$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa File: feddcef0-1c49-4db6-b667-d3a813db2a74.roa (raw, json) Hash identifier: AN0dF/PhvX7ZyQX/WC0IhctZTvfxH7gml5XelDOzwKU= Subject key identifier: BC:1F:5F:6C:F7:6A:63:D4:9E:AE:21:E9:5A:44:41:51:3F:DF:BD:B0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40AC3AC69EDD149C1A5661356B4C149D98C431F6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:ac:3a:c6:9e:dd:14:9c:1a:56:61:35:6b:4c:14:9d:98:c4:31:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=ce19ab12be98779dd2b0549d06dbc0086068a6a12cfc7a4cbe5678b0a76515f9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:12:6c:ae:d9:84:1f:fd:43:0d:f9:30:ce:5a: be:5c:ac:76:0c:b3:ba:d4:7e:74:4b:5c:73:f7:ec: 43:c0:19:a2:c2:fe:74:16:5e:c6:c5:89:01:5e:31: fe:5e:2a:0e:cf:81:17:46:64:6b:40:58:4d:a3:57: e2:f4:d7:99:ea:26:98:6e:1a:db:dc:06:e7:a7:56: d0:e0:c1:f4:54:89:20:b4:d9:21:f2:49:dc:dc:62: 6c:3b:04:b1:25:20:87:30:b9:91:7f:88:45:0e:ef: e6:0e:12:f4:dc:16:a2:85:3c:b2:6d:bf:87:84:d8: 58:bf:54:f7:19:a3:d9:a5:84:ed:b8:7a:53:8e:78: c7:1e:01:88:eb:e2:c9:c6:91:ac:61:b0:e1:44:0a: 49:08:2b:39:d6:99:f2:d6:bb:f8:b6:29:b0:b1:0a: ce:48:c1:e4:2c:3f:e3:98:ac:ba:fa:40:f0:5e:6b: e5:2f:ff:e6:29:f4:08:28:dd:36:75:0b:e3:53:30: 4d:2f:db:71:fd:f2:91:db:96:85:2a:c2:27:2a:69: 0a:12:74:10:fe:25:fa:90:0b:e0:a5:b2:0d:89:a1: 13:9b:39:69:6e:89:03:39:4d:a3:2b:4b:3a:d6:95: fe:93:88:eb:e8:f8:86:be:a2:93:55:41:6e:d8:5e: e5:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:1F:5F:6C:F7:6A:63:D4:9E:AE:21:E9:5A:44:41:51:3F:DF:BD:B0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:1000::/40 Signature Algorithm: sha256WithRSAEncryption 1d:6d:e7:09:88:20:e7:43:93:bd:ed:86:62:37:a5:f4:d6:c7: 96:04:4a:aa:93:2d:a7:fb:22:c1:7f:57:2e:0d:ef:12:50:57: 86:3f:eb:e7:85:27:fe:9b:e9:6b:40:95:da:5d:68:5a:66:d2: 87:a6:e7:18:e9:40:05:dc:4c:ae:3a:c5:f5:dd:da:08:2f:66: 55:f4:97:36:19:ac:b8:24:c1:88:4c:2c:c7:11:de:71:68:ad: 29:3b:6b:e2:d1:ea:18:3e:aa:a7:26:f7:02:54:f2:f9:01:95: a4:a9:06:13:8a:ab:ea:4f:f6:52:78:91:cb:0a:3d:80:dd:5f: 0e:63:7e:e4:0a:87:9f:4c:ac:0a:22:55:7a:68:af:af:a0:d3: bf:95:61:89:3b:12:b5:11:4a:2d:55:7e:cf:64:af:d1:a8:35: 64:38:f9:42:45:78:c0:2a:87:05:73:b7:86:ea:a7:d6:4c:72: 44:89:f1:ee:de:fe:70:09:ba:7d:a1:a9:ae:25:00:3a:0e:54: 4d:92:e4:bf:d9:6d:df:61:b9:54:67:35:95:91:e6:cd:a5:d4: 31:e4:d5:f9:1a:65:2b:85:8f:d4:d4:bb:85:07:85:94:bf:dd: 63:ce:18:78:fb:fb:d5:be:9c:a2:94:e2:8e:97:af:33:95:8c: 63:e7:ba:54 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQKw6xp7dFJwaVmE1a0wUnZjEMfYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAY2UxOWFiMTJiZTk4Nzc5ZGQyYjA1 NDlkMDZkYmMwMDg2MDY4YTZhMTJjZmM3YTRjYmU1Njc4YjBhNzY1MTVmOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBJsrtmEH/1DDfkwzlq+XKx2DLO6 1H50S1xz9+xDwBmiwv50Fl7GxYkBXjH+XioOz4EXRmRrQFhNo1fi9NeZ6iaYbhrb 3Abnp1bQ4MH0VIkgtNkh8knc3GJsOwSxJSCHMLmRf4hFDu/mDhL03BaihTyybb+H hNhYv1T3GaPZpYTtuHpTjnjHHgGI6+LJxpGsYbDhRApJCCs51pny1rv4timwsQrO SMHkLD/jmKy6+kDwXmvlL//mKfQIKN02dQvjUzBNL9tx/fKR25aFKsInKmkKEnQQ /iX6kAvgpbINiaETmzlpbokDOU2jK0s61pX+k4jr6PiGvqKTVUFu2F7l7QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLwfX2z3amPUnq4h6VpEQVE/372wMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlZGRjZWYwLTFjNDktNGRiNi1iNjY3LWQzYTgxM2RiMmE3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaBAwDQYJKoZIhvcNAQELBQADggEBAB1t5wmIIOdDk73thmI3 pfTWx5YESqqTLaf7IsF/Vy4N7xJQV4Y/6+eFJ/6b6WtAldpdaFpm0oem5xjpQAXc TK46xfXd2ggvZlX0lzYZrLgkwYhMLMcR3nForSk7a+LR6hg+qqcm9wJU8vkBlaSp BhOKq+pP9lJ4kcsKPYDdXw5jfuQKh59MrAoiVXpor6+g07+VYYk7ErURSi1Vfs9k r9GoNWQ4+UJFeMAqhwVzt4bqp9ZMckSJ8e7e/nAJun2hqa4lADoOVE2S5L/Zbd9h uVRnNZWR5s2l1DHk1fkaZSuFj9TUu4UHhZS/3WPOGHj7+9W+nKKU4o6XrzOVjGPn ulQ= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org