$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0035674-15ff-434e-b4d2-44fc6010a1aa.roa File: f0035674-15ff-434e-b4d2-44fc6010a1aa.roa (raw, json) Hash identifier: Vd1Jb9izPSJKy/XGTX8ZE3z309sasWvW85byKV1x8JQ= Subject key identifier: 8B:CA:76:16:D4:DE:93:1F:9F:CA:06:08:77:B6:C7:29:98:11:DF:15 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 17532682755FF858F0FAA1043A7D5BDFB6D023 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0035674-15ff-434e-b4d2-44fc6010a1aa.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:53:26:82:75:5f:f8:58:f0:fa:a1:04:3a:7d:5b:df:b6:d0:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=2ed8e93386da5065a127e2e60109d4876a1b9bb9cda279dd65c2af4b6792595e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:9d:8c:2e:13:58:6d:e1:23:04:3e:5d:45:b8: eb:bd:e8:85:00:25:6b:80:cc:a9:90:b9:7f:49:9e: 90:9d:58:55:e5:ca:2c:eb:55:bb:41:6f:ba:05:f2: 3b:fe:54:6c:21:41:f9:18:19:d2:34:3d:13:47:8e: 57:df:e2:61:ac:fb:60:45:ec:e8:d4:45:19:3a:d7: 2f:24:cd:e9:cb:69:40:27:bf:59:d1:b1:eb:19:70: ef:fc:82:d3:8e:ac:0a:cf:4d:80:4f:36:7d:48:f7: f8:96:03:5c:69:22:49:57:32:1c:10:5c:5f:49:a3: 23:e6:56:c8:ee:6e:93:1a:83:35:6b:a6:57:8a:81: 0a:36:c4:27:74:dd:e4:cb:d7:c0:8e:26:f4:30:2b: 68:96:26:33:a1:a5:83:39:63:5c:51:95:a1:70:a1: 91:68:1e:ea:e0:90:20:22:c3:0f:2c:0c:31:e7:df: 6e:59:28:85:97:c2:1a:80:82:1f:6a:8f:5f:24:45: 2c:f8:a4:e7:3a:57:55:ee:52:fc:c8:ab:51:70:64: 72:03:21:df:9e:ec:a0:03:4b:e4:d3:f5:b5:db:d1: 97:61:0d:84:d4:50:7c:ad:33:a7:32:a3:7d:6a:15: 42:c6:64:74:af:13:25:e9:c5:b1:13:79:bd:88:78: 3b:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:CA:76:16:D4:DE:93:1F:9F:CA:06:08:77:B6:C7:29:98:11:DF:15 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0035674-15ff-434e-b4d2-44fc6010a1aa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:e000::/40 Signature Algorithm: sha256WithRSAEncryption 45:6a:13:52:f3:7c:c6:f9:79:80:0c:7e:fe:d6:5c:85:e6:cf: 16:77:2b:91:00:05:67:08:57:e3:35:8d:9a:31:b8:b5:29:8e: 5b:d2:6e:9b:01:6c:b9:07:71:0d:1a:d5:2f:26:b6:c4:94:e9: c6:ee:3f:18:1c:c4:73:8a:49:37:bb:ad:6f:20:75:84:be:0b: 40:4a:30:46:ea:80:ea:54:cb:4b:ed:d4:57:9c:4d:30:8f:16: 7f:55:e1:bb:f5:a4:45:31:ca:dd:99:a3:5f:57:21:24:15:f5: b6:b9:bf:12:ce:28:a6:78:35:3d:32:28:bc:e0:57:2e:88:80: 77:c7:6d:0f:19:40:d4:b2:13:4e:19:0e:76:19:82:63:15:a6: 18:bf:21:68:27:da:af:a9:67:10:2b:77:4d:df:55:20:f6:c8: fb:7a:ab:7d:0a:b0:78:ca:1a:fa:cf:c1:d9:1b:13:52:ea:a6: 07:b0:88:9c:b5:33:91:3c:7e:65:77:ba:38:b4:d8:c1:67:70: ab:26:2a:ba:5c:ac:c3:87:7c:93:f9:f6:1a:06:21:a5:f3:5d: 00:26:a0:b4:6e:41:dc:15:44:84:25:eb:05:0d:d3:2e:02:5b: 2f:d6:a6:59:df:d2:4a:0b:a7:78:3a:61:3a:72:49:f0:a2:49: 3d:80:c0:7f -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITF1MmgnVf+Fjw+qEEOn1b37bQIzANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjMwOTE4MDAwMDAwWhcN MjMxMDIzMjM1OTU5WjB6MUkwRwYDVQQFE0AyZWQ4ZTkzMzg2ZGE1MDY1YTEyN2Uy ZTYwMTA5ZDQ4NzZhMWI5YmI5Y2RhMjc5ZGQ2NWMyYWY0YjY3OTI1OTVlMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtnYwuE1ht4SMEPl1FuOu96IUAJWuA zKmQuX9JnpCdWFXlyizrVbtBb7oF8jv+VGwhQfkYGdI0PRNHjlff4mGs+2BF7OjU RRk61y8kzenLaUAnv1nRsesZcO/8gtOOrArPTYBPNn1I9/iWA1xpIklXMhwQXF9J oyPmVsjubpMagzVrpleKgQo2xCd03eTL18COJvQwK2iWJjOhpYM5Y1xRlaFwoZFo HurgkCAiww8sDDHn325ZKIWXwhqAgh9qj18kRSz4pOc6V1XuUvzIq1FwZHIDId+e 7KADS+TT9bXb0ZdhDYTUUHytM6cyo31qFULGZHSvEyXpxbETeb2IeDvxAgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQUi8p2FtTekx+fygYId7bHKZgR3xUwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv ZjAwMzU2NzQtMTVmZi00MzRlLWI0ZDItNDRmYzYwMTBhMWFhLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAkBtpo4DANBgkqhkiG9w0BAQsFAAOCAQEARWoTUvN8xvl5gAx+/tZc hebPFncrkQAFZwhX4zWNmjG4tSmOW9JumwFsuQdxDRrVLya2xJTpxu4/GBzEc4pJ N7utbyB1hL4LQEowRuqA6lTLS+3UV5xNMI8Wf1Xhu/WkRTHK3ZmjX1chJBX1trm/ Es4opng1PTIovOBXLoiAd8dtDxlA1LITThkOdhmCYxWmGL8haCfar6lnECt3Td9V IPbI+3qrfQqweMoa+s/B2RsTUuqmB7CInLUzkTx+ZXe6OLTYwWdwqyYqulysw4d8 k/n2GgYhpfNdACagtG5B3BVEhCXrBQ3TLgJbL9amWd/SSguneDphOnJJ8KJJPYDA fw== -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org