$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d862707d-98bd-4b24-91cb-070f98bf1ac9.roa File: d862707d-98bd-4b24-91cb-070f98bf1ac9.roa (raw, json) Hash identifier: faWXZadSV+5jsnVyrXzTVYvtRfRD4Z8D1ACW9jSFfnQ= Subject key identifier: 5E:A4:32:00:80:50:97:C9:2F:92:E9:12:5A:C2:08:38:A9:B2:A4:6A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18DB1130ED09320CBF47BB355254ACA38168293E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d862707d-98bd-4b24-91cb-070f98bf1ac9.roa Signing time: Fri 19 Jul 2024 00:00:00 +0000 ROA not before: Fri 19 Jul 2024 00:00:00 +0000 ROA not after: Fri 23 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 31 Jul 2024 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:db:11:30:ed:09:32:0c:bf:47:bb:35:52:54:ac:a3:81:68:29:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 19 00:00:00 2024 GMT Not After : Aug 23 23:59:59 2024 GMT Subject: serialNumber=88a9493be3e5badf6573b8ec08b53ad258f3307999ce26e110174634294738ef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:cb:4c:68:4e:ee:55:75:d3:b6:95:f3:5f:a0: 6d:68:94:97:1e:84:51:9d:db:d6:07:33:59:b8:64: f1:c4:0f:a8:19:17:1c:17:4a:d9:f4:ae:95:b1:0e: 90:8d:7a:01:e6:74:c5:b9:68:0b:ca:61:a2:9b:e7: c9:c3:c4:ac:fe:ec:19:97:ce:67:57:10:00:c2:22: b5:87:a6:d4:9a:4a:ea:bd:75:cf:a2:2d:a4:66:29: 78:9b:69:92:a0:80:ef:98:9d:3a:9c:2a:f7:a6:18: 86:15:af:2e:4e:6b:1f:ee:2c:8b:2d:be:66:be:e7: be:0d:98:3b:a8:d1:dd:f1:a7:42:24:38:f0:91:8a: b5:85:df:e8:2d:f5:13:fe:23:91:3f:23:47:d4:9e: aa:90:4f:75:5d:57:e6:ce:62:d2:bc:71:5a:2d:dc: 51:9a:45:c3:85:21:55:ac:35:36:36:a5:8e:61:bc: 59:dc:e6:87:c1:9a:49:f4:51:5c:cc:bd:93:a4:1a: fe:61:7e:1b:49:10:47:0a:0f:03:fe:49:fe:9d:0a: 48:10:c1:af:2c:a3:0b:9f:9f:72:98:9b:9e:48:9b: 67:06:d8:13:ad:49:fa:47:09:43:55:88:f9:fe:cd: 98:b1:47:c7:66:cd:88:bc:18:cf:5e:f8:be:02:c0: 4b:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:A4:32:00:80:50:97:C9:2F:92:E9:12:5A:C2:08:38:A9:B2:A4:6A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d862707d-98bd-4b24-91cb-070f98bf1ac9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:800::/40 Signature Algorithm: sha256WithRSAEncryption 7d:2f:7f:fd:87:71:2e:d7:15:8b:d9:2f:14:f2:71:ff:31:41: ae:d5:f8:c0:8d:f2:23:1f:7f:93:fe:87:32:30:30:16:d5:fa: e8:65:14:8e:4a:76:cf:ae:01:a7:2e:8b:39:c5:0a:bf:fe:24: ee:1c:7a:99:aa:7b:84:13:26:ee:fb:10:07:07:73:44:3e:92: aa:2f:f3:7c:ea:ad:bf:57:81:4b:b6:4a:75:68:5d:18:0d:c2: af:28:e3:c0:6e:fc:6a:21:73:98:bf:77:d6:f4:cc:d5:56:85: e1:98:44:ab:b4:a9:f9:40:31:b5:36:5d:d6:cb:81:e5:c1:0b: 53:55:4d:ce:a7:20:86:e2:e1:13:12:44:7a:1c:ba:e5:4e:1d: f3:04:8a:ed:a5:a8:4d:a4:a3:64:02:92:79:fb:3d:05:88:c0: c8:e0:fa:18:f6:e8:dd:98:9c:54:05:a8:91:89:e0:c8:ae:61: 1c:85:d9:68:16:89:de:23:d8:e5:2c:cf:bb:cb:bf:c0:5b:9d: 5f:c0:42:fe:a8:2b:ca:1f:d3:7c:d4:bb:58:2a:f2:48:77:01: cb:11:f2:be:21:d5:71:5e:fb:fd:0e:d8:90:44:f4:b8:38:53: 1e:85:c2:04:fe:57:3a:b3:bc:86:de:2d:f5:c7:38:05:d7:37: ef:4e:c5:84 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGNsRMO0JMgy/R7s1UlSso4FoKT4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxOTAwMDAwMFoX DTI0MDgyMzIzNTk1OVowejFJMEcGA1UEBRNAODhhOTQ5M2JlM2U1YmFkZjY1NzNi OGVjMDhiNTNhZDI1OGYzMzA3OTk5Y2UyNmUxMTAxNzQ2MzQyOTQ3MzhlZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ctMaE7uVXXTtpXzX6BtaJSXHoRR ndvWBzNZuGTxxA+oGRccF0rZ9K6VsQ6QjXoB5nTFuWgLymGim+fJw8Ss/uwZl85n VxAAwiK1h6bUmkrqvXXPoi2kZil4m2mSoIDvmJ06nCr3phiGFa8uTmsf7iyLLb5m vue+DZg7qNHd8adCJDjwkYq1hd/oLfUT/iORPyNH1J6qkE91XVfmzmLSvHFaLdxR mkXDhSFVrDU2NqWOYbxZ3OaHwZpJ9FFczL2TpBr+YX4bSRBHCg8D/kn+nQpIEMGv LKMLn59ymJueSJtnBtgTrUn6RwlDVYj5/s2YsUfHZs2IvBjPXvi+AsBLXQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFF6kMgCAUJfJL5LpElrCCDipsqRqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NjI3MDdkLTk4YmQtNGIyNC05MWNiLTA3MGY5OGJmMWFjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9ggwDQYJKoZIhvcNAQELBQADggEBAH0vf/2HcS7XFYvZLxTy cf8xQa7V+MCN8iMff5P+hzIwMBbV+uhlFI5Kds+uAacuiznFCr/+JO4cepmqe4QT Ju77EAcHc0Q+kqov83zqrb9XgUu2SnVoXRgNwq8o48Bu/Gohc5i/d9b0zNVWheGY RKu0qflAMbU2XdbLgeXBC1NVTc6nIIbi4RMSRHocuuVOHfMEiu2lqE2ko2QCknn7 PQWIwMjg+hj26N2YnFQFqJGJ4MiuYRyF2WgWid4j2OUsz7vLv8BbnV/AQv6oK8of 03zUu1gq8kh3AcsR8r4h1XFe+/0O2JBE9Lg4Ux6FwgT+VzqzvIbeLfXHOAXXN+9O xYQ= -----END CERTIFICATE-----Generated at Sat Jul 27 00:57:56 2024 by rpki-client on console-ams.rpki-client.org