$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa File: d874a882-7cd5-41b7-aeff-555ab68043f0.roa (raw, json) Hash identifier: vlKEn+qcOt4HSbYGiOTDGy1pTOAoaJC0Avvr6hcA/GQ= Subject key identifier: 83:2D:45:E4:72:E8:0E:FA:23:74:C7:20:1A:68:24:82:AD:EB:ED:37 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1ABB9E3648F4CFEA41DE288427AC648B7E449DB4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:bb:9e:36:48:f4:cf:ea:41:de:28:84:27:ac:64:8b:7e:44:9d:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=fb81e95fe7a2cd5136500d26c4951f285e3b60a96310a7d2b00ad35396a3dd2b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:cb:29:94:47:86:57:da:33:f9:16:42:b7:66: b4:c5:d1:dc:ea:09:be:a9:57:c9:67:78:1c:8b:9b: fd:a2:10:0a:a3:78:b4:64:ce:3c:b6:91:cb:e5:dd: a4:28:c9:da:c4:81:38:b6:e9:a6:93:e6:37:57:a6: cd:c3:8a:b2:be:85:16:9f:cb:f5:ae:2b:6c:4e:8a: e3:97:31:5b:b2:86:6e:d3:af:5f:7f:5f:17:26:83: 7e:5d:c7:19:d9:be:d0:18:b5:06:50:41:73:3a:09: 99:57:e8:88:2a:f4:29:36:22:5a:57:92:3c:05:54: 3e:8e:7b:43:32:b1:e2:fb:a3:c2:ee:39:ae:0b:7c: 81:ad:8e:2b:07:10:e1:63:e4:2a:e8:50:3d:38:53: f3:ce:ff:c5:d3:3a:14:4b:1e:77:20:06:d7:71:7d: 6f:c0:22:a6:c9:0b:e8:2a:8c:cc:de:d5:26:65:7b: 8c:4d:cf:86:89:21:0e:f6:eb:4f:9d:c8:39:f2:a6: 5d:7e:e5:85:83:a7:40:a9:e6:76:52:f9:e1:9e:24: 65:d4:35:42:97:fc:cb:f7:76:d8:ea:61:91:4c:9b: b8:fd:67:33:98:58:e8:4d:bd:99:0c:17:41:f9:d1: 81:2b:d2:be:3d:14:8d:89:ce:b6:bc:10:50:5a:42: b7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:2D:45:E4:72:E8:0E:FA:23:74:C7:20:1A:68:24:82:AD:EB:ED:37 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:e000::/40 Signature Algorithm: sha256WithRSAEncryption 11:08:f4:a5:b8:10:23:30:a1:94:06:6d:48:c8:5b:b6:08:86: 9f:75:76:b3:eb:6b:7e:6d:61:81:9c:2b:54:52:87:3e:81:9c: cc:93:b2:10:19:b1:f8:71:7a:47:59:78:3e:de:1f:3e:a0:05: 03:e9:1e:72:b0:ac:76:a5:42:c2:7c:fc:7e:8b:7b:4e:c4:49: a4:5a:3e:46:80:28:c5:21:e1:35:5d:8e:bd:e0:48:2a:bf:8e: d5:af:02:10:a3:07:9d:f4:79:03:cd:94:c3:59:54:01:7f:48: 78:6b:84:a0:c3:c2:09:8d:37:82:63:c6:8a:c3:b1:70:35:f1: ef:0c:db:b9:f1:0b:a6:33:eb:07:07:00:a9:62:b5:14:d0:d5: 9f:83:cf:41:af:db:63:ea:73:a7:7e:ee:78:8d:5e:2b:70:f1: ba:30:22:56:eb:7c:75:d0:c5:48:d7:d2:cf:30:c3:f0:ca:0d: 4c:f8:43:63:07:84:c3:c5:27:94:2a:cf:b5:3e:79:c7:b5:14: eb:f5:c9:1c:6d:60:4d:69:e8:a5:b9:b0:b2:d8:32:97:ee:e6: 8c:df:35:c1:05:ad:c1:e5:15:c1:37:c1:b0:30:26:43:c9:7b: 06:e6:52:2b:56:86:5d:2f:2e:3d:d2:d7:f4:a9:1c:c6:85:c2: cb:ef:13:03 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGrueNkj0z+pB3iiEJ6xki35EnbQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAZmI4MWU5NWZlN2EyY2Q1MTM2NTAw ZDI2YzQ5NTFmMjg1ZTNiNjBhOTYzMTBhN2QyYjAwYWQzNTM5NmEzZGQyYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ssplEeGV9oz+RZCt2a0xdHc6gm+ qVfJZ3gci5v9ohAKo3i0ZM48tpHL5d2kKMnaxIE4tummk+Y3V6bNw4qyvoUWn8v1 ritsTorjlzFbsoZu069ff18XJoN+XccZ2b7QGLUGUEFzOgmZV+iIKvQpNiJaV5I8 BVQ+jntDMrHi+6PC7jmuC3yBrY4rBxDhY+Qq6FA9OFPzzv/F0zoUSx53IAbXcX1v wCKmyQvoKozM3tUmZXuMTc+GiSEO9utPncg58qZdfuWFg6dAqeZ2UvnhniRl1DVC l/zL93bY6mGRTJu4/WczmFjoTb2ZDBdB+dGBK9K+PRSNic62vBBQWkK3zQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIMtReRy6A76I3THIBpoJIKt6+03MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NzRhODgyLTdjZDUtNDFiNy1hZWZmLTU1NWFiNjgwNDNmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+OAwDQYJKoZIhvcNAQELBQADggEBABEI9KW4ECMwoZQGbUjI W7YIhp91drPra35tYYGcK1RShz6BnMyTshAZsfhxekdZeD7eHz6gBQPpHnKwrHal QsJ8/H6Le07ESaRaPkaAKMUh4TVdjr3gSCq/jtWvAhCjB530eQPNlMNZVAF/SHhr hKDDwgmNN4JjxorDsXA18e8M27nxC6Yz6wcHAKlitRTQ1Z+Dz0Gv22Pqc6d+7niN Xitw8bowIlbrfHXQxUjX0s8ww/DKDUz4Q2MHhMPFJ5Qqz7U+ece1FOv1yRxtYE1p 6KW5sLLYMpfu5ozfNcEFrcHlFcE3wbAwJkPJewbmUitWhl0vLj3S1/SpHMaFwsvv EwM= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org