$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e65a7bae-3455-401c-9c8b-31b1d31be854.roa File: e65a7bae-3455-401c-9c8b-31b1d31be854.roa (raw, json) Hash identifier: 3cnFlcksX5a9QX+dKvj2I7BjwJea1u0P+ML4e8PJ62c= Subject key identifier: 42:60:F2:0B:F6:05:2D:A9:D1:94:77:C6:61:50:21:BB:89:34:9C:A6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 502F91266470BFFC21CBE87F07D4FF66FBC1780F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e65a7bae-3455-401c-9c8b-31b1d31be854.roa Signing time: Wed 01 May 2024 00:00:00 +0000 ROA not before: Wed 01 May 2024 00:00:00 +0000 ROA not after: Wed 05 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:2f:91:26:64:70:bf:fc:21:cb:e8:7f:07:d4:ff:66:fb:c1:78:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:00 2024 GMT Not After : Jun 5 23:59:59 2024 GMT Subject: serialNumber=6489cae90a7dd494eaf603272d6b1b6af36061c1175ea631149d5eee344f5ac1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:33:95:f2:98:b1:48:e9:97:64:8f:fe:67:f4: a2:b7:ab:05:ee:df:1b:de:48:94:29:a3:f9:6a:97: 77:5f:2c:29:23:d7:cc:ca:c7:5a:ab:56:c9:5e:b6: 55:bc:94:1e:4f:cb:11:1e:a5:8b:0d:c5:24:17:68: f8:b4:b2:22:e8:f2:29:72:c6:9e:d2:b3:35:56:76: 97:cd:a5:ab:b1:73:3e:62:66:f3:21:6a:27:1a:5a: 06:3c:28:97:4b:f1:5a:6c:bc:fb:07:a2:8d:43:06: 55:4c:18:16:17:a3:41:55:6d:1c:d1:c1:e6:3b:f5: 18:bc:e1:c7:60:2f:ed:bd:f5:c4:ce:3b:80:b0:62: ce:c5:8f:84:a7:91:5c:c8:65:4e:c9:0f:1f:7b:ee: 89:76:66:a3:db:2f:c4:84:f0:1d:79:85:9b:19:0d: 5f:e8:d8:b1:e8:44:72:e3:78:99:0d:7b:10:8d:ec: bc:43:9a:7e:e1:44:66:c3:b6:d2:04:2f:36:76:fc: e0:42:fc:b4:cc:95:28:a8:83:b5:d7:cf:51:af:27: c1:c7:0d:a5:72:aa:77:fb:1f:8d:44:48:30:3d:35: 94:d5:5b:e2:19:96:f8:42:0f:60:17:0f:a4:24:59: a8:fb:c5:57:d7:18:a3:86:91:31:7a:37:78:41:8a: a9:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:60:F2:0B:F6:05:2D:A9:D1:94:77:C6:61:50:21:BB:89:34:9C:A6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e65a7bae-3455-401c-9c8b-31b1d31be854.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:4800::/40 Signature Algorithm: sha256WithRSAEncryption 7b:8e:1b:63:da:1f:b2:b9:00:80:7d:80:9d:29:7e:a2:8e:6c: 3a:be:d1:98:24:f4:2c:08:71:40:91:6a:7f:a5:1a:f6:5d:87: 14:97:54:a5:d8:88:91:99:b1:67:cc:5d:bb:6d:9f:0b:44:35: 56:1d:cc:7f:cf:cb:c1:24:c1:1f:41:75:7f:e3:76:71:13:0a: 1a:78:27:56:00:29:a6:7e:16:a3:0d:f4:e9:48:94:7d:85:69: b9:9e:57:8a:57:4a:89:77:6a:00:28:a7:37:4d:2a:d0:b1:28: 18:2c:5f:2a:32:60:22:5a:9f:09:7e:16:35:61:5d:96:1a:15: d1:96:da:4f:61:4a:52:d9:02:53:ed:93:f1:6a:ee:7a:1a:91: bc:d7:ea:7c:7f:35:86:83:a6:33:9a:90:8e:e0:36:e1:8b:bd: 3a:55:f1:a0:0e:f4:c7:80:3f:5d:46:e5:2d:f0:23:5d:cd:26: 44:88:8e:1b:50:8a:f5:a7:e9:04:a4:a4:e1:0a:e3:c4:42:11: db:3e:95:12:bf:ae:59:9d:4b:1f:a6:c8:48:5c:ad:fa:4d:66: d5:da:e9:f6:e6:70:01:79:42:09:35:d5:81:b9:67:e6:dd:f7: ae:30:78:40:48:9a:75:77:9a:13:ba:e1:73:d8:c1:19:63:4a: b1:5a:65:7c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUC+RJmRwv/why+h/B9T/ZvvBeA8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMTAwMDAwMFoX DTI0MDYwNTIzNTk1OVowejFJMEcGA1UEBRNANjQ4OWNhZTkwYTdkZDQ5NGVhZjYw MzI3MmQ2YjFiNmFmMzYwNjFjMTE3NWVhNjMxMTQ5ZDVlZWUzNDRmNWFjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozOV8pixSOmXZI/+Z/Sit6sF7t8b 3kiUKaP5apd3XywpI9fMysdaq1bJXrZVvJQeT8sRHqWLDcUkF2j4tLIi6PIpcsae 0rM1VnaXzaWrsXM+YmbzIWonGloGPCiXS/FabLz7B6KNQwZVTBgWF6NBVW0c0cHm O/UYvOHHYC/tvfXEzjuAsGLOxY+Ep5FcyGVOyQ8fe+6Jdmaj2y/EhPAdeYWbGQ1f 6Nix6ERy43iZDXsQjey8Q5p+4URmw7bSBC82dvzgQvy0zJUoqIO1189RryfBxw2l cqp3+x+NREgwPTWU1VviGZb4Qg9gFw+kJFmo+8VX1xijhpExejd4QYqpTQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEJg8gv2BS2p0ZR3xmFQIbuJNJymMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U2NWE3YmFlLTM0NTUtNDAxYy05YzhiLTMxYjFkMzFiZTg1NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+0gwDQYJKoZIhvcNAQELBQADggEBAHuOG2PaH7K5AIB9gJ0p fqKObDq+0Zgk9CwIcUCRan+lGvZdhxSXVKXYiJGZsWfMXbttnwtENVYdzH/Py8Ek wR9BdX/jdnETChp4J1YAKaZ+FqMN9OlIlH2FabmeV4pXSol3agAopzdNKtCxKBgs XyoyYCJanwl+FjVhXZYaFdGW2k9hSlLZAlPtk/Fq7noakbzX6nx/NYaDpjOakI7g NuGLvTpV8aAO9MeAP11G5S3wI13NJkSIjhtQivWn6QSkpOEK48RCEds+lRK/rlmd Sx+myEhcrfpNZtXa6fbmcAF5Qgk11YG5Z+bd964weEBImnV3mhO64XPYwRljSrFa ZXw= -----END CERTIFICATE-----Generated at Thu May 2 20:03:16 2024 by rpki-client on console-ams.rpki-client.org