$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1071032-5bb5-48fb-ad34-13668ce372b7.roa File: d1071032-5bb5-48fb-ad34-13668ce372b7.roa (raw, json) Hash identifier: KEFQ5lifmY5nwYBDu5zKqIHd3zPJHDjhw1dOy7Z0UbE= Subject key identifier: 0D:24:F3:1B:B9:1E:91:E7:B3:AD:F5:EE:7B:21:7B:28:D1:E5:18:29 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 67FD71CFD5FAB1412DCFFEC0E38CD82B0D648DAC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1071032-5bb5-48fb-ad34-13668ce372b7.roa Signing time: Tue 12 Sep 2023 00:00:00 +0000 ROA not before: Tue 12 Sep 2023 00:00:00 +0000 ROA not after: Tue 17 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2d::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Sep 2023 12:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:fd:71:cf:d5:fa:b1:41:2d:cf:fe:c0:e3:8c:d8:2b:0d:64:8d:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 12 00:00:00 2023 GMT Not After : Oct 17 23:59:59 2023 GMT Subject: serialNumber=3043c0f4316f5833827fda6c39cbbb68c26ed5706457dd9e640f283e81945c9c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:21:59:94:50:4d:95:d9:cf:ee:54:84:da:a0: e4:67:6e:b1:d3:27:b3:2f:3a:fa:ca:80:d7:a7:d6: af:46:79:59:63:69:b0:ca:db:e4:78:7c:09:4b:b9: df:38:65:a0:0a:96:94:b9:e9:92:9f:c9:f7:31:fa: 08:50:41:d0:5c:df:e8:22:b4:9e:09:93:f8:ae:4e: e1:94:f7:8f:d0:5c:50:ee:1a:14:ae:b3:1a:4d:ca: d4:93:6a:da:b4:9b:67:d8:1e:88:d2:a9:37:9e:87: e0:51:6a:e6:22:d2:bf:52:b6:4c:86:77:61:87:22: 03:38:96:af:2f:bb:69:f1:91:a6:cd:07:00:ed:a0: 5a:37:c0:5e:d3:a8:70:85:43:b2:05:b2:d0:06:e9: 66:4b:4e:78:ab:a7:aa:84:bb:d9:76:67:54:ff:ad: a0:79:9e:f7:00:f9:84:e6:33:46:2b:ee:a1:a0:48: 58:25:04:ca:75:d9:09:36:9d:3b:86:72:6f:c6:6f: f7:39:36:52:39:60:46:6d:7a:52:8d:dd:64:aa:6c: e8:2d:1c:ea:75:c6:b1:25:76:09:29:70:b8:8e:d0: 10:72:38:71:be:63:a1:81:40:ce:c1:a2:21:bc:d4: e0:8f:13:2d:ac:54:d8:91:17:08:ab:a6:ac:2b:de: a9:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:24:F3:1B:B9:1E:91:E7:B3:AD:F5:EE:7B:21:7B:28:D1:E5:18:29 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1071032-5bb5-48fb-ad34-13668ce372b7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2d::/36 Signature Algorithm: sha256WithRSAEncryption 24:0a:45:a6:a5:6a:7b:3a:f4:89:8a:04:32:dd:d9:c5:7e:a7: 9c:13:e9:71:21:31:ec:b1:7d:17:62:46:c5:e3:b9:7e:cb:dd: 3c:a1:2b:ad:d0:a2:0a:68:82:16:fa:e4:8a:aa:56:07:30:40: b2:bc:e1:89:dd:4c:c7:35:8c:85:da:69:a8:57:8b:bd:98:2a: b7:65:6d:bc:c9:54:c8:8c:d5:68:94:b1:c8:7d:74:06:b2:2b: 29:12:d2:99:e3:eb:f0:74:d8:24:bf:ce:74:04:1e:3d:51:5b: 7a:ac:69:73:e9:aa:e6:da:8d:ad:7c:5f:a2:4b:fa:68:d1:98: 2f:0a:38:c7:05:11:b1:8d:4a:8b:62:3d:bf:ca:04:32:98:ba: 2e:51:8c:60:d0:0d:35:e3:1e:23:63:d5:9d:90:0f:1a:e2:b3: a9:e7:96:bc:52:05:09:1f:ad:57:f8:d2:fd:6b:0a:75:86:f6: 55:96:50:36:4e:e5:6b:6a:45:17:4e:1d:70:de:71:7d:58:dd: 70:af:e2:2d:ea:06:c3:52:99:81:a6:3c:0f:aa:f9:75:11:dc: c2:13:d2:6b:0d:e3:b3:6a:d6:28:c0:07:5a:70:c4:d6:b6:e2: 18:70:be:ed:a5:81:45:89:ed:1e:f0:7a:ef:4a:7b:b7:36:8a: b6:2b:1e:dc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZ/1xz9X6sUEtz/7A44zYKw1kjawwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxMjAwMDAwMFoX DTIzMTAxNzIzNTk1OVowejFJMEcGA1UEBRNAMzA0M2MwZjQzMTZmNTgzMzgyN2Zk YTZjMzljYmJiNjhjMjZlZDU3MDY0NTdkZDllNjQwZjI4M2U4MTk0NWM5YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryFZlFBNldnP7lSE2qDkZ26x0yez Lzr6yoDXp9avRnlZY2mwytvkeHwJS7nfOGWgCpaUuemSn8n3MfoIUEHQXN/oIrSe CZP4rk7hlPeP0FxQ7hoUrrMaTcrUk2ratJtn2B6I0qk3nofgUWrmItK/UrZMhndh hyIDOJavL7tp8ZGmzQcA7aBaN8Be06hwhUOyBbLQBulmS054q6eqhLvZdmdU/62g eZ73APmE5jNGK+6hoEhYJQTKddkJNp07hnJvxm/3OTZSOWBGbXpSjd1kqmzoLRzq dcaxJXYJKXC4jtAQcjhxvmOhgUDOwaIhvNTgjxMtrFTYkRcIq6asK96prwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA0k8xu5HpHns6317nsheyjR5RgpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QxMDcxMDMyLTViYjUtNDhmYi1hZDM0LTEzNjY4Y2UzNzJiNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaLQAwDQYJKoZIhvcNAQELBQADggEBACQKRaalans69ImKBDLd 2cV+p5wT6XEhMeyxfRdiRsXjuX7L3TyhK63Qogpoghb65IqqVgcwQLK84YndTMc1 jIXaaahXi72YKrdlbbzJVMiM1WiUsch9dAayKykS0pnj6/B02CS/znQEHj1RW3qs aXPpqubaja18X6JL+mjRmC8KOMcFEbGNSotiPb/KBDKYui5RjGDQDTXjHiNj1Z2Q Dxris6nnlrxSBQkfrVf40v1rCnWG9lWWUDZO5WtqRRdOHXDecX1Y3XCv4i3qBsNS mYGmPA+q+XUR3MIT0msN47Nq1ijAB1pwxNa24hhwvu2lgUWJ7R7weu9Ke7c2irYr Htw= -----END CERTIFICATE-----Generated at Tue Sep 12 00:26:43 2023 by rpki-client on console-fra.rpki-client.org