$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa File: e34a1112-42b9-4563-9cde-de9af887a3d6.roa (raw, json) Hash identifier: 1xV3MU2zPSXm9xyl3scvZrKrGZ2RT85UPu8x0RXURAg= Subject key identifier: 2A:B1:BC:37:FB:52:EF:DE:7D:35:88:85:D5:A0:E2:4D:98:A2:97:16 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19A09B4A0E94A96358059EEBA1B3EEDB920A18A1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa Signing time: Thu 02 May 2024 00:00:00 +0000 ROA not before: Thu 02 May 2024 00:00:00 +0000 ROA not after: Thu 06 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:a0:9b:4a:0e:94:a9:63:58:05:9e:eb:a1:b3:ee:db:92:0a:18:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:00 2024 GMT Not After : Jun 6 23:59:59 2024 GMT Subject: serialNumber=16e3972563c799ba3693928963af1e33f4c3d80692ff20ec71101dedaba72adb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:6d:55:e8:b0:5a:2d:76:31:3d:09:63:b9:62: 20:41:ee:a6:d9:ea:59:ee:26:eb:40:12:60:71:b5: 42:be:da:42:4f:61:f4:5e:cd:43:7f:d4:b6:ce:08: b4:37:2e:2d:8a:d2:36:98:c2:51:9d:8a:fd:82:83: c6:ac:7b:06:31:6e:26:e6:10:4e:28:9c:9d:e5:ca: 9c:04:ce:1c:5d:b2:15:af:f5:75:64:93:47:3f:0a: 8e:15:0b:2e:c5:91:50:14:75:d1:0d:5c:2b:87:6c: eb:88:16:f2:8f:fe:be:75:e7:03:34:3a:21:f0:d7: 60:08:02:0f:f0:04:37:df:52:a7:a3:8f:6d:6e:56: d5:c9:e2:92:73:a4:25:a8:51:b9:7c:51:76:64:ab: 90:da:03:cb:8d:8a:e6:fc:8e:00:4f:a8:0c:7a:c7: 7b:ef:0e:c7:d3:2b:2a:44:83:3f:24:63:f5:50:55: bf:80:5f:45:10:aa:b7:41:ed:b5:af:2e:cb:13:b1: d7:df:09:e8:8d:13:44:16:da:7c:58:ad:11:43:c0: c4:6e:a4:2a:1c:8b:18:ba:78:c7:68:7a:6b:b0:b6: d0:ee:1e:10:de:6d:e4:2e:de:8b:2d:58:a0:5f:74: 89:b6:ed:4b:51:12:d2:17:f9:40:a1:b1:5d:c9:31: b8:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:B1:BC:37:FB:52:EF:DE:7D:35:88:85:D5:A0:E2:4D:98:A2:97:16 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:2000::/40 Signature Algorithm: sha256WithRSAEncryption 38:ee:03:b2:d8:bf:97:3c:09:1b:a6:94:d9:f6:b0:aa:d4:7e: f1:e9:fc:0e:f9:a0:1f:e3:48:a9:db:a2:05:2d:27:36:2a:2c: 16:73:14:77:7e:2d:9b:ce:a5:d8:d4:b2:f8:b2:8f:f1:2f:46: 73:50:75:45:07:08:41:17:17:9f:05:c2:11:55:bb:4d:f9:0d: b0:58:99:ba:dc:9e:e0:d6:0f:9e:b5:08:74:65:8e:7c:6c:eb: c1:6b:a8:02:aa:0b:65:28:9a:98:05:5d:4e:71:eb:50:a2:f6: 57:2d:20:d8:f1:2d:84:dc:48:f9:72:84:a2:de:6f:a7:18:c4: e0:2a:32:d1:0f:07:9f:67:74:55:6f:02:2d:7d:7e:85:85:b8: 9c:35:6f:a0:c7:6f:98:a2:21:58:b1:67:71:e2:93:1c:3c:55: 6e:61:77:69:50:2a:17:7b:32:f7:c7:41:5e:1a:ed:3c:b5:4c: 19:22:7b:e6:87:2d:a6:8a:95:1d:dd:47:e2:f5:7c:b3:cd:84: 49:5a:4d:ed:27:0c:b5:f9:2a:d5:9f:30:c7:39:96:7b:9a:90: f1:1d:e4:aa:55:fe:43:e1:42:d5:6c:3c:6b:cb:c3:85:05:e9: 59:55:4a:b6:73:55:10:b8:38:6e:4d:2b:76:85:a7:b7:60:86: c5:bf:d4:7a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGaCbSg6UqWNYBZ7robPu25IKGKEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMjAwMDAwMFoX DTI0MDYwNjIzNTk1OVowejFJMEcGA1UEBRNAMTZlMzk3MjU2M2M3OTliYTM2OTM5 Mjg5NjNhZjFlMzNmNGMzZDgwNjkyZmYyMGVjNzExMDFkZWRhYmE3MmFkYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW1V6LBaLXYxPQljuWIgQe6m2epZ 7ibrQBJgcbVCvtpCT2H0Xs1Df9S2zgi0Ny4titI2mMJRnYr9goPGrHsGMW4m5hBO KJyd5cqcBM4cXbIVr/V1ZJNHPwqOFQsuxZFQFHXRDVwrh2zriBbyj/6+decDNDoh 8NdgCAIP8AQ331Kno49tblbVyeKSc6QlqFG5fFF2ZKuQ2gPLjYrm/I4AT6gMesd7 7w7H0ysqRIM/JGP1UFW/gF9FEKq3Qe21ry7LE7HX3wnojRNEFtp8WK0RQ8DEbqQq HIsYunjHaHprsLbQ7h4Q3m3kLt6LLVigX3SJtu1LURLSF/lAobFdyTG4dwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCqxvDf7Uu/efTWIhdWg4k2YopcWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzNGExMTEyLTQyYjktNDU2My05Y2RlLWRlOWFmODg3YTNkNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOCAwDQYJKoZIhvcNAQELBQADggEBADjuA7LYv5c8CRumlNn2 sKrUfvHp/A75oB/jSKnbogUtJzYqLBZzFHd+LZvOpdjUsviyj/EvRnNQdUUHCEEX F58FwhFVu035DbBYmbrcnuDWD561CHRljnxs68FrqAKqC2UompgFXU5x61Ci9lct INjxLYTcSPlyhKLeb6cYxOAqMtEPB59ndFVvAi19foWFuJw1b6DHb5iiIVixZ3Hi kxw8VW5hd2lQKhd7MvfHQV4a7Ty1TBkie+aHLaaKlR3dR+L1fLPNhElaTe0nDLX5 KtWfMMc5lnuakPEd5KpV/kPhQtVsPGvLw4UF6VlVSrZzVRC4OG5NK3aFp7dghsW/ 1Ho= -----END CERTIFICATE-----Generated at Thu May 23 05:39:36 2024 by rpki-client on console-ams.rpki-client.org