$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dadda27f-7691-4ec0-8708-24e30f7b49ad.roa File: dadda27f-7691-4ec0-8708-24e30f7b49ad.roa (raw, json) Hash identifier: OrlgSIlMQ0WE6AfZFnba/q0gnAkddY9nIO4X37EVOWg= Subject key identifier: CD:D1:B7:83:2E:15:EE:AD:47:84:74:C1:AB:51:35:AF:74:60:FF:D9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 246AB5AD4097E4C6AF8A2D46457E332DCB94BE4F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dadda27f-7691-4ec0-8708-24e30f7b49ad.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:6a:b5:ad:40:97:e4:c6:af:8a:2d:46:45:7e:33:2d:cb:94:be:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=8a79fc1c0704ca05c283b2d09a08a1b5bdb6ec17eb426fa3a3ff2e1aad6c5c9f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:ad:3e:db:62:c6:11:ac:57:52:54:8e:3c:3c: 5c:5e:70:eb:dd:47:e3:5a:1a:86:bb:e0:34:21:6e: ec:e2:ef:86:8e:8e:14:bb:ae:33:1f:2e:d2:cc:e0: 06:c8:b2:6d:d2:d7:f3:25:6a:de:23:3d:eb:49:e4: 6c:88:d6:7e:b1:ac:f5:48:cf:b7:98:98:ce:e2:36: 80:41:73:2e:f0:bc:f0:4b:95:1e:26:0c:62:08:6f: a1:f1:98:48:00:ac:29:d1:0f:af:a9:f4:82:2f:10: 5e:75:99:a7:98:8d:90:f3:d5:55:18:7c:b3:cc:9b: 69:2f:c3:4b:bb:13:ea:c8:98:99:3b:96:89:f6:0e: c9:e9:94:b0:d5:23:a3:9b:6f:24:98:ff:14:c6:e5: ef:8c:2e:0b:21:34:2b:05:30:fa:bc:00:35:d2:3d: ca:b5:e4:91:a0:a5:b3:03:1f:40:5c:7e:b0:b9:78: 38:b8:c1:f7:d6:08:28:2a:a5:82:fe:34:56:e4:ea: 7c:c9:30:71:90:15:8b:1a:9c:aa:e6:27:a6:a8:7b: 6b:b8:77:cd:1c:ff:03:96:f8:37:b2:cf:e7:6b:86: e7:8b:df:0d:e4:89:7a:99:03:5c:80:6c:dc:0f:54: 45:22:87:20:4e:e7:6c:07:35:78:9c:ba:a5:ac:b5: e7:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:D1:B7:83:2E:15:EE:AD:47:84:74:C1:AB:51:35:AF:74:60:FF:D9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dadda27f-7691-4ec0-8708-24e30f7b49ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14::/36 Signature Algorithm: sha256WithRSAEncryption 0b:60:07:e5:ef:71:5c:8e:57:d1:48:52:94:ae:40:b8:1b:96: 69:00:cd:ba:bc:0c:95:16:3c:1f:4a:de:3b:66:29:58:f6:9d: 9a:54:26:09:42:1d:05:25:36:31:1b:df:36:87:08:41:70:e0: 06:ac:ee:db:b8:b4:aa:a7:bd:2e:66:bc:10:88:7a:dd:62:5f: a8:14:3d:76:20:2b:6c:05:09:6c:c2:97:b1:f4:6a:08:d1:3d: 44:6e:bb:40:13:be:e3:59:a1:ca:c7:92:50:5f:60:86:bb:60: 7a:eb:03:ea:78:a4:3a:18:e5:02:9f:43:0d:2b:c2:b2:84:b7: 5c:41:6e:b0:a8:f2:cc:76:8c:1e:7b:da:02:28:08:63:c7:ea: ff:81:22:d0:04:60:60:05:04:b4:c6:9f:a4:4d:81:26:19:aa: 4d:18:47:f7:0b:45:b6:c0:5f:24:48:15:c8:3a:41:77:6a:ce: e6:5d:a9:b6:9e:4a:3b:a4:d5:5b:4b:44:cf:23:aa:17:28:71: ab:be:22:3f:89:12:53:45:a0:11:aa:9d:91:4b:16:c5:4a:9c: 11:cd:35:aa:1e:a3:f3:5b:3d:1b:a7:f7:cb:65:76:89:46:63: c8:c1:aa:c7:61:b9:88:b7:8f:13:56:5d:8f:2e:33:b3:05:b8: 7b:b6:59:ba -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJGq1rUCX5Mavii1GRX4zLcuUvk8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAOGE3OWZjMWMwNzA0Y2EwNWMyODNi MmQwOWEwOGExYjViZGI2ZWMxN2ViNDI2ZmEzYTNmZjJlMWFhZDZjNWM5ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy60+22LGEaxXUlSOPDxcXnDr3Ufj WhqGu+A0IW7s4u+Gjo4Uu64zHy7SzOAGyLJt0tfzJWreIz3rSeRsiNZ+saz1SM+3 mJjO4jaAQXMu8LzwS5UeJgxiCG+h8ZhIAKwp0Q+vqfSCLxBedZmnmI2Q89VVGHyz zJtpL8NLuxPqyJiZO5aJ9g7J6ZSw1SOjm28kmP8UxuXvjC4LITQrBTD6vAA10j3K teSRoKWzAx9AXH6wuXg4uMH31ggoKqWC/jRW5Op8yTBxkBWLGpyq5iemqHtruHfN HP8Dlvg3ss/na4bni98N5Il6mQNcgGzcD1RFIocgTudsBzV4nLqlrLXnQwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM3Rt4MuFe6tR4R0watRNa90YP/ZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RhZGRhMjdmLTc2OTEtNGVjMC04NzA4LTI0ZTMwZjdiNDlhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFAAwDQYJKoZIhvcNAQELBQADggEBAAtgB+XvcVyOV9FIUpSu QLgblmkAzbq8DJUWPB9K3jtmKVj2nZpUJglCHQUlNjEb3zaHCEFw4Aas7tu4tKqn vS5mvBCIet1iX6gUPXYgK2wFCWzCl7H0agjRPURuu0ATvuNZocrHklBfYIa7YHrr A+p4pDoY5QKfQw0rwrKEt1xBbrCo8sx2jB572gIoCGPH6v+BItAEYGAFBLTGn6RN gSYZqk0YR/cLRbbAXyRIFcg6QXdqzuZdqbaeSjuk1VtLRM8jqhcocau+Ij+JElNF oBGqnZFLFsVKnBHNNaoeo/NbPRun98tldolGY8jBqsdhuYi3jxNWXY8uM7MFuHu2 Wbo= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org