$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa File: e34a1112-42b9-4563-9cde-de9af887a3d6.roa (raw, json) Hash identifier: Q0VlEkMEzpnTJGSNEkrPAV+4GSrTVlEz7vR56HOG8+E= Subject key identifier: 85:FA:92:87:75:40:9B:E6:B3:41:AD:0E:05:AC:4F:B2:36:00:F9:D9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7D14EB00FB71BC56E80DB771C66B2877FCD67EAE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:14:eb:00:fb:71:bc:56:e8:0d:b7:71:c6:6b:28:77:fc:d6:7e:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=e0dcb1244bdf988a3400edaa141559d7ca33c3bb96c42d8fa39e1e102e545406, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:54:03:f2:2c:9d:2b:7e:0c:23:15:ca:ab:89: 9a:c9:09:76:06:b6:e7:ad:b6:89:e7:fe:aa:69:05: f4:06:55:76:3b:3a:df:c6:70:9d:45:a3:37:5b:bb: 62:24:f8:06:55:fc:a5:9d:5b:9b:6f:6b:f9:e9:b8: af:4a:84:63:ee:46:74:dc:30:a0:84:43:08:75:bc: 31:f6:ff:3c:8f:67:26:91:f0:c3:be:11:e8:72:a0: 2b:c7:7b:dd:f0:8f:89:f9:41:a4:fc:ab:b1:b4:be: d4:ac:b8:58:08:b6:df:57:ad:bf:05:45:52:4b:ad: 0a:9f:dc:60:b4:f6:10:c3:9a:d3:d1:87:f7:da:69: 78:c4:03:67:84:36:79:5d:c2:d5:12:b4:db:0a:92: f9:4a:ae:84:74:1c:95:39:07:94:2e:e2:13:76:63: ff:6c:fa:70:20:91:9c:ee:8e:8c:04:5e:0f:2c:5e: 98:21:b2:c9:d4:88:b0:44:9e:e5:1b:14:01:e5:40: e7:10:39:0b:f9:8f:72:85:67:0c:3e:d1:39:d8:45: 79:2a:80:24:33:58:0e:c7:1d:9e:f1:18:39:a2:18: b9:9d:ee:07:04:30:ed:8c:36:b5:5d:28:01:35:62: 1b:29:04:93:38:20:3b:7d:0e:4d:c3:8a:ee:82:5b: ed:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:FA:92:87:75:40:9B:E6:B3:41:AD:0E:05:AC:4F:B2:36:00:F9:D9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:2000::/40 Signature Algorithm: sha256WithRSAEncryption 75:49:af:87:89:40:a6:e3:21:00:82:f8:87:ad:c7:6f:0a:7e: 2a:10:9e:25:ad:f7:ce:17:aa:c1:22:1e:9c:f9:be:9f:86:87: 9d:21:2c:1c:6f:96:25:27:49:86:f7:96:6b:27:0a:23:18:95: b7:35:91:d0:90:af:b6:9f:9c:70:b3:87:c1:f1:b0:5d:24:83: ac:8b:13:d5:5a:29:73:b7:f2:e7:51:64:17:78:6e:68:3d:c5: 8b:1e:67:67:7b:c5:4a:b3:38:f9:77:f6:f7:d1:27:b3:43:f0: 20:5a:b5:b0:79:c5:7f:32:84:e0:44:bc:ef:22:51:2f:6b:6f: 55:09:9c:ef:82:de:ed:d5:91:e4:30:68:1f:19:5d:51:60:cf: ca:69:8c:7f:24:09:ed:e6:ea:f6:4d:ad:dd:d3:8d:ae:d5:18: 1a:f8:53:f9:87:35:5b:10:06:db:30:f2:c0:73:a8:7a:39:fa: b4:96:e1:b2:f9:b8:a7:b8:63:cf:60:c3:22:44:11:62:81:2e: 4c:b7:d6:d4:ab:ed:ec:3a:9c:bf:e0:25:a5:08:86:c4:49:6f: ec:d8:5c:8b:97:44:3e:8b:3a:1b:d0:14:10:b5:50:3b:1c:06: a4:40:45:4b:cf:73:81:35:9a:fb:b4:b6:11:00:78:eb:e0:fe: ef:cd:52:9b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfRTrAPtxvFboDbdxxmsod/zWfq4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAZTBkY2IxMjQ0YmRmOTg4YTM0MDBl ZGFhMTQxNTU5ZDdjYTMzYzNiYjk2YzQyZDhmYTM5ZTFlMTAyZTU0NTQwNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11QD8iydK34MIxXKq4mayQl2Brbn rbaJ5/6qaQX0BlV2OzrfxnCdRaM3W7tiJPgGVfylnVubb2v56bivSoRj7kZ03DCg hEMIdbwx9v88j2cmkfDDvhHocqArx3vd8I+J+UGk/KuxtL7UrLhYCLbfV62/BUVS S60Kn9xgtPYQw5rT0Yf32ml4xANnhDZ5XcLVErTbCpL5Sq6EdByVOQeULuITdmP/ bPpwIJGc7o6MBF4PLF6YIbLJ1IiwRJ7lGxQB5UDnEDkL+Y9yhWcMPtE52EV5KoAk M1gOxx2e8Rg5ohi5ne4HBDDtjDa1XSgBNWIbKQSTOCA7fQ5Nw4ruglvtSwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIX6kod1QJvms0GtDgWsT7I2APnZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzNGExMTEyLTQyYjktNDU2My05Y2RlLWRlOWFmODg3YTNkNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOCAwDQYJKoZIhvcNAQELBQADggEBAHVJr4eJQKbjIQCC+Iet x28KfioQniWt984XqsEiHpz5vp+Gh50hLBxvliUnSYb3lmsnCiMYlbc1kdCQr7af nHCzh8HxsF0kg6yLE9VaKXO38udRZBd4bmg9xYseZ2d7xUqzOPl39vfRJ7ND8CBa tbB5xX8yhOBEvO8iUS9rb1UJnO+C3u3VkeQwaB8ZXVFgz8ppjH8kCe3m6vZNrd3T ja7VGBr4U/mHNVsQBtsw8sBzqHo5+rSW4bL5uKe4Y89gwyJEEWKBLky31tSr7ew6 nL/gJaUIhsRJb+zYXIuXRD6LOhvQFBC1UDscBqRARUvPc4E1mvu0thEAeOvg/u/N Ups= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:41 2024 by rpki-client on console-ams.rpki-client.org