$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d4f84930-308c-4801-a06d-2566101f31dd.roa File: d4f84930-308c-4801-a06d-2566101f31dd.roa (raw, json) Hash identifier: pvMH8HoTrYHz4VmLGIiR+SeUXVh71W6X402bp+WgB3A= Subject key identifier: 8F:14:8A:3B:B6:84:0A:2D:C1:66:D8:F0:BB:9B:49:B2:B3:E1:EB:F6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 21DC671FEC78AED2F7F8C1AFE4915001529E7694 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d4f84930-308c-4801-a06d-2566101f31dd.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Apr 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:dc:67:1f:ec:78:ae:d2:f7:f8:c1:af:e4:91:50:01:52:9e:76:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=41c610aaa9d841cccc821dc88590ee07480f1b44e6b2c821f47a630d231ca19d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:88:ae:ac:ae:41:e3:26:70:84:36:93:72:f1: 9b:79:e4:9e:c4:a0:7e:2e:91:0a:27:c3:03:96:f0: 3e:c6:ca:9e:39:33:76:82:f4:c5:ff:d3:6a:62:2f: ad:8a:55:5b:a4:62:74:c4:d1:8c:3e:0a:d5:e0:31: 19:68:38:ed:4b:cb:4d:bb:f8:00:94:86:3b:28:d3: f9:c5:85:94:f2:ff:ba:24:a1:7d:4d:d0:92:ea:57: 1d:8b:dc:be:c4:b3:02:3b:9f:8e:9f:46:b2:5a:44: dd:ca:b8:a4:27:18:b6:67:c3:e5:c6:26:76:77:98: ae:92:1a:23:c3:92:a4:10:c6:06:e0:21:54:70:53: 5e:c3:8b:37:a0:59:48:ee:3f:2b:69:a4:c1:1f:89: 29:81:b9:06:f6:04:d7:7d:57:30:2d:b6:f2:b1:be: e2:ab:c2:be:1e:18:0f:dc:09:52:ca:d0:2f:0a:bc: 2b:69:be:22:c8:53:dc:f2:ed:df:c1:fc:ae:4c:ce: 57:73:bd:02:4b:6c:c7:8a:01:c6:6c:5b:54:3e:c3: f4:72:04:88:ac:6b:6d:e2:11:7a:6e:97:33:bf:62: d0:7c:1c:ef:e0:93:59:d2:3d:3b:8d:bd:b6:f2:46: 7e:38:39:c1:7f:e4:6c:35:d9:61:1d:d8:1f:da:76: 79:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:14:8A:3B:B6:84:0A:2D:C1:66:D8:F0:BB:9B:49:B2:B3:E1:EB:F6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d4f84930-308c-4801-a06d-2566101f31dd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:f000::/40 Signature Algorithm: sha256WithRSAEncryption b9:ed:a4:f0:f5:ff:e3:e0:4f:f7:4e:7f:4a:a2:70:ab:92:08: d2:59:81:00:41:a2:ac:eb:eb:ca:16:5f:ed:c6:0b:77:ef:1f: 49:f2:f9:19:0f:6b:3d:6b:ae:ef:6e:4b:fa:f9:18:73:6c:cd: 21:e3:3e:c8:61:d5:51:3a:e1:99:84:46:2c:ae:4c:65:42:6c: ce:31:17:b3:be:21:8f:f8:76:4d:6f:51:8b:eb:60:3c:80:f1: 97:da:76:d3:2f:10:a5:11:df:a9:11:f2:cf:65:f2:76:bd:02: 37:76:78:14:d5:5b:b8:46:ea:a7:cb:5f:11:e0:27:86:a0:46: e4:56:0a:23:52:4d:78:b7:e9:9b:f8:e2:bd:38:7a:38:73:92: f8:06:40:a7:ee:d3:47:94:1a:ab:34:13:a7:58:38:a2:75:62: cd:9d:46:c7:7c:16:78:dd:05:40:17:73:ec:d6:ec:99:e4:56: 92:16:bd:61:76:9b:08:76:f5:ee:2d:4c:06:e8:59:1f:12:09: 3a:01:bd:58:6a:1b:14:9e:fd:86:13:e9:9c:c3:85:df:d3:76: cc:d1:2a:7c:ee:0a:29:92:23:49:28:a9:4e:60:fd:30:85:32: db:a7:53:de:e4:07:38:78:90:42:b9:6e:59:3e:f0:88:c4:c0: 24:7b:5b:77 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIdxnH+x4rtL3+MGv5JFQAVKedpQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNANDFjNjEwYWFhOWQ4NDFjY2NjODIx ZGM4ODU5MGVlMDc0ODBmMWI0NGU2YjJjODIxZjQ3YTYzMGQyMzFjYTE5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YiurK5B4yZwhDaTcvGbeeSexKB+ LpEKJ8MDlvA+xsqeOTN2gvTF/9NqYi+tilVbpGJ0xNGMPgrV4DEZaDjtS8tNu/gA lIY7KNP5xYWU8v+6JKF9TdCS6lcdi9y+xLMCO5+On0ayWkTdyrikJxi2Z8PlxiZ2 d5iukhojw5KkEMYG4CFUcFNew4s3oFlI7j8raaTBH4kpgbkG9gTXfVcwLbbysb7i q8K+HhgP3AlSytAvCrwrab4iyFPc8u3fwfyuTM5Xc70CS2zHigHGbFtUPsP0cgSI rGtt4hF6bpczv2LQfBzv4JNZ0j07jb228kZ+ODnBf+RsNdlhHdgf2nZ5DwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI8Uiju2hAotwWbY8LubSbKz4ev2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q0Zjg0OTMwLTMwOGMtNDgwMS1hMDZkLTI1NjYxMDFmMzFkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+/AwDQYJKoZIhvcNAQELBQADggEBALntpPD1/+PgT/dOf0qi cKuSCNJZgQBBoqzr68oWX+3GC3fvH0ny+RkPaz1rru9uS/r5GHNszSHjPshh1VE6 4ZmERiyuTGVCbM4xF7O+IY/4dk1vUYvrYDyA8ZfadtMvEKUR36kR8s9l8na9Ajd2 eBTVW7hG6qfLXxHgJ4agRuRWCiNSTXi36Zv44r04ejhzkvgGQKfu00eUGqs0E6dY OKJ1Ys2dRsd8FnjdBUAXc+zW7JnkVpIWvWF2mwh29e4tTAboWR8SCToBvVhqGxSe /YYT6ZzDhd/TdszRKnzuCimSI0koqU5g/TCFMtunU97kBzh4kEK5blk+8IjEwCR7 W3c= -----END CERTIFICATE-----Generated at Wed Apr 24 05:35:18 2024 by rpki-client on console-ams.rpki-client.org