$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa File: e0fbaecf-3318-488e-80aa-57f0a5202e27.roa (raw, json) Hash identifier: r8EHNHMq/n07BReLYFoJTwtuNtgUPOEI6LFqMwBDQA0= Subject key identifier: 39:6D:66:24:65:C9:14:53:42:AE:DA:3E:55:8D:28:1E:35:F0:03:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0EB4F132FA333369B78F8A1D7DA200B01BE7AE29 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa Signing time: Wed 10 Apr 2024 00:00:00 +0000 ROA not before: Wed 10 Apr 2024 00:00:00 +0000 ROA not after: Wed 15 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Apr 2024 00:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:b4:f1:32:fa:33:33:69:b7:8f:8a:1d:7d:a2:00:b0:1b:e7:ae:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 10 00:00:00 2024 GMT Not After : May 15 23:59:59 2024 GMT Subject: serialNumber=a8dd240168e7dc336a143f25ab2184d5100c217f5293dde2d372c6a24e00e565, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:65:00:33:1e:7a:f1:89:f8:d8:19:76:41:24: 25:71:aa:f7:94:1f:93:63:ad:6b:f2:c9:c9:68:10: 19:72:3c:3b:af:06:8b:71:26:6f:3f:f9:44:85:b5: fe:1f:52:e4:b6:71:7a:a4:14:60:8c:40:1d:51:a5: 45:0e:c3:7a:e1:ad:3a:53:8c:4d:78:da:7e:0c:53: aa:c6:90:17:79:bb:bc:9e:e3:03:71:17:6c:9b:80: b9:82:82:fc:32:e2:e7:5f:8f:92:40:4f:86:3b:04: 19:ba:5a:3b:e3:55:5d:b1:28:c2:ba:74:d7:fb:de: f7:79:59:23:c2:55:c3:9c:7c:cb:de:b3:68:2e:c3: 2f:8c:ed:92:55:1f:5e:65:97:0c:d7:c4:19:06:fe: 56:f2:a7:41:77:d0:ba:7b:ab:a6:d0:cd:81:3d:2d: 5d:10:5d:ec:51:57:27:48:91:a3:cb:75:54:53:4b: 54:55:27:5f:4b:5d:d8:4f:50:55:ae:06:84:d9:53: 8d:6e:fb:61:7e:15:ef:41:d5:08:49:84:ab:0a:bc: 81:7c:22:0c:11:88:70:9b:7d:ff:8a:13:e3:58:59: eb:30:17:e3:af:66:b2:9f:f2:e2:aa:e3:df:87:58: 54:94:d7:d1:18:73:f7:3d:10:09:9c:7e:5c:7d:3b: 9b:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:6D:66:24:65:C9:14:53:42:AE:DA:3E:55:8D:28:1E:35:F0:03:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:8000::/40 Signature Algorithm: sha256WithRSAEncryption b7:06:2f:e8:6e:60:90:63:14:68:cc:f3:3b:06:2d:e2:e5:e8: 2b:51:f6:9a:bf:37:93:1c:e1:5b:37:19:a3:b1:af:5e:3d:aa: e4:7e:df:39:b6:9b:43:da:25:40:13:8d:d5:80:c8:7b:4c:5c: e6:f8:89:51:d0:24:9a:50:d3:4e:61:a9:c7:c6:24:55:de:42: 96:81:a8:16:95:58:cd:26:76:b8:b3:95:e1:1c:43:58:ee:2f: bd:b6:51:de:34:4f:c0:22:83:b6:78:95:7a:7b:2d:99:a8:18: 62:54:1a:c5:28:d6:f5:e0:0c:7d:61:71:13:cc:c7:9c:39:14: 28:cf:67:e2:8b:71:b6:44:73:1c:1d:af:80:77:81:d7:9c:9c: 84:d9:87:83:9b:36:65:9d:dc:05:0a:2c:76:fe:de:50:2c:ac: d2:61:f5:72:fb:8c:4a:0d:4d:a7:0b:5c:2b:8f:26:ae:d8:c6: e4:68:b6:5f:0e:75:4d:31:5e:c0:56:76:e7:99:8d:45:dc:63: 73:92:05:5f:17:02:e1:a2:91:8d:f3:73:c7:49:f7:1a:41:8a: 57:8e:5f:01:7b:66:04:df:14:c6:55:ad:f7:2d:8e:00:97:7d: c7:e5:3a:c6:31:fe:1a:d1:a9:da:d6:fc:29:47:4f:e7:33:e3: 52:0c:c2:7e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDrTxMvozM2m3j4odfaIAsBvnrikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQxMDAwMDAwMFoX DTI0MDUxNTIzNTk1OVowejFJMEcGA1UEBRNAYThkZDI0MDE2OGU3ZGMzMzZhMTQz ZjI1YWIyMTg0ZDUxMDBjMjE3ZjUyOTNkZGUyZDM3MmM2YTI0ZTAwZTU2NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWUAMx568Yn42Bl2QSQlcar3lB+T Y61r8snJaBAZcjw7rwaLcSZvP/lEhbX+H1LktnF6pBRgjEAdUaVFDsN64a06U4xN eNp+DFOqxpAXebu8nuMDcRdsm4C5goL8MuLnX4+SQE+GOwQZulo741VdsSjCunTX +973eVkjwlXDnHzL3rNoLsMvjO2SVR9eZZcM18QZBv5W8qdBd9C6e6um0M2BPS1d EF3sUVcnSJGjy3VUU0tUVSdfS13YT1BVrgaE2VONbvthfhXvQdUISYSrCryBfCIM EYhwm33/ihPjWFnrMBfjr2ayn/LiquPfh1hUlNfRGHP3PRAJnH5cfTubUwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDltZiRlyRRTQq7aPlWNKB418ANZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwZmJhZWNmLTMzMTgtNDg4ZS04MGFhLTU3ZjBhNTIwMmUyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAIAwDQYJKoZIhvcNAQELBQADggEBALcGL+huYJBjFGjM8zsG LeLl6CtR9pq/N5Mc4Vs3GaOxr149quR+3zm2m0PaJUATjdWAyHtMXOb4iVHQJJpQ 005hqcfGJFXeQpaBqBaVWM0mdrizleEcQ1juL722Ud40T8Aig7Z4lXp7LZmoGGJU GsUo1vXgDH1hcRPMx5w5FCjPZ+KLcbZEcxwdr4B3gdecnITZh4ObNmWd3AUKLHb+ 3lAsrNJh9XL7jEoNTacLXCuPJq7YxuRotl8OdU0xXsBWdueZjUXcY3OSBV8XAuGi kY3zc8dJ9xpBileOXwF7ZgTfFMZVrfctjgCXfcflOsYx/hrRqdrW/ClHT+cz41IM wn4= -----END CERTIFICATE-----Generated at Wed Apr 17 01:25:28 2024 by rpki-client on console-ams.rpki-client.org