$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa File: e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa (raw, json) Hash identifier: VQePJzOsw+3UgNfNHWVHIkgRDXkXbarC+GTc4eUgNe4= Subject key identifier: D9:79:9C:71:E1:B8:09:C9:2B:1B:BF:0E:09:F2:9A:BF:21:34:A5:B3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24645A4A90902CE7CDF78B210902C270F68E29B8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:64:5a:4a:90:90:2c:e7:cd:f7:8b:21:09:02:c2:70:f6:8e:29:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=0f45fa347a3b6390329c1dbd8a4200b0d5b6a97dd199c108d7c3adb3598ac0ed, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:de:18:29:4e:86:aa:7c:e2:8f:39:17:77:eb: 4a:bd:92:eb:de:97:87:6e:b0:32:dd:06:0d:bf:ab: f0:71:31:f6:db:d0:e0:4e:26:4a:9e:92:74:9b:b2: 16:e3:f5:04:24:0c:c5:6a:ef:26:20:b7:ac:fa:5a: 3f:48:7f:f6:94:2c:e6:2b:68:bc:43:22:56:70:88: bc:19:d6:6e:47:da:35:5b:8c:bc:c0:cd:02:c4:0d: c2:15:de:36:7b:2a:b1:bc:c0:a5:8a:49:9f:22:0a: 99:88:82:4f:00:1d:3f:57:d3:1e:24:a2:f9:15:d0: 16:dd:ed:62:f3:b2:7d:39:3f:dd:12:86:12:a4:1f: 55:a3:df:4c:fd:6d:1d:91:a4:5e:c8:f0:a7:57:3e: 5f:ca:8d:db:b3:20:43:a3:ca:2d:52:80:b7:ad:6d: 8b:8a:8c:7a:93:60:9e:b7:5e:28:a6:d7:99:71:70: 97:91:6f:17:46:e5:47:2f:e1:bb:d5:1d:4e:80:df: 29:0b:2f:13:21:f3:f6:0b:48:a6:89:1f:aa:d6:02: d3:a4:07:65:f2:f4:73:5d:56:16:af:f3:ee:83:2d: 2e:ef:7d:eb:64:69:87:4f:aa:94:32:61:9b:33:4b: 25:59:9b:d2:b9:fe:b6:a9:13:29:bb:79:df:e5:d4: fd:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:79:9C:71:E1:B8:09:C9:2B:1B:BF:0E:09:F2:9A:BF:21:34:A5:B3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:6000::/40 Signature Algorithm: sha256WithRSAEncryption 8e:f7:7b:3d:a8:62:74:3d:5b:48:4d:d6:55:a2:0d:19:5b:24: eb:11:fa:66:a4:5e:1b:45:bf:28:9b:59:75:54:b5:2a:83:2d: e9:22:29:5b:bc:96:e2:5c:3b:ee:08:7c:a1:f7:62:d4:4f:4d: cf:37:e3:1c:ce:6a:3f:78:ae:60:34:ca:ba:51:da:31:1c:6c: 48:5d:c5:4e:2e:6c:6d:28:e2:a4:c9:0e:86:95:e1:98:4d:0f: 2c:a0:49:c4:de:10:d6:83:9b:2f:7d:93:3f:2f:aa:57:0c:54: f2:cb:50:5f:9e:e2:75:26:04:bf:f8:93:a9:6e:d4:78:ee:db: 19:16:d1:dc:35:c3:5d:21:10:45:1b:f6:02:69:ed:e7:09:fa: c8:9e:b4:bb:a2:fd:54:f0:32:54:62:77:27:09:21:3f:f1:60: e7:9e:b0:cc:40:d8:1c:d0:d5:68:ec:4d:79:01:a8:51:c3:37: 16:71:c6:a0:40:f5:16:04:57:98:d5:29:53:11:3a:da:0b:a1: 78:78:e8:dd:a5:05:e5:68:68:fb:21:65:04:77:95:c7:08:52: 11:2c:d2:69:e1:64:a1:99:b0:8c:48:3c:ff:62:45:cf:e8:32: 47:99:c4:c0:a8:a8:1c:65:4f:67:78:68:ef:05:ea:ed:f4:d8: 39:c7:fd:cb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJGRaSpCQLOfN94shCQLCcPaOKbgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMGY0NWZhMzQ3YTNiNjM5MDMyOWMx ZGJkOGE0MjAwYjBkNWI2YTk3ZGQxOTljMTA4ZDdjM2FkYjM1OThhYzBlZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs94YKU6GqnzijzkXd+tKvZLr3peH brAy3QYNv6vwcTH229DgTiZKnpJ0m7IW4/UEJAzFau8mILes+lo/SH/2lCzmK2i8 QyJWcIi8GdZuR9o1W4y8wM0CxA3CFd42eyqxvMClikmfIgqZiIJPAB0/V9MeJKL5 FdAW3e1i87J9OT/dEoYSpB9Vo99M/W0dkaReyPCnVz5fyo3bsyBDo8otUoC3rW2L iox6k2Cet14opteZcXCXkW8XRuVHL+G71R1OgN8pCy8TIfP2C0imiR+q1gLTpAdl 8vRzXVYWr/Pugy0u733rZGmHT6qUMmGbM0slWZvSuf62qRMpu3nf5dT9RwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNl5nHHhuAnJKxu/Dgnymr8hNKWzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U3M2NmNWY4LWVlMGQtNGRjZS04MGIxLWI1MDhmMzE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+2AwDQYJKoZIhvcNAQELBQADggEBAI73ez2oYnQ9W0hN1lWi DRlbJOsR+makXhtFvyibWXVUtSqDLekiKVu8luJcO+4IfKH3YtRPTc834xzOaj94 rmA0yrpR2jEcbEhdxU4ubG0o4qTJDoaV4ZhNDyygScTeENaDmy99kz8vqlcMVPLL UF+e4nUmBL/4k6lu1Hju2xkW0dw1w10hEEUb9gJp7ecJ+sietLui/VTwMlRidycJ IT/xYOeesMxA2BzQ1WjsTXkBqFHDNxZxxqBA9RYEV5jVKVMROtoLoXh46N2lBeVo aPshZQR3lccIUhEs0mnhZKGZsIxIPP9iRc/oMkeZxMCoqBxlT2d4aO8F6u302DnH /cs= -----END CERTIFICATE-----Generated at Fri Apr 19 00:30:58 2024 by rpki-client on console-fra.rpki-client.org