$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d44b4291-2d06-4a93-85eb-5eb3d0e7a432.roa File: d44b4291-2d06-4a93-85eb-5eb3d0e7a432.roa (raw, json) Hash identifier: w8JlsBz+Cr+LzlCzl1G0HmE32irk5LF5jgTsLK+xrtg= Subject key identifier: 3D:D9:36:0D:65:69:5A:EB:46:DB:9C:41:56:45:98:80:94:94:81:34 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 28644F65FBAF85182BA5074739D2798FBF0D1E12 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d44b4291-2d06-4a93-85eb-5eb3d0e7a432.roa Signing time: Sat 27 Jul 2024 00:00:00 +0000 ROA not before: Sat 27 Jul 2024 00:00:00 +0000 ROA not after: Sat 31 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 31 Jul 2024 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:64:4f:65:fb:af:85:18:2b:a5:07:47:39:d2:79:8f:bf:0d:1e:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 27 00:00:00 2024 GMT Not After : Aug 31 23:59:59 2024 GMT Subject: serialNumber=56949b404987826fa3a1ef7f9b45db2fda9c2fdeb11a2c3555db5bada1690f35, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:11:97:d3:64:f1:a8:15:67:3d:bf:c0:24:ad: 07:fe:8b:e3:a7:08:55:c2:e8:06:99:ff:80:d0:8b: ab:46:07:d0:9d:73:59:79:2e:03:25:82:e6:b0:ef: 15:a9:2d:d5:84:e1:bc:0b:14:0c:e4:ee:93:db:6f: a9:49:62:79:dd:cd:c6:71:42:35:2d:2d:55:4f:86: 85:7f:73:c3:dc:cf:8d:b6:dd:dd:a7:79:3c:b2:f5: f7:68:b3:db:ee:b0:df:3a:60:86:6b:8b:f6:27:6d: fb:e6:d7:36:13:8a:21:33:41:b5:54:ab:17:89:01: c7:74:c5:c1:fa:c5:3b:ff:a7:02:bd:a9:23:23:7d: f4:a5:65:14:0a:34:d5:ed:fd:53:2c:3f:e6:01:a5: 38:b0:97:db:78:e0:d3:ba:e8:ea:35:48:87:3a:52: 8f:80:c7:d1:16:c5:67:4f:60:ee:55:6d:62:00:96: f9:91:20:5d:b8:8e:6c:19:1e:cf:a2:aa:7b:f4:6c: a4:64:2b:b5:2a:88:c9:58:bd:c5:ac:62:25:9c:82: f5:4f:5f:cb:45:90:40:1c:0a:ac:4e:02:d7:f4:e9: f7:f3:91:7a:ec:83:0e:13:4b:16:8f:2c:4a:18:46: 78:c7:ad:62:1d:bd:2e:ff:98:d6:7f:77:64:d6:fd: 8b:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:D9:36:0D:65:69:5A:EB:46:DB:9C:41:56:45:98:80:94:94:81:34 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d44b4291-2d06-4a93-85eb-5eb3d0e7a432.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:8800::/40 Signature Algorithm: sha256WithRSAEncryption 38:61:ce:1d:13:23:ab:34:58:a9:a4:63:28:91:dd:69:d2:6c: ba:c7:82:fd:c2:5b:8d:b3:0e:c7:b0:2a:d5:dd:04:4d:be:ed: 62:8a:88:b7:47:80:4e:4d:40:68:b5:6b:05:85:e4:d7:ec:5a: 65:09:62:cf:f6:ae:13:34:57:c8:47:d1:66:49:2b:3d:80:f9: 07:5e:67:ae:fd:e5:3b:4e:a4:b5:e6:74:6f:9e:ba:18:4a:2f: 34:bc:7d:36:83:35:46:57:5e:83:8b:57:49:39:24:fb:46:82: 39:b9:24:1e:73:fb:c4:20:3b:8a:25:8d:ac:0e:22:ba:85:74: bd:ce:bb:95:f1:ba:51:78:3c:2e:d3:15:fa:3d:d3:6e:d3:94: f6:91:b1:cf:4c:1b:48:83:c4:55:65:d0:f0:a7:57:8e:ce:09: e7:8f:91:8c:42:f6:2e:98:c8:2f:1d:8a:3a:1c:ea:30:03:8f: ac:12:0c:05:64:8a:f6:be:3b:aa:2d:97:30:1c:fb:22:43:d8: 2f:44:3e:5d:c4:5d:7d:5d:f3:37:dc:64:c7:65:85:00:20:73: d7:27:6a:6f:6e:fd:4a:c0:2c:98:56:c1:99:ef:93:e3:7c:16: 0a:f2:5c:11:fe:c9:df:42:25:53:ef:38:72:3a:3c:9c:c2:38: 9c:01:9f:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKGRPZfuvhRgrpQdHOdJ5j78NHhIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcyNzAwMDAwMFoX DTI0MDgzMTIzNTk1OVowejFJMEcGA1UEBRNANTY5NDliNDA0OTg3ODI2ZmEzYTFl ZjdmOWI0NWRiMmZkYTljMmZkZWIxMWEyYzM1NTVkYjViYWRhMTY5MGYzNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBGX02TxqBVnPb/AJK0H/ovjpwhV wugGmf+A0IurRgfQnXNZeS4DJYLmsO8VqS3VhOG8CxQM5O6T22+pSWJ53c3GcUI1 LS1VT4aFf3PD3M+Ntt3dp3k8svX3aLPb7rDfOmCGa4v2J2375tc2E4ohM0G1VKsX iQHHdMXB+sU7/6cCvakjI330pWUUCjTV7f1TLD/mAaU4sJfbeODTuujqNUiHOlKP gMfRFsVnT2DuVW1iAJb5kSBduI5sGR7Poqp79GykZCu1KojJWL3FrGIlnIL1T1/L RZBAHAqsTgLX9On385F67IMOE0sWjyxKGEZ4x61iHb0u/5jWf3dk1v2LSwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD3ZNg1laVrrRtucQVZFmICUlIE0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q0NGI0MjkxLTJkMDYtNGE5My04NWViLTVlYjNkMGU3YTQzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaIgwDQYJKoZIhvcNAQELBQADggEBADhhzh0TI6s0WKmkYyiR 3WnSbLrHgv3CW42zDsewKtXdBE2+7WKKiLdHgE5NQGi1awWF5NfsWmUJYs/2rhM0 V8hH0WZJKz2A+QdeZ6795TtOpLXmdG+euhhKLzS8fTaDNUZXXoOLV0k5JPtGgjm5 JB5z+8QgO4oljawOIrqFdL3Ou5XxulF4PC7TFfo9027TlPaRsc9MG0iDxFVl0PCn V47OCeePkYxC9i6YyC8dijoc6jADj6wSDAVkiva+O6otlzAc+yJD2C9EPl3EXX1d 8zfcZMdlhQAgc9cnam9u/UrALJhWwZnvk+N8FgryXBH+yd9CJVPvOHI6PJzCOJwB n8I= -----END CERTIFICATE-----Generated at Sat Jul 27 01:58:06 2024 by rpki-client on console-fra.rpki-client.org