$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa File: fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa (raw, json) Hash identifier: 1hBBRb73DSZ6AnyhTnFForGKg9tdQcfOI2JNDgJpAu4= Subject key identifier: 7F:22:88:BD:C9:BB:52:52:B3:10:DC:39:6E:67:F2:EE:69:55:CA:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4C042D4EC5E709874BDA9D19894959F6AE58FC20 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa Signing time: Thu 02 May 2024 00:00:00 +0000 ROA not before: Thu 02 May 2024 00:00:00 +0000 ROA not after: Thu 06 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:04:2d:4e:c5:e7:09:87:4b:da:9d:19:89:49:59:f6:ae:58:fc:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:00 2024 GMT Not After : Jun 6 23:59:59 2024 GMT Subject: serialNumber=3529c63924f57f88418ac91ccf039c9a53af5da98e55d066b2cf0595257f536c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:bc:35:9b:36:83:ba:45:05:2f:9e:04:d8:50: fa:98:e4:bf:d0:52:78:ad:fc:69:87:3a:b7:df:41: 07:92:d9:13:12:ee:95:18:fd:17:8a:86:95:2c:05: 27:04:11:f3:76:2e:84:44:99:ad:5d:df:c7:06:6e: ca:bd:4f:5a:f6:44:33:14:4a:4d:ff:93:d0:25:03: 7d:e6:98:c0:54:52:07:5c:25:72:f2:18:a3:e5:36: 7c:a0:7a:ec:52:d9:84:50:cd:ca:39:03:41:f6:23: 8c:ca:09:a0:f2:4e:bf:ff:a3:a0:f5:62:49:73:0a: 72:dc:60:6d:c6:0a:9d:d6:3a:ac:aa:39:6f:51:6e: 97:72:e7:14:2e:c4:66:f8:c7:b9:1d:29:cc:16:53: bf:9b:21:f5:ec:2a:3f:35:97:7f:7d:56:0e:19:fb: 48:70:b9:9c:cf:c7:fa:41:50:2f:3d:6e:21:df:7d: 4c:4c:a4:f6:07:98:84:ad:5f:cb:bc:62:1b:e1:3f: c7:d5:1f:d4:5b:cb:0a:fe:21:26:c5:c9:8b:6d:bf: 82:5a:5c:3a:6d:6c:f9:ae:cc:65:22:4e:2c:99:55: 3e:1d:ed:e5:c6:58:af:76:8a:d2:3a:59:4e:13:e3: d8:6f:5b:15:fd:13:11:ad:a4:9d:b8:7a:76:58:b3: 03:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:22:88:BD:C9:BB:52:52:B3:10:DC:39:6E:67:F2:EE:69:55:CA:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:f000::/40 Signature Algorithm: sha256WithRSAEncryption ca:2a:ad:00:ee:e8:56:7f:a5:62:77:5b:47:94:d1:4d:ba:ef: 5a:87:52:20:f8:aa:10:90:d7:c3:76:cd:fc:2f:54:44:96:af: 1e:89:7c:53:b6:6b:7e:c0:6a:cb:45:62:42:21:29:b6:33:5b: 38:22:00:43:a7:35:05:a8:4c:ca:7f:82:81:30:2b:a0:db:55: b1:c7:43:60:6e:7e:da:e4:53:a6:a7:70:f7:fd:65:cb:c6:b5: f9:52:93:44:20:df:33:af:f9:41:5e:e4:83:44:2d:ea:76:dc: 54:3b:77:1b:1a:29:12:e9:b7:f3:a4:9f:59:5d:17:dc:87:3f: fb:e1:25:c1:74:4b:95:5d:37:8f:1b:ed:a9:14:b8:0c:dd:ab: c3:d2:33:db:32:ed:f8:c2:95:48:b9:77:44:f8:ab:44:ec:bf: af:3c:23:83:76:32:31:77:b1:40:2d:82:e1:db:fe:a9:0a:ad: 1b:12:09:a4:82:1c:d6:30:07:77:99:5b:db:21:58:d2:9b:06: ae:dd:99:4b:0f:99:5b:43:66:f9:5a:f0:e8:5e:b8:02:fe:7e: c4:0a:63:cc:d6:19:cc:20:c5:77:f0:23:f3:17:1c:2d:3c:85: e3:ed:d3:ba:12:3a:99:8c:bc:6c:3c:82:0d:02:81:3f:0d:65: 53:08:4e:69 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTAQtTsXnCYdL2p0ZiUlZ9q5Y/CAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMjAwMDAwMFoX DTI0MDYwNjIzNTk1OVowejFJMEcGA1UEBRNAMzUyOWM2MzkyNGY1N2Y4ODQxOGFj OTFjY2YwMzljOWE1M2FmNWRhOThlNTVkMDY2YjJjZjA1OTUyNTdmNTM2YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7w1mzaDukUFL54E2FD6mOS/0FJ4 rfxphzq330EHktkTEu6VGP0XioaVLAUnBBHzdi6ERJmtXd/HBm7KvU9a9kQzFEpN /5PQJQN95pjAVFIHXCVy8hij5TZ8oHrsUtmEUM3KOQNB9iOMygmg8k6//6Og9WJJ cwpy3GBtxgqd1jqsqjlvUW6XcucULsRm+Me5HSnMFlO/myH17Co/NZd/fVYOGftI cLmcz8f6QVAvPW4h331MTKT2B5iErV/LvGIb4T/H1R/UW8sK/iEmxcmLbb+CWlw6 bWz5rsxlIk4smVU+He3lxlivdorSOllOE+PYb1sV/RMRraSduHp2WLMDmwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH8iiL3Ju1JSsxDcOW5n8u5pVcrVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlZjNhYmY2LWYyZTAtNDRlOC1hN2IzLTFjODdjOWMxZDI2Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOPAwDQYJKoZIhvcNAQELBQADggEBAMoqrQDu6FZ/pWJ3W0eU 0U2671qHUiD4qhCQ18N2zfwvVESWrx6JfFO2a37AastFYkIhKbYzWzgiAEOnNQWo TMp/goEwK6DbVbHHQ2BuftrkU6ancPf9ZcvGtflSk0Qg3zOv+UFe5INELep23FQ7 dxsaKRLpt/Okn1ldF9yHP/vhJcF0S5VdN48b7akUuAzdq8PSM9sy7fjClUi5d0T4 q0Tsv688I4N2MjF3sUAtguHb/qkKrRsSCaSCHNYwB3eZW9shWNKbBq7dmUsPmVtD Zvla8OheuAL+fsQKY8zWGcwgxXfwI/MXHC08hePt07oSOpmMvGw8gg0CgT8NZVMI Tmk= -----END CERTIFICATE-----Generated at Wed May 22 05:58:05 2024 by rpki-client on console-ams.rpki-client.org