$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d49c26fe-36cf-42b4-92ba-b2f1573d7a6e.roa File: d49c26fe-36cf-42b4-92ba-b2f1573d7a6e.roa (raw, json) Hash identifier: xWEDZAmJr3me1EWNn9vIXaIuYEux9+YpxUeIBk294Dc= Subject key identifier: 4A:73:2A:DB:F1:D8:58:D3:36:A5:7D:40:DB:F9:87:96:27:D0:21:DE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78C56AF6757B37F0F18E43A3BC1CDC093A4CADF7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d49c26fe-36cf-42b4-92ba-b2f1573d7a6e.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Apr 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:c5:6a:f6:75:7b:37:f0:f1:8e:43:a3:bc:1c:dc:09:3a:4c:ad:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=16aa59b2729451c635da57cc8d6bf1fb3623d706ebe05815c1bb1ce8e917d9b8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:1e:fd:a2:f8:f1:91:1d:1a:46:b0:88:c0:be: 16:1f:e0:8e:78:96:2b:d2:66:b5:76:f6:c3:ab:55: 72:a3:56:52:12:8f:65:1d:68:83:8d:0e:7d:6c:f6: 61:35:10:22:49:d9:5c:17:98:c2:34:a4:ea:01:74: fe:dd:3f:89:7c:c7:72:47:a0:0d:c4:d5:dd:61:95: 98:fc:91:01:ed:84:fc:51:a0:fa:b0:1b:57:38:5a: 4e:ea:3c:75:3b:10:54:22:a5:c4:cd:cc:91:ce:cd: 9e:d0:b4:f8:51:51:6a:58:a8:31:6f:fd:91:8a:07: b6:e9:c0:ec:48:a8:a3:8b:6b:04:fc:73:8c:c5:1c: fb:ec:9d:8a:60:ce:6a:20:ea:1f:3c:61:03:8d:e6: 5b:08:98:26:69:58:e0:64:88:6c:b6:b4:1d:1a:46: 0b:a6:ea:70:86:aa:26:a3:9a:87:82:f0:8e:c2:b4: 7a:f6:ec:8b:ec:e7:fd:0e:e4:38:75:88:fa:f9:a9: d9:05:c5:50:e0:63:95:ab:08:1e:55:3f:f6:8a:8c: be:d0:ed:e3:7b:29:8d:17:cd:32:67:83:38:f7:1a: d9:48:8d:16:ed:2d:3e:b4:fb:48:1d:9a:10:ee:0a: fc:81:dd:93:e9:40:5f:b1:86:4c:c7:bb:2f:b7:e9: 10:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:73:2A:DB:F1:D8:58:D3:36:A5:7D:40:DB:F9:87:96:27:D0:21:DE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d49c26fe-36cf-42b4-92ba-b2f1573d7a6e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9:c000::/40 Signature Algorithm: sha256WithRSAEncryption 32:22:bb:51:44:2b:2b:75:b8:b8:91:c8:37:33:fb:65:19:22: b4:6d:1e:b8:ba:f8:4e:46:d2:88:68:ea:fe:2f:bc:26:e0:37: 5c:ee:e6:a0:0d:00:48:9a:08:9e:18:7d:1f:97:e3:36:3b:33: 20:b5:a1:e9:41:d4:a0:73:d5:03:d6:40:83:46:3e:c0:7d:05: a8:f9:db:8b:0a:32:fb:4d:c2:5a:62:94:5b:d8:b0:ed:c0:2e: 6a:11:70:57:3e:b0:e6:31:44:8d:30:37:95:39:a0:98:42:c7: a9:6c:95:6c:66:ef:74:1b:25:82:08:ab:90:c0:e6:34:4a:10: a5:e8:ce:27:f4:03:d4:e7:c9:4d:88:85:97:33:58:6e:d3:23: 2e:b2:d1:9e:17:fd:be:12:39:eb:5e:af:58:38:47:ed:fc:d7: 9c:6e:1c:92:f8:d4:2d:4e:7c:fc:84:d2:43:27:05:d2:33:80: e9:84:78:b2:2f:40:c7:c9:96:c3:a3:46:b6:6f:0c:ea:8d:f2: 4c:de:65:c6:c7:3c:70:4d:f9:5e:b6:e0:80:97:eb:74:d3:13: e0:75:1f:a8:29:17:6c:5e:75:52:31:e5:3c:c0:4b:25:d5:b7: b0:82:90:08:51:40:10:ca:28:c1:88:38:5b:2c:78:71:68:bc: 18:65:09:fd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeMVq9nV7N/DxjkOjvBzcCTpMrfcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMTZhYTU5YjI3Mjk0NTFjNjM1ZGE1 N2NjOGQ2YmYxZmIzNjIzZDcwNmViZTA1ODE1YzFiYjFjZThlOTE3ZDliODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx79ovjxkR0aRrCIwL4WH+COeJYr 0ma1dvbDq1Vyo1ZSEo9lHWiDjQ59bPZhNRAiSdlcF5jCNKTqAXT+3T+JfMdyR6AN xNXdYZWY/JEB7YT8UaD6sBtXOFpO6jx1OxBUIqXEzcyRzs2e0LT4UVFqWKgxb/2R ige26cDsSKiji2sE/HOMxRz77J2KYM5qIOofPGEDjeZbCJgmaVjgZIhstrQdGkYL pupwhqomo5qHgvCOwrR69uyL7Of9DuQ4dYj6+anZBcVQ4GOVqwgeVT/2ioy+0O3j eymNF80yZ4M49xrZSI0W7S0+tPtIHZoQ7gr8gd2T6UBfsYZMx7svt+kQ3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEpzKtvx2FjTNqV9QNv5h5Yn0CHeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q0OWMyNmZlLTM2Y2YtNDJiNC05MmJhLWIyZjE1NzNkN2E2ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+cAwDQYJKoZIhvcNAQELBQADggEBADIiu1FEKyt1uLiRyDcz +2UZIrRtHri6+E5G0oho6v4vvCbgN1zu5qANAEiaCJ4YfR+X4zY7MyC1oelB1KBz 1QPWQINGPsB9Baj524sKMvtNwlpilFvYsO3ALmoRcFc+sOYxRI0wN5U5oJhCx6ls lWxm73QbJYIIq5DA5jRKEKXozif0A9TnyU2IhZczWG7TIy6y0Z4X/b4SOeter1g4 R+3815xuHJL41C1OfPyE0kMnBdIzgOmEeLIvQMfJlsOjRrZvDOqN8kzeZcbHPHBN +V624ICX63TTE+B1H6gpF2xedVIx5TzASyXVt7CCkAhRQBDKKMGIOFsseHFovBhl Cf0= -----END CERTIFICATE-----Generated at Wed Apr 24 05:35:18 2024 by rpki-client on console-ams.rpki-client.org