$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa File: e1567509-f31d-4739-a7a6-ed24530c598b.roa (raw, json) Hash identifier: g5d8+CkJFKuySYvyTNGfEtAt1vW3OvY4RYwInTNp5Fk= Subject key identifier: 35:66:DB:D7:B8:23:4E:B0:7E:D5:2F:3F:B0:4E:BF:66:CA:41:D8:50 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7BCAC6D080736457792169E6293651BE2FA01CFB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa Signing time: Tue 09 Jul 2024 00:00:00 +0000 ROA not before: Tue 09 Jul 2024 00:00:00 +0000 ROA not after: Tue 13 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:ca:c6:d0:80:73:64:57:79:21:69:e6:29:36:51:be:2f:a0:1c:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 9 00:00:00 2024 GMT Not After : Aug 13 23:59:59 2024 GMT Subject: serialNumber=b75aa09a07abbbdb501c620265544d12b2acac5743c3c9651387486774f4a363, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:fe:67:08:47:96:eb:ab:3d:98:ef:1e:e0:cc: b6:1d:2a:6d:65:97:66:92:dc:9e:a4:b8:1e:98:90: 04:30:3b:d4:21:bf:32:c1:c4:1e:bf:2f:62:89:9e: 81:0a:6b:22:e3:95:b3:b3:87:0c:8c:33:48:25:c3: 3f:8d:90:a3:e6:55:e5:53:89:4d:7b:3b:91:db:72: 94:dd:d5:81:6e:61:d1:af:8c:5b:19:e8:00:e7:88: 46:29:86:d8:c9:cb:8b:0d:e3:a6:59:e8:2b:d1:30: 55:74:5f:a2:47:0c:ac:17:0d:7c:03:d9:74:12:cd: db:a2:3e:78:e7:9b:93:aa:9f:3b:be:00:be:c2:27: 6e:8e:6f:72:29:1b:0f:0b:ee:83:e7:af:b8:92:ce: 42:0d:6f:7e:e9:cf:b5:d4:b1:8a:4e:84:e1:13:3b: b9:44:a0:51:8a:77:c3:af:5f:a0:00:ae:1e:7e:8a: 4b:82:26:65:07:86:0c:7b:7f:12:9d:7b:fb:b0:97: 66:a6:a8:c0:18:ab:fa:a1:61:f8:1b:8d:09:7c:3c: 0f:9c:7f:14:26:ee:40:a3:3e:c6:87:6e:a7:1f:fc: 09:af:93:a7:4b:41:e6:95:d4:53:54:ab:4f:40:6d: a1:93:c3:bc:02:b8:f0:ae:ec:3d:24:65:84:da:85: e2:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:66:DB:D7:B8:23:4E:B0:7E:D5:2F:3F:B0:4E:BF:66:CA:41:D8:50 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:c000::/40 Signature Algorithm: sha256WithRSAEncryption a1:c1:70:db:3f:4f:59:b0:dc:23:5c:f3:ec:d8:19:72:94:2b: f5:72:ee:20:de:cb:a2:ee:1f:4c:8f:d3:7a:f3:ef:da:4c:08: 02:04:ab:67:fc:d7:4f:29:fa:ab:39:88:16:e3:18:29:c2:dd: 0e:78:ef:3a:06:52:3c:bc:48:d0:7b:9b:d0:b7:8f:d8:a2:0f: c5:87:55:29:6a:d6:fc:2b:c7:d3:76:90:b8:9b:3f:ed:5b:01: 19:61:78:c2:97:06:82:c2:b6:fd:b4:25:9c:39:2b:8d:7b:53: 42:4e:82:12:2e:fa:45:46:01:7f:e7:f2:ea:5e:dc:9a:54:7a: ed:78:31:97:bf:f0:98:01:48:26:a5:e8:58:24:ad:9b:fe:47: d2:85:c4:0d:e0:b5:9f:35:e7:93:57:50:d3:cc:05:34:ca:c9: 76:91:eb:43:d3:6b:c6:2a:13:cf:16:e1:87:70:22:05:cb:fc: 9b:79:e8:48:6e:b4:22:fb:7d:12:ea:48:db:fa:5d:f2:34:c5: d1:50:4b:55:5c:64:84:a4:a8:4f:d0:ab:1b:d2:25:57:d7:3a: bb:3c:00:e2:a0:29:5c:8d:1e:4d:78:2a:2f:be:01:9c:13:0e: 01:4c:06:55:5f:53:91:86:37:db:69:09:e2:7e:fe:e8:de:83: 88:60:9a:d2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUe8rG0IBzZFd5IWnmKTZRvi+gHPswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwOTAwMDAwMFoX DTI0MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAYjc1YWEwOWEwN2FiYmJkYjUwMWM2 MjAyNjU1NDRkMTJiMmFjYWM1NzQzYzNjOTY1MTM4NzQ4Njc3NGY0YTM2MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/5nCEeW66s9mO8e4My2HSptZZdm ktyepLgemJAEMDvUIb8ywcQevy9iiZ6BCmsi45Wzs4cMjDNIJcM/jZCj5lXlU4lN ezuR23KU3dWBbmHRr4xbGegA54hGKYbYycuLDeOmWegr0TBVdF+iRwysFw18A9l0 Es3boj5455uTqp87vgC+widujm9yKRsPC+6D56+4ks5CDW9+6c+11LGKToThEzu5 RKBRinfDr1+gAK4efopLgiZlB4YMe38SnXv7sJdmpqjAGKv6oWH4G40JfDwPnH8U Ju5Aoz7Gh26nH/wJr5OnS0HmldRTVKtPQG2hk8O8Arjwruw9JGWE2oXi3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDVm29e4I06wftUvP7BOv2bKQdhQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UxNTY3NTA5LWYzMWQtNDczOS1hN2E2LWVkMjQ1MzBjNTk4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9cAwDQYJKoZIhvcNAQELBQADggEBAKHBcNs/T1mw3CNc8+zY GXKUK/Vy7iDey6LuH0yP03rz79pMCAIEq2f8108p+qs5iBbjGCnC3Q547zoGUjy8 SNB7m9C3j9iiD8WHVSlq1vwrx9N2kLibP+1bARlheMKXBoLCtv20JZw5K417U0JO ghIu+kVGAX/n8upe3JpUeu14MZe/8JgBSCal6FgkrZv+R9KFxA3gtZ8155NXUNPM BTTKyXaR60PTa8YqE88W4YdwIgXL/Jt56EhutCL7fRLqSNv6XfI0xdFQS1VcZISk qE/QqxvSJVfXOrs8AOKgKVyNHk14Ki++AZwTDgFMBlVfU5GGN9tpCeJ+/ujeg4hg mtI= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:41 2024 by rpki-client on console-ams.rpki-client.org