$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e72651b8-422c-4c74-90a2-0aee8e659796.roa File: e72651b8-422c-4c74-90a2-0aee8e659796.roa (raw, json) Hash identifier: U0PnxzD1o8T1DeDG3fIJaDYtlfvmoKojyWAxCvEq6iY= Subject key identifier: 56:7A:31:C0:11:C0:EF:38:B2:A7:84:7A:32:87:68:A5:F8:F6:90:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37DB5B4B60C8E3947C42D819C178222845487406 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e72651b8-422c-4c74-90a2-0aee8e659796.roa Signing time: Fri 22 Sep 2023 00:00:00 +0000 ROA not before: Fri 22 Sep 2023 00:00:00 +0000 ROA not after: Fri 27 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Sep 2023 12:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:db:5b:4b:60:c8:e3:94:7c:42:d8:19:c1:78:22:28:45:48:74:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 22 00:00:00 2023 GMT Not After : Oct 27 23:59:59 2023 GMT Subject: serialNumber=dd946438ca051e16f8fe1b415529ae9dc1037c2722e824cca3e0a65615f36d0b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c2:38:70:9e:d0:32:4c:64:de:25:90:d5:48: d5:e7:73:cc:71:aa:55:34:18:fd:52:89:33:05:83: b8:c6:30:58:de:70:16:ef:b5:77:97:7a:22:42:1a: d6:8e:cb:b5:53:7a:64:a6:f2:56:70:81:0f:16:87: 81:24:d1:b0:cc:f4:6a:16:71:cb:bf:c3:c0:cd:91: 40:56:70:4b:2b:08:ee:5e:ea:85:5c:f0:52:7b:7d: 3d:c6:51:e0:a9:00:0c:31:c6:04:80:b1:51:cd:3e: 8d:e8:f3:8d:fb:97:83:75:9a:91:79:c1:b5:c4:0a: 76:d2:1c:71:af:53:7b:cc:3a:c1:42:fa:d2:0b:c7: a7:de:a5:bb:75:ef:21:d7:88:80:ad:18:49:8b:44: 40:75:bb:d4:c5:75:97:26:cc:73:3c:77:f4:43:8c: 93:e7:39:f4:0f:88:a7:a3:61:93:d1:8b:6a:a5:6c: bd:a0:3c:91:bc:99:44:cb:60:df:93:a5:fa:87:a9: 27:61:b9:d9:03:81:ed:05:00:40:fe:4a:b7:bd:74: d4:a3:e1:67:45:21:e3:c9:7b:b4:f1:0d:b4:fe:0c: 79:7e:26:f2:29:22:e9:20:9a:6b:9b:3f:99:45:cb: 59:57:97:5d:6b:c3:bf:5f:b7:ea:a9:69:16:79:6a: ab:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:7A:31:C0:11:C0:EF:38:B2:A7:84:7A:32:87:68:A5:F8:F6:90:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e72651b8-422c-4c74-90a2-0aee8e659796.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:6000::/40 Signature Algorithm: sha256WithRSAEncryption 5f:db:2f:d4:0e:ee:70:ab:a1:eb:92:82:1b:5c:a3:b7:8c:6c: 4c:78:79:f9:02:df:50:17:c3:f3:ce:35:f2:6b:18:6d:f5:8e: 40:3d:aa:f3:8d:ea:12:3d:e0:35:64:38:10:69:52:7a:b0:6e: e4:85:68:91:b0:c9:5d:ec:d6:88:69:2f:70:df:97:8a:f2:01: b0:f0:e5:82:7a:b2:cb:71:5f:40:78:e1:8c:f4:d4:b7:2f:60: 70:13:06:ef:14:86:f8:9b:c1:99:62:f5:ab:b8:e0:d1:1d:d1: 4d:6a:e8:55:f0:85:14:5e:3b:ff:ea:9f:c7:1c:54:16:98:8c: 70:b7:03:6b:37:fb:20:24:31:c6:c6:3a:82:62:0d:7e:5b:dd: 88:a8:3b:1b:03:f6:ce:84:fe:a8:f1:82:e2:4b:dd:87:45:a6: d9:a9:41:b2:c0:0a:64:cf:32:22:46:ea:87:1d:34:37:2e:78: 85:63:62:8c:f4:db:fc:71:50:0b:9f:50:8f:c8:ca:b9:c8:54: 01:ff:51:fc:1e:75:f0:d3:7e:72:c2:e5:58:b2:3c:b6:f4:51: 43:3d:0f:b4:85:39:54:2a:e1:bc:c8:4d:a6:67:7c:a5:7a:14: 8c:04:34:ff:1f:c6:28:d4:d3:36:26:e0:98:6b:68:f7:b1:f0: 06:2a:30:d8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUN9tbS2DI45R8QtgZwXgiKEVIdAYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkyMjAwMDAwMFoX DTIzMTAyNzIzNTk1OVowejFJMEcGA1UEBRNAZGQ5NDY0MzhjYTA1MWUxNmY4ZmUx YjQxNTUyOWFlOWRjMTAzN2MyNzIyZTgyNGNjYTNlMGE2NTYxNWYzNmQwYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscI4cJ7QMkxk3iWQ1UjV53PMcapV NBj9UokzBYO4xjBY3nAW77V3l3oiQhrWjsu1U3pkpvJWcIEPFoeBJNGwzPRqFnHL v8PAzZFAVnBLKwjuXuqFXPBSe309xlHgqQAMMcYEgLFRzT6N6PON+5eDdZqRecG1 xAp20hxxr1N7zDrBQvrSC8en3qW7de8h14iArRhJi0RAdbvUxXWXJsxzPHf0Q4yT 5zn0D4ino2GT0YtqpWy9oDyRvJlEy2Dfk6X6h6knYbnZA4HtBQBA/kq3vXTUo+Fn RSHjyXu08Q20/gx5fibyKSLpIJprmz+ZRctZV5dda8O/X7fqqWkWeWqrowIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFZ6McARwO84sqeEejKHaKX49pAKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U3MjY1MWI4LTQyMmMtNGM3NC05MGEyLTBhZWU4ZTY1OTc5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+GAwDQYJKoZIhvcNAQELBQADggEBAF/bL9QO7nCroeuSghtc o7eMbEx4efkC31AXw/PONfJrGG31jkA9qvON6hI94DVkOBBpUnqwbuSFaJGwyV3s 1ohpL3Dfl4ryAbDw5YJ6sstxX0B44Yz01LcvYHATBu8UhvibwZli9au44NEd0U1q 6FXwhRReO//qn8ccVBaYjHC3A2s3+yAkMcbGOoJiDX5b3YioOxsD9s6E/qjxguJL 3YdFptmpQbLACmTPMiJG6ocdNDcueIVjYoz02/xxUAufUI/IyrnIVAH/UfwedfDT fnLC5ViyPLb0UUM9D7SFOVQq4bzITaZnfKV6FIwENP8fxijU0zYm4JhraPex8AYq MNg= -----END CERTIFICATE-----Generated at Fri Sep 22 00:30:05 2023 by rpki-client on console-fra.rpki-client.org