$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fc653957-4f62-4afa-93a5-fdca0a97ec7a.roa File: fc653957-4f62-4afa-93a5-fdca0a97ec7a.roa (raw, json) Hash identifier: /pdOFjWeF3OM1bC4zzYARt0YgllePoNIkFrZ3p9dD9w= Subject key identifier: 9B:4B:B2:A6:F1:5D:BE:59:D7:3F:20:22:CC:BC:5F:35:DE:3D:5A:85 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 410A23C08B16FE845C373138DE017C05E3B1A3DE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fc653957-4f62-4afa-93a5-fdca0a97ec7a.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:0a:23:c0:8b:16:fe:84:5c:37:31:38:de:01:7c:05:e3:b1:a3:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=7fc10284800388b17d9ae5d2f016cbe26d830b632d164340c84b60c2e78289ba, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:62:de:ca:17:be:38:3e:45:f1:12:6b:e6:5e: 89:6a:80:cd:19:29:71:e6:b6:25:39:29:b0:c6:53: 1e:08:b7:f6:32:c5:f6:f1:ee:c1:ea:61:3e:dc:15: 66:0d:59:d6:7f:22:b6:1f:03:31:ac:3f:b3:e0:9b: 52:c2:58:1f:89:df:36:21:0b:9e:48:11:dc:30:7d: 0d:3a:4f:27:6f:48:a3:da:fa:59:50:9d:76:48:3a: 80:c0:f4:c0:4b:5c:b6:cf:74:83:75:ab:c6:13:0d: 3b:84:7b:72:11:7b:a3:73:5b:b6:bb:10:07:e9:5f: 9c:1b:98:76:c7:6f:2c:de:da:33:f1:5d:3c:df:e7: 5f:b9:8c:e3:f4:c0:a4:5d:9f:da:9e:e1:d8:83:19: bb:d3:60:76:fc:3c:f2:d2:24:62:95:67:a8:a6:58: 67:5e:57:77:3d:34:eb:1d:44:9d:6f:32:93:31:3a: 10:e9:23:93:ee:8b:9b:c9:c8:f9:5a:a4:53:9d:07: 83:ce:ad:19:ae:88:b3:fe:48:2a:03:27:c6:fc:9c: b0:51:7c:b6:c2:39:e6:f5:6c:31:7d:e2:3c:27:6c: 33:bd:6c:ea:10:77:16:d8:c7:fd:ed:05:c6:24:58: 3c:78:73:39:68:2b:8e:ec:42:a7:27:cc:f8:a7:63: 18:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:4B:B2:A6:F1:5D:BE:59:D7:3F:20:22:CC:BC:5F:35:DE:3D:5A:85 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fc653957-4f62-4afa-93a5-fdca0a97ec7a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:2000::/40 Signature Algorithm: sha256WithRSAEncryption 86:56:20:19:01:6d:51:98:4c:24:cf:3f:a8:b1:5c:ad:75:e5: fa:81:32:62:a4:b8:f0:e2:a4:3b:d4:bd:54:f1:de:f6:13:47: a9:e6:85:b7:73:73:5f:f7:e4:25:28:2d:d7:3d:49:f5:7f:51: ab:c3:2d:bd:85:f5:72:e7:15:40:28:36:5b:a4:b7:3d:9c:5a: fc:7e:54:0d:51:1b:92:29:2f:b1:06:c2:a2:60:f9:b8:03:ca: 3a:77:7d:88:95:36:e5:59:14:19:65:d8:94:59:93:c2:b0:7d: 3b:3c:be:8d:a5:10:65:6e:64:bf:55:92:13:28:2c:79:4d:04: d1:ec:9c:01:b7:d8:84:96:80:9c:6b:62:f4:81:98:a4:91:69: 2f:fa:a9:da:3b:9f:4c:4f:3e:04:51:e3:cb:a5:60:16:97:37: a5:f4:1c:c2:60:dd:b1:07:b6:7f:27:86:4f:6e:81:1c:e6:15: 3f:60:87:ac:2a:8b:ba:d1:2d:e1:3d:d8:a0:b0:69:d7:4b:06: 8b:98:6a:06:c4:a8:29:97:e0:a5:af:c3:de:07:88:72:a5:c7: 3f:fb:bd:b4:c4:f4:e0:1a:04:bf:4d:5a:f1:61:67:b7:c4:21: bc:bd:dc:2c:6f:43:6d:19:74:6f:10:35:cd:8f:16:dd:8a:3e: 87:b5:98:11 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQQojwIsW/oRcNzE43gF8BeOxo94wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAN2ZjMTAyODQ4MDAzODhiMTdkOWFl NWQyZjAxNmNiZTI2ZDgzMGI2MzJkMTY0MzQwYzg0YjYwYzJlNzgyODliYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32Leyhe+OD5F8RJr5l6JaoDNGSlx 5rYlOSmwxlMeCLf2MsX28e7B6mE+3BVmDVnWfyK2HwMxrD+z4JtSwlgfid82IQue SBHcMH0NOk8nb0ij2vpZUJ12SDqAwPTAS1y2z3SDdavGEw07hHtyEXujc1u2uxAH 6V+cG5h2x28s3toz8V083+dfuYzj9MCkXZ/anuHYgxm702B2/Dzy0iRilWeoplhn Xld3PTTrHUSdbzKTMToQ6SOT7oubycj5WqRTnQeDzq0Zroiz/kgqAyfG/JywUXy2 wjnm9WwxfeI8J2wzvWzqEHcW2Mf97QXGJFg8eHM5aCuO7EKnJ8z4p2MYnwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJtLsqbxXb5Z1z8gIsy8XzXePVqFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZjNjUzOTU3LTRmNjItNGFmYS05M2E1LWZkY2EwYTk3ZWM3YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/CAwDQYJKoZIhvcNAQELBQADggEBAIZWIBkBbVGYTCTPP6ix XK115fqBMmKkuPDipDvUvVTx3vYTR6nmhbdzc1/35CUoLdc9SfV/UavDLb2F9XLn FUAoNluktz2cWvx+VA1RG5IpL7EGwqJg+bgDyjp3fYiVNuVZFBll2JRZk8KwfTs8 vo2lEGVuZL9VkhMoLHlNBNHsnAG32ISWgJxrYvSBmKSRaS/6qdo7n0xPPgRR48ul YBaXN6X0HMJg3bEHtn8nhk9ugRzmFT9gh6wqi7rRLeE92KCwaddLBouYagbEqCmX 4KWvw94HiHKlxz/7vbTE9OAaBL9NWvFhZ7fEIby93CxvQ20ZdG8QNc2PFt2KPoe1 mBE= -----END CERTIFICATE-----Generated at Thu Apr 25 00:30:40 2024 by rpki-client on console-fra.rpki-client.org