$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e5ccec14-e28e-4293-bc2f-c216327b4af8.roa File: e5ccec14-e28e-4293-bc2f-c216327b4af8.roa (raw, json) Hash identifier: fjAxjUrcfT3D5bmofZygc0A6+K9lHts5647jlYqdVx0= Subject key identifier: 47:F1:91:18:52:DD:A6:EB:82:27:CB:21:E3:9C:0D:3D:DE:E2:4E:28 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5D74219338214DECC046AFDF5F7942F9D8CEE04A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e5ccec14-e28e-4293-bc2f-c216327b4af8.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:ff80::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:74:21:93:38:21:4d:ec:c0:46:af:df:5f:79:42:f9:d8:ce:e0:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=6f9e1621e9b699274fcec055e2893d7c6b5764aacbace0d5bd0a7febfa981c7d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:f8:80:55:58:fc:df:dc:43:c1:3d:43:23:cc: 38:53:49:0e:46:12:31:ac:7a:ca:55:fa:e4:11:f1: 47:e2:0d:b5:0e:13:28:2d:5c:7b:f9:8d:b3:e1:be: 91:31:fb:97:e1:e3:9f:eb:f6:b0:1f:86:48:f2:ca: b6:5c:d5:62:fa:c9:68:77:b8:f4:9e:d4:66:92:24: f8:cd:0c:3f:86:d5:ff:a5:0a:46:7d:ac:72:52:69: 4d:47:8a:13:ab:66:2d:f3:b8:18:33:3f:4e:9c:c9: 5a:44:b9:da:d8:af:83:be:d4:72:fd:19:48:9c:a1: e2:7d:2e:45:67:b8:86:f6:25:6e:12:32:a9:d8:df: b0:17:5e:33:06:5d:16:7d:0e:00:09:1a:9b:73:5e: 3e:4a:f9:4d:7b:11:ba:4a:89:22:33:94:e0:3e:97: 2c:8a:9f:25:79:33:22:e2:9d:0a:c6:0b:79:b4:c2: bf:3c:2e:6e:16:f5:0f:cd:6e:52:12:5f:54:ae:b2: 71:8e:d4:e9:52:57:54:9c:49:ac:9c:58:8c:e9:71: 3f:a9:ca:4c:e8:51:f8:da:c8:94:27:b6:5b:10:c2: e8:99:62:4e:08:2b:0f:c1:3f:5c:a5:f9:0b:82:c4: f5:a9:93:31:66:91:2e:2b:78:a2:f2:cd:65:d7:e7: bf:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:F1:91:18:52:DD:A6:EB:82:27:CB:21:E3:9C:0D:3D:DE:E2:4E:28 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e5ccec14-e28e-4293-bc2f-c216327b4af8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:ff80::/46 Signature Algorithm: sha256WithRSAEncryption 07:fa:26:bc:d5:34:d8:93:a5:4e:e7:f9:5d:35:88:7e:69:7c: af:e1:19:cf:75:98:bc:73:a8:53:55:92:a2:4a:fa:c6:7b:e9: 4d:54:e7:a9:5b:d3:ff:fd:f3:0d:84:81:5d:af:87:6b:6a:af: a3:a7:63:48:ba:49:71:fc:c1:a4:7d:80:8a:7c:86:7a:0c:bf: d5:40:c3:e5:b9:d1:18:fe:e6:05:05:54:46:2e:21:9f:3a:ed: 13:e4:ce:77:4a:ce:5a:3a:91:4c:d7:45:d8:b3:51:72:0b:00: 0d:a6:26:f2:ab:db:46:42:0f:83:8c:a7:16:a1:99:9e:66:83: 58:d0:eb:c8:fe:28:94:c2:8c:15:34:2e:b5:60:81:51:5e:cc: d9:f1:99:35:a6:5e:c5:6a:c1:bf:1a:e6:33:be:24:f6:74:ef: 12:98:8d:b6:64:e8:8e:01:82:7e:51:1c:57:3d:c5:f7:f5:88: cf:3d:58:a1:31:ec:81:fb:d3:1b:76:2f:f6:7c:c4:27:0f:b5: d3:8a:aa:fb:64:95:c2:63:12:d9:87:75:ec:d2:99:84:7a:e9: e7:a9:32:7e:b3:aa:6a:90:1f:cb:83:38:26:e1:a3:7d:74:c0: 05:4b:e1:aa:aa:d5:5d:e0:e6:7b:45:30:3e:21:6d:84:b3:af: b9:d7:2f:a4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXXQhkzghTezARq/fX3lC+djO4EowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNANmY5ZTE2MjFlOWI2OTkyNzRmY2Vj MDU1ZTI4OTNkN2M2YjU3NjRhYWNiYWNlMGQ1YmQwYTdmZWJmYTk4MWM3ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkviAVVj839xDwT1DI8w4U0kORhIx rHrKVfrkEfFH4g21DhMoLVx7+Y2z4b6RMfuX4eOf6/awH4ZI8sq2XNVi+slod7j0 ntRmkiT4zQw/htX/pQpGfaxyUmlNR4oTq2Yt87gYMz9OnMlaRLna2K+DvtRy/RlI nKHifS5FZ7iG9iVuEjKp2N+wF14zBl0WfQ4ACRqbc14+SvlNexG6SokiM5TgPpcs ip8leTMi4p0Kxgt5tMK/PC5uFvUPzW5SEl9UrrJxjtTpUldUnEmsnFiM6XE/qcpM 6FH42siUJ7ZbEMLomWJOCCsPwT9cpfkLgsT1qZMxZpEuK3ii8s1l1+e/uQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEfxkRhS3abrgifLIeOcDT3e4k4oMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U1Y2NlYzE0LWUyOGUtNDI5My1iYzJmLWMyMTYzMjdiNGFmOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba/P+AMA0GCSqGSIb3DQEBCwUAA4IBAQAH+ia81TTYk6VO5/ld NYh+aXyv4RnPdZi8c6hTVZKiSvrGe+lNVOepW9P//fMNhIFdr4draq+jp2NIuklx /MGkfYCKfIZ6DL/VQMPludEY/uYFBVRGLiGfOu0T5M53Ss5aOpFM10XYs1FyCwAN pibyq9tGQg+DjKcWoZmeZoNY0OvI/iiUwowVNC61YIFRXszZ8Zk1pl7FasG/GuYz viT2dO8SmI22ZOiOAYJ+URxXPcX39YjPPVihMeyB+9Mbdi/2fMQnD7XTiqr7ZJXC YxLZh3Xs0pmEeunnqTJ+s6pqkB/Lgzgm4aN9dMAFS+GqqtVd4OZ7RTA+IW2Es6+5 1y+k -----END CERTIFICATE-----Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org