$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef0d1ea-1e76-427d-b3dc-3a051ef72b03.roa File: fef0d1ea-1e76-427d-b3dc-3a051ef72b03.roa (raw, json) Hash identifier: Ib2ZxN7qe5ceNZ7DU63zEPWGbzPNwhR0CoUQ/27HRzY= Subject key identifier: F9:AB:DD:18:29:11:6B:96:DE:AA:53:C1:38:4E:29:5D:9E:6E:99:0C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BF309DF9178FFDCF9EF3543E9256943C006BF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef0d1ea-1e76-427d-b3dc-3a051ef72b03.roa Signing time: Thu 02 May 2024 00:00:00 +0000 ROA not before: Thu 02 May 2024 00:00:00 +0000 ROA not after: Thu 06 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:f3:09:df:91:78:ff:dc:f9:ef:35:43:e9:25:69:43:c0:06:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:00 2024 GMT Not After : Jun 6 23:59:59 2024 GMT Subject: serialNumber=c394ecd2f74ed3a4cd9e1dab5d16e9ace84f93e050fc61f057fc39043fa74145, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:35:ac:bc:b3:96:6e:77:3c:ef:e9:6f:4d:8b: f4:fa:6b:70:94:54:c7:68:59:ba:96:8f:2c:88:e4: ad:ef:6c:91:5b:26:d6:95:9c:a2:c1:50:d1:a5:ae: a0:fb:29:85:16:7d:e9:e8:7e:68:da:5e:7c:0c:23: 32:2f:e1:cc:ee:28:a1:07:bb:69:28:0d:f6:70:74: e4:da:38:a7:53:86:51:65:a7:de:1b:48:5e:0e:fd: b1:21:fa:5f:92:43:c1:d6:6f:f3:df:29:7f:f3:5a: 18:43:94:5d:c8:a2:f1:d3:55:2d:7c:60:35:2c:58: 7d:35:0b:65:54:38:5d:c8:dd:7d:03:df:c4:c0:1d: 0c:bf:e0:6d:c4:bc:50:a3:a3:c3:30:4c:25:46:94: 2e:4f:99:34:b3:ea:1b:65:6b:90:37:d1:3f:3b:e9: 64:70:5c:16:da:17:5d:1e:92:16:5d:46:0a:42:92: e9:00:63:63:67:ca:45:de:37:69:fd:b4:11:dc:09: dc:52:6f:55:30:0e:56:b4:6e:f2:94:2b:3d:96:e3: 59:5c:36:10:91:4f:4b:98:f8:fc:c8:90:bb:21:b2: 62:f9:41:ae:0a:9f:f3:6f:1b:a7:fe:33:0f:6b:66: 5a:cd:09:59:7c:af:f1:b6:61:f4:c5:3f:a4:6f:e2: 7e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:AB:DD:18:29:11:6B:96:DE:AA:53:C1:38:4E:29:5D:9E:6E:99:0C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef0d1ea-1e76-427d-b3dc-3a051ef72b03.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:8000::/40 Signature Algorithm: sha256WithRSAEncryption 94:96:2e:00:e5:5c:7a:2d:86:80:7a:0d:f3:68:a3:9d:6f:a4: b4:28:3f:8c:8d:94:62:36:da:d0:2e:8c:52:b2:96:fc:85:32: 70:6f:78:4a:60:87:e2:7f:24:79:99:d7:e0:ee:d2:38:34:af: de:e7:b7:9c:78:98:89:84:56:85:af:fd:a1:54:cd:8d:a9:f5: 16:13:e4:a4:0b:64:86:92:50:dc:1e:e9:2d:a1:86:2e:85:f5: ce:76:0e:f3:a2:f0:60:0e:ba:cb:64:b4:0c:65:db:78:2b:31: 8d:07:1e:88:ea:d4:7f:be:5a:14:d2:0d:f0:e4:9d:dd:11:8e: 6f:47:1f:29:b4:58:1e:a1:87:49:bd:4d:c4:c8:45:78:46:01: d2:08:dc:87:fb:09:c1:8b:30:68:ad:34:26:30:6f:8b:ac:c9: 05:41:86:0c:b2:ae:8a:2b:32:e3:49:49:7d:48:ec:97:fa:65: 32:50:1a:c3:a6:c7:e1:53:f8:48:aa:95:c2:3a:cb:d8:40:eb: 9b:87:3b:0c:24:81:c9:d4:eb:8b:d8:53:fe:67:fb:15:24:af: 7a:3a:29:4d:6e:6d:e4:67:6b:4f:0d:ff:d4:aa:1f:64:8e:38: d2:c1:5b:f3:3c:59:c4:a3:fd:e1:72:be:5f:2f:68:d7:f5:f1: 51:94:17:64 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITW/MJ35F4/9z57zVD6SVpQ8AGvzANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjQwNTAyMDAwMDAwWhcN MjQwNjA2MjM1OTU5WjB6MUkwRwYDVQQFE0BjMzk0ZWNkMmY3NGVkM2E0Y2Q5ZTFk YWI1ZDE2ZTlhY2U4NGY5M2UwNTBmYzYxZjA1N2ZjMzkwNDNmYTc0MTQ1MS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaNay8s5Zudzzv6W9Ni/T6a3CUVMdo WbqWjyyI5K3vbJFbJtaVnKLBUNGlrqD7KYUWfenofmjaXnwMIzIv4czuKKEHu2ko DfZwdOTaOKdThlFlp94bSF4O/bEh+l+SQ8HWb/PfKX/zWhhDlF3IovHTVS18YDUs WH01C2VUOF3I3X0D38TAHQy/4G3EvFCjo8MwTCVGlC5PmTSz6htla5A30T876WRw XBbaF10ekhZdRgpCkukAY2NnykXeN2n9tBHcCdxSb1UwDla0bvKUKz2W41lcNhCR T0uY+PzIkLshsmL5Qa4Kn/NvG6f+Mw9rZlrNCVl8r/G2YfTFP6Rv4n4PAgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQU+avdGCkRa5beqlPBOE4pXZ5umQwwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv ZmVmMGQxZWEtMWU3Ni00MjdkLWIzZGMtM2EwNTFlZjcyYjAzLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAkBtr0gDANBgkqhkiG9w0BAQsFAAOCAQEAlJYuAOVcei2GgHoN82ij nW+ktCg/jI2UYjba0C6MUrKW/IUycG94SmCH4n8keZnX4O7SODSv3ue3nHiYiYRW ha/9oVTNjan1FhPkpAtkhpJQ3B7pLaGGLoX1znYO86LwYA66y2S0DGXbeCsxjQce iOrUf75aFNIN8OSd3RGOb0cfKbRYHqGHSb1NxMhFeEYB0gjch/sJwYswaK00JjBv i6zJBUGGDLKuiisy40lJfUjsl/plMlAaw6bH4VP4SKqVwjrL2EDrm4c7DCSBydTr i9hT/mf7FSSvejopTW5t5GdrTw3/1KofZI440sFb8zxZxKP94XK+Xy9o1/XxUZQX ZA== -----END CERTIFICATE-----Generated at Thu May 23 01:35:21 2024 by rpki-client on console-fra.rpki-client.org