$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e65a7bae-3455-401c-9c8b-31b1d31be854.roa File: e65a7bae-3455-401c-9c8b-31b1d31be854.roa (raw, json) Hash identifier: HXxqThsF1SQMwg/7F8hZlXTjEHzUFOXfxYXwqW4FuOc= Subject key identifier: 1F:C8:D6:23:59:0D:7B:0E:DD:72:30:C4:5B:E1:B0:B0:03:AD:EF:1E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5FF85037973CD39AAA5DCD8DF837130C0CA38817 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e65a7bae-3455-401c-9c8b-31b1d31be854.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:f8:50:37:97:3c:d3:9a:aa:5d:cd:8d:f8:37:13:0c:0c:a3:88:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=d578cf36b341259da3181e519bb48eb0e0db9f4c89e7d0005d263a8fd379e146, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:bc:94:45:9a:74:79:fd:db:6a:ce:46:41:3c: 71:fe:da:2f:96:84:ba:97:88:05:cb:3e:0a:96:d4: 0e:37:e6:f9:cc:e7:76:0b:55:b7:27:1c:96:ce:56: 84:0f:15:56:65:a5:1d:e7:2f:7d:73:e3:66:97:bb: 88:32:ea:56:58:99:59:03:78:ee:47:81:a7:5e:cb: d0:2e:8c:42:1c:79:99:9a:d0:3f:ad:b5:0f:19:e6: 3e:1c:c6:79:36:f4:31:3d:85:17:80:5d:6a:7c:f4: 08:0c:32:bc:67:d3:d9:6f:86:bd:0f:b4:17:71:72: dc:88:c3:d7:b6:59:59:71:60:1e:f7:3b:1d:df:13: ab:2f:49:0d:78:84:96:f1:43:04:b2:ae:87:45:5c: b2:2a:f5:3c:c8:0b:67:2f:e2:27:46:78:e2:af:d6: 0c:b7:e2:2d:3f:af:27:7c:c6:d7:61:ae:b3:b2:4f: e0:2a:a2:89:4a:76:e9:8b:13:94:aa:0c:80:cb:ff: 3b:41:3c:f3:82:32:15:53:b0:60:02:30:fd:40:6a: 13:27:cd:41:b4:9c:43:3e:0f:5e:d2:72:03:17:4c: 08:6f:90:76:08:ff:03:d9:db:93:df:c0:1c:03:1a: f1:b4:8e:d6:38:80:36:72:b6:8f:17:26:99:63:5d: e2:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:C8:D6:23:59:0D:7B:0E:DD:72:30:C4:5B:E1:B0:B0:03:AD:EF:1E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e65a7bae-3455-401c-9c8b-31b1d31be854.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:4800::/40 Signature Algorithm: sha256WithRSAEncryption 14:f4:85:a7:6f:06:d4:67:9a:1d:0e:96:d4:fe:76:a8:85:e8: 71:d1:77:ca:e1:88:84:71:4d:d1:e3:27:7a:ae:84:46:4f:3e: 9e:de:81:a1:76:ea:ba:53:cc:4e:5b:5e:93:35:5f:cb:9a:2b: 95:48:56:73:30:27:fc:85:6c:82:fc:d3:02:3f:d6:a9:67:40: 3e:16:dd:be:69:75:c0:84:79:eb:70:81:e0:f5:5e:6d:52:9c: a9:30:01:bc:7d:e7:e4:c3:a7:2f:90:ed:67:52:de:7b:aa:4d: f0:2a:7f:d0:e1:8c:c3:1e:b9:fd:44:dd:62:60:da:67:04:23: 7d:fb:a3:f1:53:92:20:a3:ec:cd:f2:5c:f4:07:d4:36:04:17: 2d:e7:55:99:39:69:17:2d:ca:01:e1:00:40:6b:8d:99:c8:dd: 18:36:ec:7a:51:11:45:38:32:90:6b:31:e5:2d:4c:52:5a:14: 0c:3a:0f:0d:9b:d4:b6:20:fb:1f:09:fd:6b:93:bc:c4:30:63: ca:8a:60:e3:60:45:26:fd:46:b1:fb:b4:26:4c:da:33:fc:21: 4f:fd:8b:d0:34:61:f8:fd:4a:0a:c6:62:39:36:e4:88:49:bc: e2:5a:8f:7e:5b:40:c1:5d:e5:58:3b:4a:79:db:cc:cc:08:37: 95:69:c3:1b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUX/hQN5c805qqXc2N+DcTDAyjiBcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAZDU3OGNmMzZiMzQxMjU5ZGEzMTgx ZTUxOWJiNDhlYjBlMGRiOWY0Yzg5ZTdkMDAwNWQyNjNhOGZkMzc5ZTE0NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27yURZp0ef3bas5GQTxx/tovloS6 l4gFyz4KltQON+b5zOd2C1W3JxyWzlaEDxVWZaUd5y99c+Nml7uIMupWWJlZA3ju R4GnXsvQLoxCHHmZmtA/rbUPGeY+HMZ5NvQxPYUXgF1qfPQIDDK8Z9PZb4a9D7QX cXLciMPXtllZcWAe9zsd3xOrL0kNeISW8UMEsq6HRVyyKvU8yAtnL+InRnjir9YM t+ItP68nfMbXYa6zsk/gKqKJSnbpixOUqgyAy/87QTzzgjIVU7BgAjD9QGoTJ81B tJxDPg9e0nIDF0wIb5B2CP8D2duT38AcAxrxtI7WOIA2craPFyaZY13ikQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB/I1iNZDXsO3XIwxFvhsLADre8eMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U2NWE3YmFlLTM0NTUtNDAxYy05YzhiLTMxYjFkMzFiZTg1NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+0gwDQYJKoZIhvcNAQELBQADggEBABT0hadvBtRnmh0OltT+ dqiF6HHRd8rhiIRxTdHjJ3quhEZPPp7egaF26rpTzE5bXpM1X8uaK5VIVnMwJ/yF bIL80wI/1qlnQD4W3b5pdcCEeetwgeD1Xm1SnKkwAbx95+TDpy+Q7WdS3nuqTfAq f9DhjMMeuf1E3WJg2mcEI337o/FTkiCj7M3yXPQH1DYEFy3nVZk5aRctygHhAEBr jZnI3Rg27HpREUU4MpBrMeUtTFJaFAw6Dw2b1LYg+x8J/WuTvMQwY8qKYONgRSb9 RrH7tCZM2jP8IU/9i9A0Yfj9SgrGYjk25IhJvOJaj35bQMFd5Vg7SnnbzMwIN5Vp wxs= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:17 2024 by rpki-client on console-fra.rpki-client.org