$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffb2df5f-aea0-4592-8143-5d55a0a6b1cc.roa File: ffb2df5f-aea0-4592-8143-5d55a0a6b1cc.roa (raw, json) Hash identifier: +AGjSkTXx3W9o5d649Wmk4ib3o5Fcs/rgTlv5zsOXy8= Subject key identifier: EB:FA:6D:E0:C2:49:7A:F2:1B:EA:C6:22:B0:A0:D8:A0:BB:E9:58:EC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 79F5891E7A75CF37B38AC4AD9B21CF701A69D7A3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffb2df5f-aea0-4592-8143-5d55a0a6b1cc.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:f5:89:1e:7a:75:cf:37:b3:8a:c4:ad:9b:21:cf:70:1a:69:d7:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=d13a84f0edfdeba94748c0c3e30184f8ea84b343e5f6cd9e486e408b8d145cee, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:0b:b0:fc:c5:2b:d3:ba:1e:33:8f:73:bd:f3: d7:0e:ec:11:93:0b:9a:ec:9a:18:b2:6f:fd:31:f4: 68:a2:fa:d6:ad:9e:61:3c:b3:c4:4e:74:eb:dd:e3: 11:96:f0:84:a0:f1:2d:a0:52:17:ac:7e:46:5c:85: fa:7e:16:90:4e:27:b7:29:e0:cc:8e:91:b6:c5:0d: 75:84:95:e9:ac:fa:9d:d6:b1:9b:ba:6f:9f:ca:64: 52:18:28:cd:df:71:16:62:3c:ce:6a:d6:5c:3e:98: b3:11:8d:07:e0:c5:9a:8d:e5:fa:62:78:49:4e:f1: 1f:b4:71:7d:c3:73:d3:7e:88:d5:73:f2:f1:b4:59: 9a:a0:a2:98:e1:49:72:14:63:f1:40:2e:59:be:ad: 00:88:e9:9e:09:bb:67:e5:98:cb:57:51:99:eb:e0: c7:00:1f:c3:d8:5c:c4:3e:e6:3f:27:3d:f6:01:77: 80:21:dc:17:40:41:20:f2:8a:63:bf:97:44:de:29: f7:a3:6b:a6:a9:85:e1:ef:da:c1:74:02:9e:aa:30: 44:aa:d3:8e:fd:50:4e:9a:7d:6f:fb:0d:69:27:f0: 6e:53:ee:a6:bc:6b:83:8f:01:70:0c:f2:84:2a:57: 55:e4:c3:41:d1:dd:79:53:2d:e9:96:04:f4:ce:fa: 66:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:FA:6D:E0:C2:49:7A:F2:1B:EA:C6:22:B0:A0:D8:A0:BB:E9:58:EC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffb2df5f-aea0-4592-8143-5d55a0a6b1cc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2000::/40 Signature Algorithm: sha256WithRSAEncryption 17:4b:93:5d:55:f8:6e:e4:fd:bd:79:ec:7c:18:f8:a0:e3:99: 34:19:20:71:f8:be:68:58:fd:32:c6:9a:ae:b4:0c:93:f7:03: ca:fa:8c:fb:a1:55:00:14:a8:05:20:c3:2b:cf:ab:64:48:65: 81:63:72:f3:46:04:54:38:90:81:84:c6:b5:d6:12:97:74:e9: cb:e3:03:ad:15:e5:79:82:ac:23:f8:c3:23:89:e3:4b:40:c3: 4e:e9:8a:a8:ac:a1:85:7d:e8:b2:95:d0:b6:a5:79:07:36:eb: 23:b4:54:e5:10:0f:75:a9:e0:ae:94:c7:d4:42:71:04:82:83: 03:d3:12:d0:2a:66:b7:d1:50:ad:34:c4:cc:8c:5e:4d:7b:95: 30:3f:33:e9:47:89:5e:c3:e3:58:74:e6:e8:c0:37:ed:de:71: db:9d:62:08:cd:2a:2c:bc:28:e4:3d:b0:5b:ca:5e:1f:24:6f: 5e:b7:d0:d2:7e:49:90:4a:88:27:c8:fc:f5:01:24:c2:65:24: f2:e2:d3:2c:0f:72:62:d7:ed:36:67:a5:09:e8:38:a2:d5:f1: c0:19:98:54:e2:af:c3:cf:c0:c0:57:26:80:84:7c:be:89:18: 94:a1:f5:e3:c7:c4:31:e5:c2:28:48:ae:51:ad:ff:99:8b:19: e8:6a:84:fe -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUefWJHnp1zzezisStmyHPcBpp16MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAZDEzYTg0ZjBlZGZkZWJhOTQ3NDhj MGMzZTMwMTg0ZjhlYTg0YjM0M2U1ZjZjZDllNDg2ZTQwOGI4ZDE0NWNlZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAuw/MUr07oeM49zvfPXDuwRkwua 7JoYsm/9MfRoovrWrZ5hPLPETnTr3eMRlvCEoPEtoFIXrH5GXIX6fhaQTie3KeDM jpG2xQ11hJXprPqd1rGbum+fymRSGCjN33EWYjzOatZcPpizEY0H4MWajeX6YnhJ TvEftHF9w3PTfojVc/LxtFmaoKKY4UlyFGPxQC5Zvq0AiOmeCbtn5ZjLV1GZ6+DH AB/D2FzEPuY/Jz32AXeAIdwXQEEg8opjv5dE3in3o2umqYXh79rBdAKeqjBEqtOO /VBOmn1v+w1pJ/BuU+6mvGuDjwFwDPKEKldV5MNB0d15Uy3plgT0zvpmrQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOv6beDCSXryG+rGIrCg2KC76VjsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmYjJkZjVmLWFlYTAtNDU5Mi04MTQzLTVkNTVhMGE2YjFjYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYSAwDQYJKoZIhvcNAQELBQADggEBABdLk11V+G7k/b157HwY +KDjmTQZIHH4vmhY/TLGmq60DJP3A8r6jPuhVQAUqAUgwyvPq2RIZYFjcvNGBFQ4 kIGExrXWEpd06cvjA60V5XmCrCP4wyOJ40tAw07piqisoYV96LKV0LaleQc26yO0 VOUQD3Wp4K6Ux9RCcQSCgwPTEtAqZrfRUK00xMyMXk17lTA/M+lHiV7D41h05ujA N+3ecdudYgjNKiy8KOQ9sFvKXh8kb1630NJ+SZBKiCfI/PUBJMJlJPLi0ywPcmLX 7TZnpQnoOKLV8cAZmFTir8PPwMBXJoCEfL6JGJSh9ePHxDHlwihIrlGt/5mLGehq hP4= -----END CERTIFICATE-----Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org