$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1071032-5bb5-48fb-ad34-13668ce372b7.roa File: d1071032-5bb5-48fb-ad34-13668ce372b7.roa (raw, json) Hash identifier: 7FtE0AyzGsqsdO13QphTqnLcJclyATRbHSaT+hEK1RI= Subject key identifier: DF:48:59:E1:EE:61:6C:AA:8F:B3:AA:38:94:A3:EC:87:D8:84:04:3D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 481E58765032168AB967F944FB1A060AE7B0697D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1071032-5bb5-48fb-ad34-13668ce372b7.roa Signing time: Fri 26 Apr 2024 00:00:00 +0000 ROA not before: Fri 26 Apr 2024 00:00:00 +0000 ROA not after: Fri 31 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2d::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Apr 2024 00:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:1e:58:76:50:32:16:8a:b9:67:f9:44:fb:1a:06:0a:e7:b0:69:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 26 00:00:00 2024 GMT Not After : May 31 23:59:59 2024 GMT Subject: serialNumber=cbc52c17c082bd72e38145119ce037d4fcf6af82d92b42095fb4b866bc08c151, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:87:5e:46:3f:a8:d0:c2:54:ef:c8:2f:1b:14: 3c:e2:42:97:1e:38:b7:7a:6b:1e:61:56:c3:0b:a7: 23:c9:f1:89:f5:49:be:93:46:a7:53:99:44:c8:f6: 8b:cf:01:93:1c:5c:b3:a0:91:35:a2:61:a6:43:87: 2f:42:14:ea:6d:d3:52:8d:9e:6d:42:92:24:a3:b6: 9c:7d:05:2c:f8:13:b9:aa:0a:ae:61:a7:c2:eb:0e: 8e:c8:8b:24:21:bd:2f:3c:2e:81:84:5b:b1:fa:e6: ad:8f:7d:6e:a4:d7:82:b9:ba:f3:9c:14:71:42:dd: 86:a1:21:12:34:9e:89:b9:90:18:b4:8d:e7:50:3c: 8d:59:a5:55:72:7c:ad:3d:90:f8:39:22:01:59:f9: 3d:87:5d:ef:12:51:e7:3a:43:6b:fd:cd:f5:e2:fd: 31:82:70:01:13:0b:b5:25:b3:fe:6d:6c:1e:1c:6b: b0:4f:cf:e9:87:6f:fa:c8:22:43:1b:00:25:b4:ab: 42:e9:fc:fe:2d:92:a9:be:0c:cd:aa:aa:5e:6c:54: be:74:6b:9e:ec:d3:61:5b:24:c4:93:64:4f:77:b9: c9:b7:0d:aa:80:b2:2b:5e:c9:88:6c:bc:81:1d:0c: 6e:f6:70:02:fc:ba:86:73:09:20:00:4d:2b:c5:c7: f7:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:48:59:E1:EE:61:6C:AA:8F:B3:AA:38:94:A3:EC:87:D8:84:04:3D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1071032-5bb5-48fb-ad34-13668ce372b7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2d::/36 Signature Algorithm: sha256WithRSAEncryption 4d:57:37:1e:51:14:ed:19:21:05:6b:0f:4d:71:91:87:f2:c9: 6a:55:b3:44:3d:11:d4:04:ee:26:e8:e9:87:21:0d:10:2d:4b: d1:b9:67:f4:bb:db:2a:15:f7:1f:5b:00:f8:58:21:f1:b9:36: ab:99:2f:90:b8:56:31:96:f8:21:28:d6:b0:19:06:b0:2d:c5: c7:11:2f:80:cd:16:56:74:11:4e:bc:51:62:d8:8e:56:b5:f4: a0:70:a4:c4:28:07:66:b5:97:ea:57:f1:cf:81:a1:00:40:5a: f3:d6:33:ab:55:3a:91:95:3f:52:ca:27:c1:34:0f:29:ab:e9: fe:50:58:70:fc:23:c5:63:a9:b0:17:2f:1c:29:72:4f:dc:c6: bd:29:ab:4f:58:62:53:8f:a6:9a:7a:92:75:b9:6c:23:6d:a3: ca:90:cc:ec:18:b5:9b:08:7d:8b:44:b5:83:11:ff:0a:fc:10: 2c:85:63:3d:5a:90:2a:f0:01:e8:e3:9e:72:45:4f:61:7c:05: a0:51:dc:c8:f1:0e:72:3e:d5:bb:24:ae:81:fc:df:a7:20:c5: 59:b6:40:d5:84:c4:ed:d6:16:44:2f:62:b8:22:01:81:74:e4: 33:a5:35:93:05:e9:b2:9c:4a:3c:1e:dc:85:88:4d:91:1a:10: e4:7f:26:c6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSB5YdlAyFoq5Z/lE+xoGCuewaX0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyNjAwMDAwMFoX DTI0MDUzMTIzNTk1OVowejFJMEcGA1UEBRNAY2JjNTJjMTdjMDgyYmQ3MmUzODE0 NTExOWNlMDM3ZDRmY2Y2YWY4MmQ5MmI0MjA5NWZiNGI4NjZiYzA4YzE1MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4deRj+o0MJU78gvGxQ84kKXHji3 emseYVbDC6cjyfGJ9Um+k0anU5lEyPaLzwGTHFyzoJE1omGmQ4cvQhTqbdNSjZ5t QpIko7acfQUs+BO5qgquYafC6w6OyIskIb0vPC6BhFux+uatj31upNeCubrznBRx Qt2GoSESNJ6JuZAYtI3nUDyNWaVVcnytPZD4OSIBWfk9h13vElHnOkNr/c314v0x gnABEwu1JbP+bWweHGuwT8/ph2/6yCJDGwAltKtC6fz+LZKpvgzNqqpebFS+dGue 7NNhWyTEk2RPd7nJtw2qgLIrXsmIbLyBHQxu9nAC/LqGcwkgAE0rxcf36wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN9IWeHuYWyqj7OqOJSj7IfYhAQ9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QxMDcxMDMyLTViYjUtNDhmYi1hZDM0LTEzNjY4Y2UzNzJiNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaLQAwDQYJKoZIhvcNAQELBQADggEBAE1XNx5RFO0ZIQVrD01x kYfyyWpVs0Q9EdQE7ibo6YchDRAtS9G5Z/S72yoV9x9bAPhYIfG5NquZL5C4VjGW +CEo1rAZBrAtxccRL4DNFlZ0EU68UWLYjla19KBwpMQoB2a1l+pX8c+BoQBAWvPW M6tVOpGVP1LKJ8E0Dymr6f5QWHD8I8VjqbAXLxwpck/cxr0pq09YYlOPppp6knW5 bCNto8qQzOwYtZsIfYtEtYMR/wr8ECyFYz1akCrwAejjnnJFT2F8BaBR3MjxDnI+ 1bskroH836cgxVm2QNWExO3WFkQvYrgiAYF05DOlNZMF6bKcSjwe3IWITZEaEOR/ JsY= -----END CERTIFICATE-----Generated at Fri Apr 26 03:49:23 2024 by rpki-client on console-ams.rpki-client.org