$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa File: e1567509-f31d-4739-a7a6-ed24530c598b.roa (raw, json) Hash identifier: nxu+p4n8kryN0ldDRU8o13S57QfKI2Za6eD7Kwnm0lc= Subject key identifier: B6:F1:23:D5:12:04:07:35:56:A3:09:23:23:99:D9:F8:AE:7D:F7:A3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3CE134A65DEB5FF3C9A860DDB7400433EFEC60B0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa Signing time: Wed 24 Apr 2024 00:00:00 +0000 ROA not before: Wed 24 Apr 2024 00:00:00 +0000 ROA not after: Wed 29 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 15:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:e1:34:a6:5d:eb:5f:f3:c9:a8:60:dd:b7:40:04:33:ef:ec:60:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 24 00:00:00 2024 GMT Not After : May 29 23:59:59 2024 GMT Subject: serialNumber=1e1b75ddf8768c65b8a059f2536953aafab7938a510d2c156ab87598ee7b0527, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ad:28:cd:aa:9f:b4:aa:2c:2c:2f:20:3e:40: f0:b3:bc:a9:3e:21:98:3c:1a:2c:42:39:33:61:37: 3b:ac:46:cd:17:f2:46:15:91:4d:de:56:2c:52:44: 95:5c:37:c6:75:51:35:e5:6b:f2:19:7d:7b:6d:92: a7:54:0f:3c:ec:64:e8:3e:2d:45:98:b8:1b:3c:92: dd:f6:d4:7f:b8:4b:13:c8:ff:b5:21:1d:d8:9e:a1: 44:46:ff:d2:7b:e7:33:4a:12:66:d5:58:d8:53:c8: 6c:7c:b9:71:17:05:19:1d:09:05:c9:b8:6f:17:3c: ad:ef:41:ad:d2:f9:c8:2d:74:52:d8:0b:ee:64:13: 21:e8:dc:1f:31:ef:50:03:b8:85:df:62:c7:2b:67: 11:17:b8:26:f4:78:d6:6a:1b:c0:75:10:f7:cf:a8: 3a:33:c9:8f:8a:cb:de:0f:00:6a:e0:ff:9f:8a:d1: c7:9e:d2:ed:b3:6a:61:73:e1:12:c9:69:db:2d:fd: 11:0d:ba:ff:d0:f8:5a:99:09:7f:3e:24:47:67:4b: af:52:a6:3d:58:28:c5:5f:0d:17:e6:5b:41:87:ad: 28:3e:a4:78:b0:59:d6:74:02:c5:08:ad:06:32:1f: 68:02:e4:ee:ca:5a:39:bf:21:f9:75:4e:18:68:23: 03:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:F1:23:D5:12:04:07:35:56:A3:09:23:23:99:D9:F8:AE:7D:F7:A3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:c000::/40 Signature Algorithm: sha256WithRSAEncryption 48:3f:ad:70:e3:61:4f:9b:d3:af:8c:7a:e5:3b:ed:c3:8d:36: f8:fe:07:e9:c6:fd:e8:7c:75:19:99:36:79:7c:ce:58:d4:94: 81:59:70:fc:f4:d6:64:67:c3:6b:1b:46:c2:48:4d:75:30:35: c7:c4:eb:65:7d:bd:01:f9:b2:2f:57:3b:40:50:f5:3a:f2:d4: 32:4d:61:16:2b:f6:8e:8c:c4:42:0e:17:e9:2b:1f:9f:d3:fd: 97:97:c3:47:51:55:e9:06:b6:5d:f9:d3:a2:fa:81:41:c9:fd: c5:e4:26:45:fa:fd:33:d9:50:b4:9f:cf:b2:0e:c4:90:88:c8: 40:2c:b5:fc:54:5c:a4:77:63:af:89:d0:92:4b:dd:bf:7e:44: f7:b8:4b:0f:42:90:28:36:34:b9:0f:e0:bc:48:18:f4:5d:e4: a0:41:e5:a0:c6:b1:b5:ee:31:8a:51:49:01:3d:f7:d7:5f:79: 48:62:2e:e8:6e:62:83:25:ff:a2:ad:b5:7a:b1:15:30:84:56: 0b:90:7f:59:cd:06:06:f3:5c:e5:21:3b:b6:9e:ce:31:3a:33: 5d:f3:bc:ed:4f:b7:ea:0d:dd:84:d9:61:92:5f:7d:29:f4:a9: 06:75:da:73:37:a6:b8:e5:f3:47:d2:bf:a3:d1:30:d9:34:31: ea:d3:7b:54 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPOE0pl3rX/PJqGDdt0AEM+/sYLAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyNDAwMDAwMFoX DTI0MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAMWUxYjc1ZGRmODc2OGM2NWI4YTA1 OWYyNTM2OTUzYWFmYWI3OTM4YTUxMGQyYzE1NmFiODc1OThlZTdiMDUyNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK0ozaqftKosLC8gPkDws7ypPiGY PBosQjkzYTc7rEbNF/JGFZFN3lYsUkSVXDfGdVE15WvyGX17bZKnVA887GToPi1F mLgbPJLd9tR/uEsTyP+1IR3YnqFERv/Se+czShJm1VjYU8hsfLlxFwUZHQkFybhv Fzyt70Gt0vnILXRS2AvuZBMh6NwfMe9QA7iF32LHK2cRF7gm9HjWahvAdRD3z6g6 M8mPisveDwBq4P+fitHHntLts2phc+ESyWnbLf0RDbr/0PhamQl/PiRHZ0uvUqY9 WCjFXw0X5ltBh60oPqR4sFnWdALFCK0GMh9oAuTuylo5vyH5dU4YaCMDdwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLbxI9USBAc1VqMJIyOZ2fiuffejMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UxNTY3NTA5LWYzMWQtNDczOS1hN2E2LWVkMjQ1MzBjNTk4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9cAwDQYJKoZIhvcNAQELBQADggEBAEg/rXDjYU+b06+MeuU7 7cONNvj+B+nG/eh8dRmZNnl8zljUlIFZcPz01mRnw2sbRsJITXUwNcfE62V9vQH5 si9XO0BQ9Try1DJNYRYr9o6MxEIOF+krH5/T/ZeXw0dRVekGtl3506L6gUHJ/cXk JkX6/TPZULSfz7IOxJCIyEAstfxUXKR3Y6+J0JJL3b9+RPe4Sw9CkCg2NLkP4LxI GPRd5KBB5aDGsbXuMYpRSQE999dfeUhiLuhuYoMl/6KttXqxFTCEVguQf1nNBgbz XOUhO7aezjE6M13zvO1Pt+oN3YTZYZJffSn0qQZ12nM3prjl80fSv6PRMNk0MerT e1Q= -----END CERTIFICATE-----Generated at Thu May 2 14:40:18 2024 by rpki-client on console-ams.rpki-client.org