$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3fcff10-dbdb-4a68-be9a-7bdfc27ca36d.roa File: f3fcff10-dbdb-4a68-be9a-7bdfc27ca36d.roa (raw, json) Hash identifier: 8bSsBbwFiY9v0lL+KMpn2DeJUg05kiJZa0fCxg0WBms= Subject key identifier: CF:97:B5:B5:8E:49:A3:88:F0:4C:46:D5:20:43:7D:0D:AF:C0:FB:99 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5847B599E4696256D67B63AD0316046A8617CEAF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3fcff10-dbdb-4a68-be9a-7bdfc27ca36d.roa Signing time: Fri 19 Jul 2024 00:00:00 +0000 ROA not before: Fri 19 Jul 2024 00:00:00 +0000 ROA not after: Fri 23 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:47:b5:99:e4:69:62:56:d6:7b:63:ad:03:16:04:6a:86:17:ce:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 19 00:00:00 2024 GMT Not After : Aug 23 23:59:59 2024 GMT Subject: serialNumber=9da1e2956e71a0a8e1bd3eefd7a0e14d337a64c5fcac2395094c8fa894ed6a60, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b6:9f:54:68:a2:25:5d:8b:5a:01:0a:cf:1e: 1d:a7:80:71:1d:02:44:97:75:52:92:6d:49:16:89: 45:5d:4e:17:9a:ef:34:12:d3:d1:ea:c5:bd:11:b7: 3f:75:88:bc:fa:ba:e7:9f:a9:54:c3:96:74:f2:0d: 8f:e6:8d:aa:2e:7e:d9:3d:ba:bd:5c:74:12:ba:2f: bb:28:5a:ae:90:a7:ef:a1:ca:25:b4:22:2b:01:8e: c8:90:59:0d:54:09:59:98:dc:8d:8e:69:f1:fa:40: 97:d6:de:13:dc:13:12:c5:84:ae:75:a7:34:e8:80: af:29:98:dd:33:f0:b7:59:a2:75:50:af:53:15:07: 72:d1:43:94:c6:53:d6:66:bf:b4:73:59:80:9f:42: bd:80:63:ff:fd:ae:f9:2e:c3:ab:13:83:26:ec:df: c7:5d:c0:4c:07:6e:60:57:a2:f0:5c:05:af:88:63: 4e:51:eb:81:9f:c6:94:2d:6e:91:53:0a:0b:af:72: 1f:95:eb:e2:ba:32:b7:fe:20:c2:a2:0d:81:4e:b9: 4f:18:b6:86:92:48:b5:8b:8c:86:85:c6:ae:60:d6: 0e:e6:a0:63:28:6c:dd:59:26:46:27:ef:9b:8a:8e: 68:f7:05:5d:ec:32:f9:c9:b1:04:b0:e7:e9:7d:79: ca:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:97:B5:B5:8E:49:A3:88:F0:4C:46:D5:20:43:7D:0D:AF:C0:FB:99 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3fcff10-dbdb-4a68-be9a-7bdfc27ca36d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:1000::/40 Signature Algorithm: sha256WithRSAEncryption 88:d3:3d:ea:25:ec:a9:ee:8e:7e:9c:a9:60:d1:01:3a:54:87: 17:a8:c3:4a:89:41:cc:b5:7e:e4:20:d2:f6:c2:15:87:73:c7: 8e:4a:73:56:c4:a1:4a:97:42:72:ae:8c:59:6a:c2:8e:a3:59: c9:fd:46:2d:cc:13:63:a4:9b:f6:6d:c6:f6:b3:b6:cb:cc:a2: bd:52:60:63:fd:ff:39:59:b7:f0:bb:46:1b:69:79:50:75:31: 26:0e:82:87:2d:cc:6d:b3:d0:b6:19:31:cc:8f:5c:af:64:7b: 2f:f7:c2:8f:66:1c:a4:f1:20:1d:26:b7:bd:b1:b8:59:09:83: ba:e7:40:58:d6:5f:d4:3f:a7:6f:2d:ed:11:5e:b7:bb:04:b4: 27:43:17:7f:7b:7f:8a:e4:2f:02:d0:70:6c:18:f2:37:01:af: 7b:dc:b2:df:7b:80:45:8f:1b:c4:9e:95:50:d6:5b:0a:19:aa: c4:bf:c4:01:23:b4:31:32:ec:66:f1:2d:aa:e6:9c:68:12:36: 7b:9b:6b:e3:a6:79:cf:e0:b6:8e:4e:47:15:a5:56:97:91:5e: b3:98:b5:74:c2:58:ee:f1:10:02:c1:90:96:b7:0c:57:66:7b: 0f:f3:55:6c:be:08:50:18:c1:6f:61:e8:66:b7:77:58:91:44: f0:54:98:64 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWEe1meRpYlbWe2OtAxYEaoYXzq8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxOTAwMDAwMFoX DTI0MDgyMzIzNTk1OVowejFJMEcGA1UEBRNAOWRhMWUyOTU2ZTcxYTBhOGUxYmQz ZWVmZDdhMGUxNGQzMzdhNjRjNWZjYWMyMzk1MDk0YzhmYTg5NGVkNmE2MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7afVGiiJV2LWgEKzx4dp4BxHQJE l3VSkm1JFolFXU4Xmu80EtPR6sW9Ebc/dYi8+rrnn6lUw5Z08g2P5o2qLn7ZPbq9 XHQSui+7KFqukKfvocoltCIrAY7IkFkNVAlZmNyNjmnx+kCX1t4T3BMSxYSudac0 6ICvKZjdM/C3WaJ1UK9TFQdy0UOUxlPWZr+0c1mAn0K9gGP//a75LsOrE4Mm7N/H XcBMB25gV6LwXAWviGNOUeuBn8aULW6RUwoLr3IfleviujK3/iDCog2BTrlPGLaG kki1i4yGhcauYNYO5qBjKGzdWSZGJ++bio5o9wVd7DL5ybEEsOfpfXnK9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM+XtbWOSaOI8ExG1SBDfQ2vwPuZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzZmNmZjEwLWRiZGItNGE2OC1iZTlhLTdiZGZjMjdjYTM2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9hAwDQYJKoZIhvcNAQELBQADggEBAIjTPeol7Knujn6cqWDR ATpUhxeow0qJQcy1fuQg0vbCFYdzx45Kc1bEoUqXQnKujFlqwo6jWcn9Ri3ME2Ok m/ZtxvaztsvMor1SYGP9/zlZt/C7RhtpeVB1MSYOgoctzG2z0LYZMcyPXK9key/3 wo9mHKTxIB0mt72xuFkJg7rnQFjWX9Q/p28t7RFet7sEtCdDF397f4rkLwLQcGwY 8jcBr3vcst97gEWPG8SelVDWWwoZqsS/xAEjtDEy7GbxLarmnGgSNnuba+Omec/g to5ORxWlVpeRXrOYtXTCWO7xEALBkJa3DFdmew/zVWy+CFAYwW9h6Ga3d1iRRPBU mGQ= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:42 2024 by rpki-client on console-ams.rpki-client.org