$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa File: ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa (raw, json) Hash identifier: KWZtL6+C05nJyJb6z5ODhXnsB7OJ/r6b/ZjFJw5Gi6Q= Subject key identifier: 94:B9:61:18:2E:15:5C:D1:B7:F8:B1:37:A2:2E:1C:80:18:E6:A0:8A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4CCE11EEDF7B8A8A3D75B12B99932203C2C74BA8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa Signing time: Wed 01 May 2024 00:00:00 +0000 ROA not before: Wed 01 May 2024 00:00:00 +0000 ROA not after: Wed 05 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da30:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 00:10:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:ce:11:ee:df:7b:8a:8a:3d:75:b1:2b:99:93:22:03:c2:c7:4b:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:00 2024 GMT Not After : Jun 5 23:59:59 2024 GMT Subject: serialNumber=787d57203930d272f62600bd659071d08b45ddddf72dea6495198f2da2dd77c8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:4e:1f:81:0b:a3:9e:2c:53:4e:23:42:c6:ac: da:a6:cd:e4:8a:62:1a:6b:62:35:8f:36:ad:65:2e: dc:61:e1:f3:23:1f:6f:38:ee:12:f2:46:e3:be:f6: 2a:17:04:d1:10:eb:53:42:fe:37:89:d0:dd:62:ec: b1:f0:8b:2d:94:a0:81:db:89:15:d8:1c:39:da:80: 2c:15:1b:98:73:53:c7:72:73:97:ba:67:33:6c:34: 8e:73:74:e3:2b:44:80:19:1e:16:e3:8c:93:71:a4: dd:0e:6e:90:d1:31:5a:89:e1:29:13:c1:b3:f9:2f: 01:08:28:33:93:00:c8:de:11:26:7f:81:bc:46:b5: 3b:2e:24:ce:34:65:83:17:e4:7a:bf:8b:65:93:0f: ac:cb:cb:84:27:ed:c0:f2:68:24:ae:7f:1f:e8:0c: 2e:b9:18:8e:46:d6:c3:0f:6a:8a:67:61:8c:47:39: 1c:5c:62:11:92:f2:3f:6f:ac:f3:e7:98:38:5c:78: e2:4e:2a:c6:11:79:de:13:54:7f:f4:72:ae:52:c7: 2f:3d:69:07:b2:8b:f3:48:9b:16:e6:f1:91:8d:42: 2f:5c:1b:63:e5:29:75:bf:89:8a:5a:8c:e2:22:23: 6b:fc:b8:ff:2e:55:c3:5d:9b:51:00:73:36:a0:e5: d0:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:B9:61:18:2E:15:5C:D1:B7:F8:B1:37:A2:2E:1C:80:18:E6:A0:8A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da30:9000::/40 Signature Algorithm: sha256WithRSAEncryption be:b3:6c:7d:1b:f5:89:8d:c1:25:b6:74:4e:2d:e9:56:b0:e2: 53:d8:79:c6:1c:53:27:45:51:9f:96:fa:90:c4:48:59:0c:26: 21:c3:25:c6:68:a0:10:0b:f0:c1:ea:f2:16:f8:0b:9c:05:e9: a4:90:d6:bf:99:d4:9f:8d:0b:56:50:d8:e3:da:08:52:2b:3d: aa:77:cf:2f:c8:f5:68:58:5e:8c:d5:70:e0:00:76:a1:46:9c: 86:40:8c:ff:37:a3:4b:d6:98:6c:26:2e:c7:f7:cf:bc:1d:76: 3f:5c:18:bd:4a:71:63:b4:02:6e:ed:89:8c:26:7d:b1:2f:d1: bd:b8:fb:36:a0:18:22:2d:88:79:34:7f:72:73:c8:66:41:3b: cc:cc:ea:b9:ee:85:52:7a:6f:99:7b:a0:e6:ac:75:18:7f:70: 99:bb:1d:bd:64:63:72:1a:bc:6a:20:43:4e:db:34:59:1f:08: a5:1f:16:7e:f2:12:d5:36:17:39:be:43:2c:31:e4:7e:44:13: 46:a4:c8:dc:8d:1e:3f:d4:d9:9a:f4:1b:4d:6c:8f:70:4e:d9: 26:95:e9:31:f5:76:ad:64:69:be:8b:6c:a5:6c:9c:14:3a:ae: 64:85:e8:94:91:2f:42:c5:37:1b:85:68:71:88:73:68:d5:d0: 50:32:d9:e3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTM4R7t97ioo9dbErmZMiA8LHS6gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMTAwMDAwMFoX DTI0MDYwNTIzNTk1OVowejFJMEcGA1UEBRNANzg3ZDU3MjAzOTMwZDI3MmY2MjYw MGJkNjU5MDcxZDA4YjQ1ZGRkZGY3MmRlYTY0OTUxOThmMmRhMmRkNzdjODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE4fgQujnixTTiNCxqzaps3kimIa a2I1jzatZS7cYeHzIx9vOO4S8kbjvvYqFwTREOtTQv43idDdYuyx8IstlKCB24kV 2Bw52oAsFRuYc1PHcnOXumczbDSOc3TjK0SAGR4W44yTcaTdDm6Q0TFaieEpE8Gz +S8BCCgzkwDI3hEmf4G8RrU7LiTONGWDF+R6v4tlkw+sy8uEJ+3A8mgkrn8f6Awu uRiORtbDD2qKZ2GMRzkcXGIRkvI/b6zz55g4XHjiTirGEXneE1R/9HKuUscvPWkH sovzSJsW5vGRjUIvXBtj5Sl1v4mKWoziIiNr/Lj/LlXDXZtRAHM2oOXQbQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJS5YRguFVzRt/ixN6IuHIAY5qCKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhNGFhNzQyLWY4YjItNDhiNy04OGIzLTZmZmU2MzE4OTM1OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMJAwDQYJKoZIhvcNAQELBQADggEBAL6zbH0b9YmNwSW2dE4t 6Vaw4lPYecYcUydFUZ+W+pDESFkMJiHDJcZooBAL8MHq8hb4C5wF6aSQ1r+Z1J+N C1ZQ2OPaCFIrPap3zy/I9WhYXozVcOAAdqFGnIZAjP83o0vWmGwmLsf3z7wddj9c GL1KcWO0Am7tiYwmfbEv0b24+zagGCItiHk0f3JzyGZBO8zM6rnuhVJ6b5l7oOas dRh/cJm7Hb1kY3IavGogQ07bNFkfCKUfFn7yEtU2Fzm+Qywx5H5EE0akyNyNHj/U 2Zr0G01sj3BO2SaV6TH1dq1kab6LbKVsnBQ6rmSF6JSRL0LFNxuFaHGIc2jV0FAy 2eM= -----END CERTIFICATE-----Generated at Sat May 18 05:38:27 2024 by rpki-client on console-ams.rpki-client.org