$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d70054d0-4c79-4b58-875d-4ba2fb635687.roa File: d70054d0-4c79-4b58-875d-4ba2fb635687.roa (raw, json) Hash identifier: Pr3il8FRSerrdiPKTQFNtDLHCHW5Aq7xBgm2SNdedjA= Subject key identifier: 36:19:15:FA:B0:E9:22:F3:96:4F:F3:25:6C:0F:A8:0D:75:39:5D:E3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 66D021BF6A324323B80988AAF0B06A76DDA047F8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d70054d0-4c79-4b58-875d-4ba2fb635687.roa Signing time: Tue 09 Apr 2024 00:00:00 +0000 ROA not before: Tue 09 Apr 2024 00:00:00 +0000 ROA not after: Tue 14 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14::/35 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 15:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:d0:21:bf:6a:32:43:23:b8:09:88:aa:f0:b0:6a:76:dd:a0:47:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 9 00:00:00 2024 GMT Not After : May 14 23:59:59 2024 GMT Subject: serialNumber=1ec479b7f8637085e972522b96e2967bda6f3cc98031f2bda1ed1885af2f81d8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:02:37:77:c0:21:d4:a5:87:4e:61:f1:02:2c: 5c:66:43:ab:56:40:2b:25:f3:af:4a:0b:80:a6:08: c6:d1:ee:66:b1:37:d5:f8:31:b4:f1:b0:b9:a0:2e: 7b:9d:2c:c6:35:f0:a9:86:47:a9:09:07:27:b4:3a: e3:23:47:a6:68:bc:02:46:ba:a7:67:7c:f3:58:cc: e2:3a:09:0c:38:97:e6:da:62:ae:d0:94:35:a8:80: 52:f9:52:0c:18:4a:ae:b9:aa:99:b8:c4:61:1d:a1: ae:f0:35:59:2e:70:a9:20:87:f5:4f:26:78:33:fa: 63:22:7d:fe:70:ed:a8:d3:6f:1d:5c:9f:de:e1:27: c5:40:4f:56:f2:4c:af:3e:55:fa:92:9c:d2:bc:62: 6c:f2:87:f2:4a:59:b8:79:7f:85:c8:1f:6e:e3:8c: 3a:f3:53:0c:bf:28:17:ac:a1:58:b3:bd:25:0b:8e: 27:4f:96:cf:6b:02:44:c3:e1:22:db:9b:ff:f7:eb: fa:b2:b8:37:7b:c6:cb:cb:6e:49:74:29:66:dd:9a: b1:67:b0:b1:bf:1c:77:70:31:42:0b:44:f3:e4:d8: e6:a0:39:d6:95:83:c2:62:52:0b:1e:85:78:43:34: ad:0e:2f:f1:74:14:d6:4e:77:89:83:67:80:92:0f: e2:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:19:15:FA:B0:E9:22:F3:96:4F:F3:25:6C:0F:A8:0D:75:39:5D:E3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d70054d0-4c79-4b58-875d-4ba2fb635687.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14::/35 Signature Algorithm: sha256WithRSAEncryption 52:97:64:08:e8:f6:54:8d:33:3c:58:10:08:b5:e1:f1:0e:8c: b2:67:f0:a6:e2:0c:35:83:61:6b:37:38:93:c2:06:7a:14:eb: e4:37:0e:47:0b:f7:05:71:5a:3f:05:d4:39:31:cf:ef:ad:d1: 7a:ee:37:7d:14:07:47:f9:0b:ff:01:1f:71:55:cf:03:ef:60: eb:da:fd:03:7c:2f:3c:55:2c:70:c5:bc:08:99:40:4f:46:de: f7:00:3d:f7:7a:aa:16:a9:4c:ed:d5:db:a2:c5:21:6b:4e:8f: 39:33:ac:8e:28:56:28:c5:2e:a7:40:82:a8:ef:04:a2:f0:c3: af:ea:dc:c3:5e:ed:03:d8:56:97:8b:da:4e:ab:57:52:b2:45: e0:66:3e:46:0b:66:bf:5e:44:df:33:bd:5c:fe:42:82:90:50: 3b:00:3e:db:92:18:f9:d6:30:46:3c:e4:e3:67:4c:89:16:ea: 3a:25:e2:33:0b:c0:55:7e:3e:91:c4:e9:ca:ad:6d:7f:f6:ca: ac:50:2d:ff:7d:46:de:73:4a:f0:a6:7e:71:bb:d8:0b:d4:c3: e0:2a:c9:6f:26:65:b2:46:c1:8c:ed:03:64:66:71:aa:37:3f: 2e:b2:76:b3:92:33:e0:09:26:95:59:e3:9c:7f:27:19:7d:f8: 08:69:03:4b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZtAhv2oyQyO4CYiq8LBqdt2gR/gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwOTAwMDAwMFoX DTI0MDUxNDIzNTk1OVowejFJMEcGA1UEBRNAMWVjNDc5YjdmODYzNzA4NWU5NzI1 MjJiOTZlMjk2N2JkYTZmM2NjOTgwMzFmMmJkYTFlZDE4ODVhZjJmODFkODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAI3d8Ah1KWHTmHxAixcZkOrVkAr JfOvSguApgjG0e5msTfV+DG08bC5oC57nSzGNfCphkepCQcntDrjI0emaLwCRrqn Z3zzWMziOgkMOJfm2mKu0JQ1qIBS+VIMGEquuaqZuMRhHaGu8DVZLnCpIIf1TyZ4 M/pjIn3+cO2o028dXJ/e4SfFQE9W8kyvPlX6kpzSvGJs8ofySlm4eX+FyB9u44w6 81MMvygXrKFYs70lC44nT5bPawJEw+Ei25v/9+v6srg3e8bLy25JdClm3ZqxZ7Cx vxx3cDFCC0Tz5NjmoDnWlYPCYlILHoV4QzStDi/xdBTWTneJg2eAkg/i+wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDYZFfqw6SLzlk/zJWwPqA11OV3jMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q3MDA1NGQwLTRjNzktNGI1OC04NzVkLTRiYTJmYjYzNTY4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYFJAbaFAAwDQYJKoZIhvcNAQELBQADggEBAFKXZAjo9lSNMzxYEAi1 4fEOjLJn8KbiDDWDYWs3OJPCBnoU6+Q3DkcL9wVxWj8F1Dkxz++t0XruN30UB0f5 C/8BH3FVzwPvYOva/QN8LzxVLHDFvAiZQE9G3vcAPfd6qhapTO3V26LFIWtOjzkz rI4oVijFLqdAgqjvBKLww6/q3MNe7QPYVpeL2k6rV1KyReBmPkYLZr9eRN8zvVz+ QoKQUDsAPtuSGPnWMEY85ONnTIkW6jol4jMLwFV+PpHE6cqtbX/2yqxQLf99Rt5z SvCmfnG72AvUw+AqyW8mZbJGwYztA2Rmcao3Py6ydrOSM+AJJpVZ45x/Jxl9+Ahp A0s= -----END CERTIFICATE-----Generated at Thu May 2 14:32:52 2024 by rpki-client on console-fra.rpki-client.org