$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa File: cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa (raw, json) Hash identifier: RmXl5psu9uqqlxOc/5d8yjhYlRwpNn6AUaewQgObL6M= Subject key identifier: A5:4D:1C:E8:E8:FA:FD:E4:00:CA:F8:4D:1D:67:C4:88:92:6B:75:E2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 340D80939792A3D89C1D734CE36169A7371EDED4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:0d:80:93:97:92:a3:d8:9c:1d:73:4c:e3:61:69:a7:37:1e:de:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=63d627753e6a50763aadcd4f2194ce874cc174588f0891c430358ae552477a73, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f2:78:6b:5d:63:3e:aa:ec:f8:42:a4:41:7a: 80:51:f9:e9:cf:7a:0e:3e:a2:63:b4:1c:14:05:21: b6:4f:51:30:80:c5:50:20:7d:44:ae:45:87:aa:2d: 39:02:f0:17:ba:3e:b5:1d:3c:f7:14:3f:06:9a:29: 20:a2:21:cd:fd:39:28:48:f9:00:2b:c7:5f:e9:81: c7:6f:32:12:6a:e4:bd:da:70:be:9b:81:1e:21:10: 85:97:6b:5d:c5:c1:b1:91:29:b7:76:97:59:97:29: bb:2c:86:6a:2c:af:a4:ec:4d:5c:c9:95:46:a8:af: ef:f8:f9:92:de:b3:c3:6b:c3:11:c8:c3:45:04:99: f6:81:6f:38:21:78:2d:e2:86:23:ee:cd:60:38:5c: 78:5e:25:c9:b8:71:d3:7f:c2:0a:34:57:cf:a6:50: b8:0f:5d:20:aa:08:f0:34:04:4a:4c:17:0f:27:a2: 03:68:2f:4a:b8:98:01:83:35:d1:d7:1b:95:0e:83: 82:35:c2:39:27:a9:e0:ed:f3:e7:90:81:c4:1c:42: 6e:ff:06:bc:0f:86:6d:9a:94:16:22:01:ec:23:57: f3:58:45:53:36:0c:19:c0:b9:92:a6:9e:c7:81:13: ff:a7:6f:ba:70:72:56:58:75:34:63:0f:78:0a:8a: 16:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:4D:1C:E8:E8:FA:FD:E4:00:CA:F8:4D:1D:67:C4:88:92:6B:75:E2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:b000::/40 Signature Algorithm: sha256WithRSAEncryption af:3c:05:d7:01:76:0c:83:74:cc:77:3b:1d:ef:50:e5:3d:19: 97:b7:32:d4:c3:e7:60:93:8d:35:51:63:85:f0:30:f7:41:b5: 4b:e0:a1:38:81:12:2c:8d:3a:e8:7b:7a:5c:28:90:6e:d0:f3: e9:3d:de:cb:b5:a5:04:76:d7:a1:a6:7b:c4:ea:a5:89:09:85: 4c:99:f5:b0:7a:74:9a:18:aa:92:88:cb:ad:64:d4:35:eb:a1: 28:db:c9:02:56:a4:2c:63:ad:f0:71:27:12:5e:cf:1a:7f:e5: 8b:2c:ae:7a:c7:aa:bf:de:01:de:cb:d1:fe:95:30:a1:d0:7e: 83:f9:60:66:ae:1d:30:7d:61:a0:17:cb:67:81:b5:30:73:eb: 08:4a:97:30:b0:7e:0d:4e:7e:50:00:a1:61:d9:eb:9b:d7:6b: 3d:6f:92:56:0a:b3:92:6b:1b:45:82:44:89:f2:ff:68:61:62: a3:92:40:44:d7:ea:96:a2:4b:2d:2d:57:21:cd:37:76:40:bb: cd:87:a4:22:52:a3:ea:45:88:62:9b:6c:0d:a9:2c:e6:bd:56: c4:28:d0:97:22:08:06:e7:fe:15:f5:13:93:3d:ab:aa:e2:09: fd:ab:3c:05:e8:14:b0:73:4c:c4:40:c3:ac:bb:03:b8:ae:81: 5f:9a:44:66 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNA2Ak5eSo9icHXNM42Fppzce3tQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANjNkNjI3NzUzZTZhNTA3NjNhYWRj ZDRmMjE5NGNlODc0Y2MxNzQ1ODhmMDg5MWM0MzAzNThhZTU1MjQ3N2E3MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPJ4a11jPqrs+EKkQXqAUfnpz3oO PqJjtBwUBSG2T1EwgMVQIH1ErkWHqi05AvAXuj61HTz3FD8GmikgoiHN/TkoSPkA K8df6YHHbzISauS92nC+m4EeIRCFl2tdxcGxkSm3dpdZlym7LIZqLK+k7E1cyZVG qK/v+PmS3rPDa8MRyMNFBJn2gW84IXgt4oYj7s1gOFx4XiXJuHHTf8IKNFfPplC4 D10gqgjwNARKTBcPJ6IDaC9KuJgBgzXR1xuVDoOCNcI5J6ng7fPnkIHEHEJu/wa8 D4ZtmpQWIgHsI1fzWEVTNgwZwLmSpp7HgRP/p2+6cHJWWHU0Yw94CooWEwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKVNHOjo+v3kAMr4TR1nxIiSa3XiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmYjNjZTYzLTNkMGEtNDcyNC1hY2M3LTM3NGI1ZGE3MTFmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOLAwDQYJKoZIhvcNAQELBQADggEBAK88BdcBdgyDdMx3Ox3v UOU9GZe3MtTD52CTjTVRY4XwMPdBtUvgoTiBEiyNOuh7elwokG7Q8+k93su1pQR2 16Gme8TqpYkJhUyZ9bB6dJoYqpKIy61k1DXroSjbyQJWpCxjrfBxJxJezxp/5Yss rnrHqr/eAd7L0f6VMKHQfoP5YGauHTB9YaAXy2eBtTBz6whKlzCwfg1OflAAoWHZ 65vXaz1vklYKs5JrG0WCRIny/2hhYqOSQETX6paiSy0tVyHNN3ZAu82HpCJSo+pF iGKbbA2pLOa9VsQo0JciCAbn/hX1E5M9q6riCf2rPAXoFLBzTMRAw6y7A7iugV+a RGY= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:41 2024 by rpki-client on console-ams.rpki-client.org