$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f9bb6778-8bdb-45ac-b6df-27458ed8b836.roa File: f9bb6778-8bdb-45ac-b6df-27458ed8b836.roa (raw, json) Hash identifier: 1Vrnj7YQ4sddMc/U7qjWNRB/R1a2RsIiz6iYbj9RG6k= Subject key identifier: 38:E4:C1:9E:06:22:BA:35:1D:FD:04:0E:89:85:FC:A3:C8:ED:F7:38 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5A2134862A90FBD0BE1308295E65B80FDB90CFFA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f9bb6778-8bdb-45ac-b6df-27458ed8b836.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:21:34:86:2a:90:fb:d0:be:13:08:29:5e:65:b8:0f:db:90:cf:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=99829f4edd2907a6c66dd03c33afbfd2d645e68d656da7917bf43ba09c4eade3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:6e:51:71:2c:8e:d6:00:3a:27:8d:a5:0a:45: 8e:a5:ad:c1:4a:31:78:79:7d:af:c0:b8:7b:df:18: 2a:32:b1:25:ba:0c:26:8a:f3:0b:a2:1b:db:e6:35: ad:38:a2:18:ff:f1:6c:ee:25:98:03:00:2e:7a:ac: 80:a6:14:77:a8:32:36:59:8d:27:fe:9d:c2:8b:6c: d3:bc:f2:e0:c6:5e:bb:4f:ad:8c:b6:79:9d:9f:66: 2c:c1:95:e0:91:81:30:fe:65:37:3a:90:ab:15:0b: 9f:bb:9e:72:18:f6:3b:6d:de:e1:63:f7:b0:67:03: 6c:c7:4c:42:4a:47:0e:a1:36:6a:74:d5:34:54:ee: b2:3f:4a:07:e3:6b:7c:b3:6f:44:78:28:0f:7c:95: 79:67:17:9c:82:fe:d4:ad:c5:f6:8e:d4:fd:ae:90: 42:3f:88:77:7a:96:2a:88:d9:c6:60:b3:1c:ea:da: 15:18:bf:1d:ff:d0:b9:cf:08:e7:d7:d4:1c:19:68: 5b:1f:05:26:d7:48:e4:4d:6a:c3:f5:ae:c2:17:1e: ef:ea:e8:39:b7:9e:3b:53:08:ec:a3:62:93:54:41: 20:44:34:22:83:f5:73:0f:14:22:a8:9a:f8:95:ff: 99:0b:9a:30:24:76:93:11:aa:41:03:42:0d:fa:38: 31:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:E4:C1:9E:06:22:BA:35:1D:FD:04:0E:89:85:FC:A3:C8:ED:F7:38 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f9bb6778-8bdb-45ac-b6df-27458ed8b836.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:9000::/40 Signature Algorithm: sha256WithRSAEncryption af:e3:8a:53:39:66:e4:56:97:3d:92:84:e5:45:c6:26:14:73: 63:1f:4c:94:ee:45:3d:44:8a:dd:be:52:7d:0e:43:c3:55:fa: c9:6e:fa:12:79:d8:12:82:87:80:7d:f5:15:c0:92:db:0d:24: c1:c4:2a:5c:1d:2a:b4:83:08:ba:8a:f0:2e:ed:1b:56:24:a0: e4:0e:a1:aa:16:d7:4a:b1:95:a3:51:95:39:3c:49:f2:e0:b3: e3:35:3e:0a:dc:99:40:36:a8:6e:73:5d:37:0e:bb:21:17:97: 2a:61:11:ab:f5:10:45:79:bc:6d:45:7f:71:6d:db:5a:ea:ac: 83:09:f4:5c:25:3a:23:35:6d:f4:3c:f7:aa:be:53:88:55:cb: db:7a:11:70:f5:c5:e2:14:90:93:78:b8:00:b2:1e:76:e9:f4: 78:13:41:54:07:3b:fe:23:46:01:38:2b:36:9a:ff:8d:1b:34: b7:5d:c4:f2:4c:24:25:19:89:10:7f:42:9d:56:36:c6:5b:cb: c0:40:3d:d0:21:fc:7a:9a:5b:bc:09:be:bf:6b:90:bf:48:a5: d4:22:20:ab:c4:97:f1:41:92:df:0b:de:d9:e3:67:99:89:cc: 31:88:88:9f:b8:c2:a8:ce:d4:80:74:c4:35:d7:8e:6c:36:3b: 5f:49:46:82 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWiE0hiqQ+9C+EwgpXmW4D9uQz/owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAOTk4MjlmNGVkZDI5MDdhNmM2NmRk MDNjMzNhZmJmZDJkNjQ1ZTY4ZDY1NmRhNzkxN2JmNDNiYTA5YzRlYWRlMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW5RcSyO1gA6J42lCkWOpa3BSjF4 eX2vwLh73xgqMrElugwmivMLohvb5jWtOKIY//Fs7iWYAwAueqyAphR3qDI2WY0n /p3Ci2zTvPLgxl67T62Mtnmdn2YswZXgkYEw/mU3OpCrFQufu55yGPY7bd7hY/ew ZwNsx0xCSkcOoTZqdNU0VO6yP0oH42t8s29EeCgPfJV5Zxecgv7UrcX2jtT9rpBC P4h3epYqiNnGYLMc6toVGL8d/9C5zwjn19QcGWhbHwUm10jkTWrD9a7CFx7v6ug5 t547Uwjso2KTVEEgRDQig/VzDxQiqJr4lf+ZC5owJHaTEapBA0IN+jgxtwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDjkwZ4GIro1Hf0EDomF/KPI7fc4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y5YmI2Nzc4LThiZGItNDVhYy1iNmRmLTI3NDU4ZWQ4YjgzNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYJAwDQYJKoZIhvcNAQELBQADggEBAK/jilM5ZuRWlz2ShOVF xiYUc2MfTJTuRT1Eit2+Un0OQ8NV+slu+hJ52BKCh4B99RXAktsNJMHEKlwdKrSD CLqK8C7tG1YkoOQOoaoW10qxlaNRlTk8SfLgs+M1PgrcmUA2qG5zXTcOuyEXlyph Eav1EEV5vG1Ff3Ft21rqrIMJ9FwlOiM1bfQ896q+U4hVy9t6EXD1xeIUkJN4uACy Hnbp9HgTQVQHO/4jRgE4Kzaa/40bNLddxPJMJCUZiRB/Qp1WNsZby8BAPdAh/Hqa W7wJvr9rkL9IpdQiIKvEl/FBkt8L3tnjZ5mJzDGIiJ+4wqjO1IB0xDXXjmw2O19J RoI= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org