$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f4077791-add9-436b-8f2e-4a21cda9ff2b.roa File: f4077791-add9-436b-8f2e-4a21cda9ff2b.roa (raw, json) Hash identifier: GWs17SktJ+88wTs+aSp9Gb+mbo1+9pacXDKSeOx8dbQ= Subject key identifier: B1:65:8B:26:D3:7B:47:90:80:42:53:4B:1E:1D:94:41:08:85:DE:17 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1B46D352D5A089226BDFF18BEBF86566D9AA0688 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f4077791-add9-436b-8f2e-4a21cda9ff2b.roa Signing time: Thu 02 May 2024 00:00:00 +0000 ROA not before: Thu 02 May 2024 00:00:00 +0000 ROA not after: Thu 06 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 00:10:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:46:d3:52:d5:a0:89:22:6b:df:f1:8b:eb:f8:65:66:d9:aa:06:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:00 2024 GMT Not After : Jun 6 23:59:59 2024 GMT Subject: serialNumber=ec33bae1e7de3defbc750ff6592bf68751446d17aa8845aa5897179e2e715380, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:9e:1b:42:04:bf:2f:45:7d:d1:31:1b:27:92: d3:04:a5:7d:b3:7f:14:76:28:57:40:ff:e2:ae:6f: c8:f8:60:d3:14:25:3b:de:66:92:e1:2b:c9:5f:cb: 56:69:c4:71:50:bf:d1:ac:2a:d2:86:b6:a7:92:8a: 08:71:ce:55:c2:24:a0:18:1b:f3:85:b1:e2:c7:a6: c1:37:8a:11:1f:21:39:1a:d5:86:4a:16:c3:15:d3: ad:a3:5f:5f:9b:21:f9:f5:db:fd:7c:a0:2e:6c:54: c7:50:ca:87:c9:3f:d7:17:c9:d0:72:2c:eb:16:3a: 70:a5:03:a8:8d:31:bc:26:e3:3e:11:ae:bc:b0:e8: fc:2b:4e:0f:1e:ff:d8:ef:5e:d6:e9:7b:9a:0f:2c: 03:a2:27:84:31:5c:6d:ee:37:25:c7:88:14:d9:3a: 80:73:04:b9:7f:1f:a7:4f:00:73:ba:43:7c:e6:f8: 8d:7b:40:5a:16:41:7b:ac:55:64:7f:b2:66:a5:0e: 0b:ff:06:16:54:04:15:5c:07:55:1b:77:53:14:2c: f1:9e:41:57:8a:50:0f:ae:c5:3c:2e:eb:1b:29:04: 21:07:1d:dd:c2:dd:d1:20:e1:02:5f:07:ee:01:b9: d4:f7:90:59:3c:78:27:06:bd:ca:17:6c:8d:fd:ed: 1d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:65:8B:26:D3:7B:47:90:80:42:53:4B:1E:1D:94:41:08:85:DE:17 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f4077791-add9-436b-8f2e-4a21cda9ff2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:4800::/40 Signature Algorithm: sha256WithRSAEncryption 55:eb:a6:7f:73:c3:ca:91:c2:6b:3a:df:18:a2:f4:7a:52:51: 5d:9c:c3:ec:59:cd:95:21:e4:b6:6c:87:87:f1:38:29:d8:56: df:c6:aa:d3:1e:4d:67:dd:11:b8:eb:f2:f8:cd:f5:88:5b:c5: 4c:44:cc:17:12:fc:b8:bf:d2:a5:17:00:50:34:af:e9:3b:07: 5f:49:f8:14:99:0f:ee:66:20:17:32:58:bb:33:27:36:c9:64: ca:0b:d5:b3:9d:07:87:0a:68:8d:99:7c:73:ec:a4:04:63:2b: 9e:39:1d:76:75:82:f5:7b:7a:74:a6:43:d4:e0:4a:92:57:bd: 6e:c2:66:b7:37:09:bd:9e:c0:c9:f5:50:31:29:61:7e:90:ac: 77:a0:1b:7e:13:19:24:f7:20:9c:aa:6e:78:69:ce:52:89:62: 85:2b:9f:ec:fd:4b:df:87:1a:16:5a:b6:7f:7c:9b:1d:c7:28: bb:17:77:7b:60:84:30:76:91:44:47:dc:3b:92:8e:48:4b:a3: f0:96:d3:f6:da:04:e7:27:b3:f7:84:bf:5e:ce:3c:8d:af:fc: ad:3c:38:29:3a:01:74:4a:9c:f4:8f:ca:be:9e:d1:f3:f5:07: f5:59:03:20:d9:c7:81:db:28:c4:f2:30:38:63:8b:dc:83:51: ce:ff:ff:76 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG0bTUtWgiSJr3/GL6/hlZtmqBogwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMjAwMDAwMFoX DTI0MDYwNjIzNTk1OVowejFJMEcGA1UEBRNAZWMzM2JhZTFlN2RlM2RlZmJjNzUw ZmY2NTkyYmY2ODc1MTQ0NmQxN2FhODg0NWFhNTg5NzE3OWUyZTcxNTM4MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm54bQgS/L0V90TEbJ5LTBKV9s38U dihXQP/irm/I+GDTFCU73maS4SvJX8tWacRxUL/RrCrShrankooIcc5VwiSgGBvz hbHix6bBN4oRHyE5GtWGShbDFdOto19fmyH59dv9fKAubFTHUMqHyT/XF8nQcizr FjpwpQOojTG8JuM+Ea68sOj8K04PHv/Y717W6XuaDywDoieEMVxt7jclx4gU2TqA cwS5fx+nTwBzukN85viNe0BaFkF7rFVkf7JmpQ4L/wYWVAQVXAdVG3dTFCzxnkFX ilAPrsU8LusbKQQhBx3dwt3RIOECXwfuAbnU95BZPHgnBr3KF2yN/e0dMwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLFliybTe0eQgEJTSx4dlEEIhd4XMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y0MDc3NzkxLWFkZDktNDM2Yi04ZjJlLTRhMjFjZGE5ZmYyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauUgwDQYJKoZIhvcNAQELBQADggEBAFXrpn9zw8qRwms63xii 9HpSUV2cw+xZzZUh5LZsh4fxOCnYVt/GqtMeTWfdEbjr8vjN9YhbxUxEzBcS/Li/ 0qUXAFA0r+k7B19J+BSZD+5mIBcyWLszJzbJZMoL1bOdB4cKaI2ZfHPspARjK545 HXZ1gvV7enSmQ9TgSpJXvW7CZrc3Cb2ewMn1UDEpYX6QrHegG34TGST3IJyqbnhp zlKJYoUrn+z9S9+HGhZatn98mx3HKLsXd3tghDB2kURH3DuSjkhLo/CW0/baBOcn s/eEv17OPI2v/K08OCk6AXRKnPSPyr6e0fP1B/VZAyDZx4HbKMTyMDhji9yDUc7/ /3Y= -----END CERTIFICATE-----Generated at Sat May 18 05:19:52 2024 by rpki-client on console-fra.rpki-client.org