$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d74980db-a60d-487c-9253-3e131534d8d4.roa File: d74980db-a60d-487c-9253-3e131534d8d4.roa (raw, json) Hash identifier: UucYDpejqSuE3+HuwURSnvebYDKliDwIovmHGl24sJM= Subject key identifier: B8:84:CA:8B:C0:29:81:71:6F:30:D6:6B:71:39:5A:A7:86:5E:A0:2F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4A74BEFE301753F04724F219C10DD7771EE5ACE2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d74980db-a60d-487c-9253-3e131534d8d4.roa Signing time: Thu 02 May 2024 00:00:00 +0000 ROA not before: Thu 02 May 2024 00:00:00 +0000 ROA not after: Thu 06 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:74:be:fe:30:17:53:f0:47:24:f2:19:c1:0d:d7:77:1e:e5:ac:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:00 2024 GMT Not After : Jun 6 23:59:59 2024 GMT Subject: serialNumber=ee0871e8f9b43f669ddf46201de69497e2c98edb5e3c0b1850372c54c5170f6a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:a1:64:42:57:39:dd:12:3f:59:08:20:b1:39: 8c:cd:ea:c3:2d:2b:ee:5c:be:23:1d:2d:54:bd:a1: a4:db:ed:f7:1d:d8:e8:4b:3e:c5:17:36:5f:7e:77: de:3c:4d:2a:7a:ac:b8:1c:9d:4f:bf:a5:7b:96:93: 28:55:90:a5:53:5c:ef:0e:a1:01:3c:70:b1:91:f1: cc:57:c2:61:90:db:fd:d8:7d:d8:63:0f:e3:12:fe: 14:3d:9a:1c:c6:29:16:9a:09:96:2d:65:a6:a7:23: 40:d5:97:ed:f2:d1:b9:e0:40:cf:37:97:63:10:ac: 40:90:7b:28:f8:90:8d:4d:61:10:55:99:5c:62:ea: 3c:ed:11:d3:2b:cf:65:b5:7f:a2:ab:61:96:ec:e6: 0a:56:01:56:09:43:43:47:83:ed:22:b2:41:9e:72: 57:7f:5c:03:11:67:f3:9e:c7:75:24:37:90:39:34: 78:40:d9:8b:68:b9:ac:e1:1e:6b:da:22:b7:86:dd: d6:96:58:06:78:52:2c:ca:1c:4d:da:f2:80:da:18: 5a:26:2f:d6:3b:f8:5f:8c:77:aa:82:7b:ea:f7:95: d0:15:4d:f2:ab:b8:98:0b:50:6d:0e:b8:22:ab:5e: a4:59:90:3b:15:28:a5:85:fa:d1:21:ab:2d:fb:35: 67:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:84:CA:8B:C0:29:81:71:6F:30:D6:6B:71:39:5A:A7:86:5E:A0:2F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d74980db-a60d-487c-9253-3e131534d8d4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:f000::/40 Signature Algorithm: sha256WithRSAEncryption 31:0e:00:c4:09:d0:7c:52:ed:72:24:f3:46:ff:49:a9:be:e9: 09:3b:ef:bc:91:e2:f3:e7:3f:7e:26:cd:0e:ce:da:fd:d0:74: ef:a5:bb:cd:1d:dd:70:9a:eb:9b:86:5f:4d:c6:81:60:cf:ce: c3:a1:bc:62:b5:94:fb:c4:32:95:17:a2:2c:69:a9:19:a4:34: a2:54:09:1d:25:b6:9e:50:52:18:b5:4e:8b:a7:ab:ea:3b:17: 10:58:d4:70:7d:eb:55:17:d5:1a:25:b9:e7:39:cf:cc:0d:8d: 72:25:04:0f:17:bf:1f:22:9b:3b:36:a2:77:bf:db:71:23:f0: 72:7e:a1:ed:be:6f:db:5b:82:e3:0f:33:92:79:cd:dd:0d:9f: e8:7d:a0:25:55:0f:83:4f:cd:da:fa:10:ef:1c:ee:68:eb:f6: 39:1a:19:b4:a4:1f:22:aa:49:86:5e:df:63:29:f1:49:63:a0: 24:c1:59:bf:7b:ac:9f:c0:0e:2b:94:09:a4:60:83:c7:50:d8: a9:ff:3e:ff:e4:43:e3:1a:0f:60:7b:5d:cd:15:85:ba:ab:04: b2:b4:e1:96:fc:3d:10:7b:f1:2d:4d:c6:a1:2e:b7:d6:49:d5: 44:30:92:20:07:c7:20:a6:d4:73:7b:45:51:33:30:21:b6:5f: 39:3b:4a:70 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSnS+/jAXU/BHJPIZwQ3Xdx7lrOIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMjAwMDAwMFoX DTI0MDYwNjIzNTk1OVowejFJMEcGA1UEBRNAZWUwODcxZThmOWI0M2Y2NjlkZGY0 NjIwMWRlNjk0OTdlMmM5OGVkYjVlM2MwYjE4NTAzNzJjNTRjNTE3MGY2YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qFkQlc53RI/WQggsTmMzerDLSvu XL4jHS1UvaGk2+33HdjoSz7FFzZffnfePE0qeqy4HJ1Pv6V7lpMoVZClU1zvDqEB PHCxkfHMV8JhkNv92H3YYw/jEv4UPZocxikWmgmWLWWmpyNA1Zft8tG54EDPN5dj EKxAkHso+JCNTWEQVZlcYuo87RHTK89ltX+iq2GW7OYKVgFWCUNDR4PtIrJBnnJX f1wDEWfznsd1JDeQOTR4QNmLaLms4R5r2iK3ht3WllgGeFIsyhxN2vKA2hhaJi/W O/hfjHeqgnvq95XQFU3yq7iYC1BtDrgiq16kWZA7FSilhfrRIast+zVnrQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLiEyovAKYFxbzDWa3E5WqeGXqAvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q3NDk4MGRiLWE2MGQtNDg3Yy05MjUzLTNlMTMxNTM0ZDhkNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaufAwDQYJKoZIhvcNAQELBQADggEBADEOAMQJ0HxS7XIk80b/ Sam+6Qk777yR4vPnP34mzQ7O2v3QdO+lu80d3XCa65uGX03GgWDPzsOhvGK1lPvE MpUXoixpqRmkNKJUCR0ltp5QUhi1Tounq+o7FxBY1HB961UX1Roluec5z8wNjXIl BA8Xvx8imzs2one/23Ej8HJ+oe2+b9tbguMPM5J5zd0Nn+h9oCVVD4NPzdr6EO8c 7mjr9jkaGbSkHyKqSYZe32Mp8UljoCTBWb97rJ/ADiuUCaRgg8dQ2Kn/Pv/kQ+Ma D2B7Xc0VhbqrBLK04Zb8PRB78S1NxqEut9ZJ1UQwkiAHxyCm1HN7RVEzMCG2Xzk7 SnA= -----END CERTIFICATE-----Generated at Wed May 22 05:29:09 2024 by rpki-client on console-fra.rpki-client.org