$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e349b597-0f1d-4a25-8fba-bd1085fa368b.roa File: e349b597-0f1d-4a25-8fba-bd1085fa368b.roa (raw, json) Hash identifier: f4AKYSSi6X9y0RxkVp3dPjrLJfypYTHFk4gZbjxglQ8= Subject key identifier: 03:16:AA:13:32:39:D7:86:A1:6E:51:EF:F3:5A:C8:57:85:FD:13:E9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3889A17CC39922FA8C11616F388AD8E48B8757CF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e349b597-0f1d-4a25-8fba-bd1085fa368b.roa Signing time: Tue 02 Jul 2024 00:00:00 +0000 ROA not before: Tue 02 Jul 2024 00:00:00 +0000 ROA not after: Tue 06 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:89:a1:7c:c3:99:22:fa:8c:11:61:6f:38:8a:d8:e4:8b:87:57:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 2 00:00:00 2024 GMT Not After : Aug 6 23:59:59 2024 GMT Subject: serialNumber=a24519b87648a18766bc3c8b29155b39ff9215df54425f4adcbe37a3d830a855, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:3f:b3:15:9c:10:a0:61:c7:e5:3c:08:93:71: 5a:9b:6f:f4:01:2d:9b:7a:3a:f6:94:5a:cd:90:55: 67:cc:ef:f0:45:73:89:62:be:45:34:03:cc:98:96: 18:fe:94:8d:cf:cb:be:0a:2f:ae:43:09:82:88:ce: 33:68:a4:f9:ba:d9:ef:51:31:35:ee:86:6e:e0:82: 56:7e:6b:4e:60:9e:77:96:cb:74:67:50:44:41:c8: a7:db:6c:dd:ca:23:2a:cf:c1:8b:74:38:a5:07:aa: b3:1c:85:ee:35:2b:2b:8d:fa:5a:41:1d:58:01:22: fd:4d:06:a4:44:3e:89:c9:f1:94:f3:ac:a4:1f:7e: 54:8a:ad:0c:0a:05:67:83:9b:bd:9f:67:64:5f:80: 51:fb:a5:11:3e:a4:4e:b0:5b:3b:be:ab:76:2c:b4: fe:77:61:55:f3:ab:29:8d:3d:34:ea:da:fc:57:87: 1b:9a:6a:93:92:e6:9a:d1:2d:40:cf:dc:c6:65:ff: 25:7f:d0:c3:4e:0b:3f:47:41:2a:e3:5f:16:91:ce: 9c:b8:8c:24:1f:2d:a5:2b:51:58:af:d9:3e:7f:97: e1:f2:2c:13:c0:2b:2a:a5:bc:1e:5d:8b:5d:e7:19: 84:fb:7d:bd:96:2e:8a:d8:c8:c8:57:d4:c6:4e:2f: a8:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:16:AA:13:32:39:D7:86:A1:6E:51:EF:F3:5A:C8:57:85:FD:13:E9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e349b597-0f1d-4a25-8fba-bd1085fa368b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:8800::/40 Signature Algorithm: sha256WithRSAEncryption 1c:42:21:9b:06:f9:40:17:de:b6:eb:31:ab:92:56:6e:27:6e: 63:b9:c6:c1:95:48:5a:4c:fd:66:ef:16:ab:8a:e8:8c:31:c2: 13:cb:c7:30:e9:5f:dd:78:48:f5:c4:27:64:26:a7:3b:cb:1a: 0c:5c:4f:36:54:57:88:68:d3:d8:95:57:e4:75:42:3f:ff:5c: 73:79:a6:6f:83:a2:53:9b:5b:eb:79:95:eb:95:0d:05:3c:91: cf:73:50:0c:5e:77:b7:32:f8:54:a8:9a:24:84:16:ea:4d:7d: ea:1d:fd:b8:46:7f:e2:e0:d8:76:9e:85:5f:ab:a5:b4:a8:bc: 58:9c:73:24:a6:22:90:77:21:60:bf:9b:af:af:af:29:14:50: d4:95:1e:47:7f:d9:82:a0:88:a4:14:7c:5d:d5:0d:34:cd:ab: f7:02:43:8b:f7:00:c0:1f:2c:48:3a:40:fd:18:0d:b3:91:a3: 4f:52:f4:61:70:fb:cf:bc:56:c1:0e:d7:e2:2e:5a:16:c8:39: 2d:f4:4a:db:4f:43:56:e8:e9:29:36:e6:59:32:a5:a8:f2:1d: 4d:db:1c:f8:b7:89:86:1e:81:f2:c7:73:b1:d5:ad:37:73:c0: da:fa:cd:b0:b6:51:82:94:b5:62:a5:42:71:83:69:38:a8:f7: d2:ea:36:1f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOImhfMOZIvqMEWFvOIrY5IuHV88wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwMjAwMDAwMFoX DTI0MDgwNjIzNTk1OVowejFJMEcGA1UEBRNAYTI0NTE5Yjg3NjQ4YTE4NzY2YmMz YzhiMjkxNTViMzlmZjkyMTVkZjU0NDI1ZjRhZGNiZTM3YTNkODMwYTg1NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT+zFZwQoGHH5TwIk3Fam2/0AS2b ejr2lFrNkFVnzO/wRXOJYr5FNAPMmJYY/pSNz8u+Ci+uQwmCiM4zaKT5utnvUTE1 7oZu4IJWfmtOYJ53lst0Z1BEQcin22zdyiMqz8GLdDilB6qzHIXuNSsrjfpaQR1Y ASL9TQakRD6JyfGU86ykH35Uiq0MCgVng5u9n2dkX4BR+6URPqROsFs7vqt2LLT+ d2FV86spjT006tr8V4cbmmqTkuaa0S1Az9zGZf8lf9DDTgs/R0Eq418Wkc6cuIwk Hy2lK1FYr9k+f5fh8iwTwCsqpbweXYtd5xmE+329li6K2MjIV9TGTi+oSwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAMWqhMyOdeGoW5R7/NayFeF/RPpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzNDliNTk3LTBmMWQtNGEyNS04ZmJhLWJkMTA4NWZhMzY4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba94gwDQYJKoZIhvcNAQELBQADggEBABxCIZsG+UAX3rbrMauS Vm4nbmO5xsGVSFpM/WbvFquK6IwxwhPLxzDpX914SPXEJ2QmpzvLGgxcTzZUV4ho 09iVV+R1Qj//XHN5pm+DolObW+t5leuVDQU8kc9zUAxed7cy+FSomiSEFupNfeod /bhGf+Lg2HaehV+rpbSovFiccySmIpB3IWC/m6+vrykUUNSVHkd/2YKgiKQUfF3V DTTNq/cCQ4v3AMAfLEg6QP0YDbORo09S9GFw+8+8VsEO1+IuWhbIOS30SttPQ1bo 6Sk25lkypajyHU3bHPi3iYYegfLHc7HVrTdzwNr6zbC2UYKUtWKlQnGDaTio99Lq Nh8= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:41 2024 by rpki-client on console-ams.rpki-client.org