64:a4:4d:24:b6:71:94:22:84:a5:1e:e0:a5:90:ec:93:84: e6:cf:22:e6:2d:33:f2:66:2b:ae:2d:c6:5c:a6:57:08:3f:32: 49:0c:ea:68:87:00:16:5a:58:02:87:d5:b5:a6:6b:8e:c3:d2: 31:ea:80:58:1b:b3:ef:49:ea:02:0b:2f:81:d6:e8:38:1b:2d: a9:5d:eb:3e:74:32:d0:f3:4f:c9:cc:8d:b1:e1:d6:b0:7f:b5: 48:9a:e0:c5:e2:6f:24:0b:80:e9:ed:df:c5:57:b2:db:89:4a: 1a:a3:96:02:e3:a3:29:bd:71:a4:79:99:ab:06:a4:ce:b1:98: 92:a1:f7:a8:12:ac:fc:1d:5d:8d:b1:03:24:0b:51:fa:55:6f: fb:43:58:21:2c:65:7d:fc:78:71:71:f4:48:38:bd:db:20:9a: 06:6d:ce:58:c1:98:f0:b8:82:97:59:b8:ea:2c:e9:64:3c:98: 4b:db:b7:3e:cb:d8:84:bf:64:57:56:92:98:70:65:75:4d:87: b3:ab:a6:e6:18:b5:3e:f6:7a:af:41:28:26:66:39:2a:ba:4c: 8d:85:c5:dd:52:cb:1c:34:f3:f2:10:82:91:1b:0b:d5:23:1c: 10:b6:15:6f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCgwlK6yb0BSxvJTCiVlnrjdeOrAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxOTAwMDAwMFoX DTI0MDgyMzIzNTk1OVowejFJMEcGA1UEBRNAYWRiYjhiOTMzNzVhN2M0YTJiMTZm NDZkYmQ1MTFmZmQxMmQxZGQ4Mzg0Y2I5ZDI4YmQ5NjVkNmJjODQ3NTlmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT9OMZzchvAM6jjIAuGbC72Xg/f9 u7c4/CNN8I/rYLfg9JHVc0KNydyym3F84Z8a6/bgkAc1gMJoEkcs4sKiwUkUzsAd egxX1K7+TW88Skz5l40z7YOY12cZ1ru3DijhqkdwP02sY3ep+gVXLsCdx+g0U0lF ShfBtqQd9HU2bGwnJwVHC4COwAizur+LjjLgYCS1XikYd0+PAWmsvmV6AU9yFqaP dmp/SidDjhrtSnPS11C4bE6RZ7UcHIdYvEskw+zSdKc2l2NDSbQV/aRppArIo7eU CCX+X1fk+WMTiBvX+aQr4VTnNAOYt3N3S3Hnaq3cdlegUN2GdR+ZfRzliwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJNHMtTvDG7RDafKI0Gg1Rr2SyxLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmMDFhMTNmLTUzNzQtNGFlMS04NzNlLTM0NDQ3YmY0ZjdhZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8ggwDQYJKoZIhvcNAQELBQADggEBAIijo1YZAUWuNHmsg+2h 4Iim8PlkpE0ktnGUIoSlHuClkOyThObPIuYtM/JmK64txlymVwg/MkkM6miHABZa WAKH1bWma47D0jHqgFgbs+9J6gILL4HW6DgbLald6z50MtDzT8nMjbHh1rB/tUia 4MXibyQLgOnt38VXstuJShqjlgLjoym9caR5masGpM6xmJKh96gSrPwdXY2xAyQL UfpVb/tDWCEsZX38eHFx9Eg4vdsgmgZtzljBmPC4gpdZuOos6WQ8mEvbtz7L2IS/ ZFdWkphwZXVNh7OrpuYYtT72eq9BKCZmOSq6TI2Fxd1Syxw08/IQgpEbC9UjHBC2 FW8= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:17 2024 by rpki-client on console-fra.rpki-client.org