$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d862707d-98bd-4b24-91cb-070f98bf1ac9.roa File: d862707d-98bd-4b24-91cb-070f98bf1ac9.roa (raw, json) Hash identifier: aQ42PS9167kDpWoJl4D2Ndt3BjrPCdC9PUyfdo80bpE= Subject key identifier: 29:71:68:57:84:C3:51:66:CC:BD:CD:EE:80:A8:20:CB:FF:CA:2A:AB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 07295CD6F6ADFAC0DFCF9FC99893EB759E1623CD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d862707d-98bd-4b24-91cb-070f98bf1ac9.roa Signing time: Tue 09 Apr 2024 00:00:00 +0000 ROA not before: Tue 09 Apr 2024 00:00:00 +0000 ROA not after: Tue 14 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:29:5c:d6:f6:ad:fa:c0:df:cf:9f:c9:98:93:eb:75:9e:16:23:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 9 00:00:00 2024 GMT Not After : May 14 23:59:59 2024 GMT Subject: serialNumber=6f6a3a89090de07e39e13188b2bff65049a3c3b94073ffb4b8c3eb6f7a8cbe45, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:2b:a6:d2:87:98:f6:e6:ed:9e:ac:5f:ab:f7: 41:4f:82:3f:cd:24:2f:aa:86:3a:3f:c6:86:6f:0f: d7:14:66:9d:c6:cd:76:a3:a6:f9:c3:6b:e8:c8:ce: c3:f7:08:d4:59:41:b8:d7:a6:5c:78:e1:d1:18:43: 3f:fa:1f:a7:f2:1e:15:8f:2b:b5:64:19:9b:0c:ae: c4:0c:6b:5a:bd:3c:f4:87:3f:68:3f:02:eb:c4:51: 03:45:ed:87:b0:19:32:40:e2:ac:8a:b5:33:72:86: 65:76:67:49:18:04:45:87:a9:a6:29:b2:bb:71:79: 21:3d:7a:53:b1:59:a3:e7:e5:8d:25:70:d2:28:ee: 04:15:46:24:e7:08:1d:6d:5b:b2:96:68:ab:bf:91: 8f:1b:7f:23:e0:f5:b2:6d:b4:c0:2f:90:04:d0:6b: 38:43:d2:29:4b:3b:a3:70:b6:19:c7:c3:10:e1:5e: 03:e8:34:95:63:c0:0f:d3:d7:ce:cb:09:56:e7:09: 56:a7:88:d0:08:70:01:e0:6b:b2:05:df:f5:b4:68: 78:10:5e:fc:d9:8c:9e:bd:2c:1f:55:7c:64:13:fa: 41:c7:29:b6:8c:a0:9f:cc:55:57:7c:3e:42:33:94: 1e:77:51:87:f1:62:ee:de:55:b4:51:49:62:a0:38: 3a:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:71:68:57:84:C3:51:66:CC:BD:CD:EE:80:A8:20:CB:FF:CA:2A:AB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d862707d-98bd-4b24-91cb-070f98bf1ac9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:800::/40 Signature Algorithm: sha256WithRSAEncryption 2c:8e:9a:01:e2:61:14:12:0a:88:9f:0f:de:40:1e:52:bd:ea: 3f:76:a4:b6:1c:bc:64:2c:0b:0b:16:64:9a:c6:a5:a9:d3:ab: e2:af:f9:c8:25:10:8f:b0:54:93:ec:18:44:8e:c8:d4:ab:56: a5:fe:7b:3f:b7:ac:e5:7c:ea:6e:e2:98:02:db:67:75:87:d0: 4f:40:6d:8b:df:16:9e:ed:7a:12:53:ab:64:fa:29:c0:07:16: f8:e5:70:19:5b:94:65:3f:4e:9c:74:74:d2:a7:be:b3:44:85: 90:ac:3f:e3:2b:b5:d7:e9:10:47:03:3d:e2:1a:b6:5a:87:29: 10:ce:69:4b:f4:df:67:1f:05:7d:24:ed:e2:9a:4c:88:3b:e8: f5:30:51:a0:26:b3:be:6e:a5:88:bb:de:87:0b:c9:2a:dd:ed: d4:6c:79:0e:d9:9c:42:11:ad:d4:fe:e3:4d:e5:55:c6:eb:e9: 88:34:da:2a:15:aa:23:0b:2d:12:cb:c1:3a:d0:d5:ba:d9:5f: dc:a8:77:2f:3d:e5:d2:9e:fb:0b:2d:3b:9f:0f:93:c9:d0:dd: e1:7e:ef:fd:0b:03:d5:46:e0:6c:c3:62:79:31:e3:66:60:56: c9:5c:b4:71:39:6b:d4:69:3f:7b:69:f5:55:9b:ab:ca:58:61: 5d:2d:8f:fb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBylc1vat+sDfz5/JmJPrdZ4WI80wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwOTAwMDAwMFoX DTI0MDUxNDIzNTk1OVowejFJMEcGA1UEBRNANmY2YTNhODkwOTBkZTA3ZTM5ZTEz MTg4YjJiZmY2NTA0OWEzYzNiOTQwNzNmZmI0YjhjM2ViNmY3YThjYmU0NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyum0oeY9ubtnqxfq/dBT4I/zSQv qoY6P8aGbw/XFGadxs12o6b5w2voyM7D9wjUWUG416ZceOHRGEM/+h+n8h4Vjyu1 ZBmbDK7EDGtavTz0hz9oPwLrxFEDRe2HsBkyQOKsirUzcoZldmdJGARFh6mmKbK7 cXkhPXpTsVmj5+WNJXDSKO4EFUYk5wgdbVuylmirv5GPG38j4PWybbTAL5AE0Gs4 Q9IpSzujcLYZx8MQ4V4D6DSVY8AP09fOywlW5wlWp4jQCHAB4GuyBd/1tGh4EF78 2YyevSwfVXxkE/pBxym2jKCfzFVXfD5CM5Qed1GH8WLu3lW0UUlioDg6+wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFClxaFeEw1FmzL3N7oCoIMv/yiqrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NjI3MDdkLTk4YmQtNGIyNC05MWNiLTA3MGY5OGJmMWFjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9ggwDQYJKoZIhvcNAQELBQADggEBACyOmgHiYRQSCoifD95A HlK96j92pLYcvGQsCwsWZJrGpanTq+Kv+cglEI+wVJPsGESOyNSrVqX+ez+3rOV8 6m7imALbZ3WH0E9AbYvfFp7tehJTq2T6KcAHFvjlcBlblGU/Tpx0dNKnvrNEhZCs P+MrtdfpEEcDPeIatlqHKRDOaUv032cfBX0k7eKaTIg76PUwUaAms75upYi73ocL ySrd7dRseQ7ZnEIRrdT+403lVcbr6Yg02ioVqiMLLRLLwTrQ1brZX9yody895dKe +wstO58Pk8nQ3eF+7/0LA9VG4GzDYnkx42ZgVslctHE5a9RpP3tp9VWbq8pYYV0t j/s= -----END CERTIFICATE-----Generated at Thu May 2 17:17:02 2024 by rpki-client on console-ams.rpki-client.org