$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa File: ffd89ff2-4de6-4517-88fc-12345cabb969.roa (raw, json) Hash identifier: N7bb91E+WmQYfoqDjk4FXqz8BP4aruSoPldeIVTF18w= Subject key identifier: 61:35:4C:83:67:D6:74:B1:FD:2F:56:C1:24:C9:65:A1:F4:87:BA:D7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 491CA7FA5AA2B89DE2E6A70A1BBD7A7A0EA2B90E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da15::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 31 Jul 2024 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:1c:a7:fa:5a:a2:b8:9d:e2:e6:a7:0a:1b:bd:7a:7a:0e:a2:b9:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=8057a72d83f666b1792b86cc83c3ca53c75d5d044cdc4df84e5bcc5c4cc2084f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:9c:49:61:5f:eb:bc:b8:91:e0:78:34:2f:0b: fb:d1:a9:c1:d0:a7:c8:8e:31:7f:40:5f:c8:b7:9a: 05:56:c6:1f:af:93:d3:b0:c0:82:45:1b:8d:92:ea: bd:2a:28:73:30:17:8f:5a:11:7f:5f:d7:b9:7f:3c: 10:4f:8b:f4:57:33:09:ae:4a:12:3e:ee:3f:a0:fc: 3d:2f:01:10:6e:cd:81:86:0e:1a:70:a0:29:62:3b: 6d:a3:d7:cc:37:05:22:5c:34:54:53:d4:46:73:15: 22:0a:3a:a1:40:2f:24:97:73:0e:5f:05:d3:0f:61: b7:84:f7:5b:69:05:a6:ba:ca:d1:1e:7b:02:48:03: 2b:9c:5e:5e:59:9a:ae:96:1c:f7:aa:a6:62:15:cd: 4c:3e:6f:df:9d:75:e8:1d:af:5b:27:d4:10:ce:fb: c5:2a:aa:94:0d:ed:94:da:c3:f8:21:48:e9:09:4b: 7f:31:46:08:f6:04:10:c7:b7:4d:7b:1f:11:b9:6f: bf:30:79:cf:f4:1c:22:2e:93:c5:84:f8:de:9c:31: 2f:cf:68:72:9f:77:1c:47:86:ae:b2:de:73:01:b3: 2a:46:86:e5:d4:dc:18:af:71:37:79:17:09:a1:1e: fd:d4:18:16:f8:87:e9:7e:df:f4:74:32:87:dc:91: 07:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:35:4C:83:67:D6:74:B1:FD:2F:56:C1:24:C9:65:A1:F4:87:BA:D7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da15::/36 Signature Algorithm: sha256WithRSAEncryption 26:2c:66:47:ce:12:99:59:35:98:6e:dd:94:f4:83:f2:03:61: 61:c7:fd:41:57:d6:b7:a6:0f:8b:3d:03:6d:d1:43:d2:bd:12: 21:52:21:31:26:b9:25:fb:08:73:55:89:ca:b6:a4:f9:1f:51: a7:44:5d:f3:c9:0c:9a:4c:e4:af:43:6d:ac:7d:cf:9f:26:36: 33:b4:8e:33:a8:a3:21:01:d7:4c:c6:4b:0c:5d:d0:d4:83:75: c9:51:e6:54:2e:bb:3e:4a:0d:72:59:44:1c:ef:4c:89:90:35: 8c:28:f9:3a:c7:28:b5:dd:85:58:53:10:e0:e5:5c:b4:ef:a2: 37:05:6d:8c:68:01:6b:e5:8f:ae:c7:99:b2:9a:47:c6:26:b7: 1f:7a:86:23:68:8f:e8:b7:60:21:5c:5f:fc:1e:ee:2c:50:b3: ae:72:c4:9a:de:9a:e2:8f:b5:41:21:98:cd:87:eb:c6:6d:f9: ed:7c:de:2e:eb:b4:a5:08:f4:59:d3:dd:3c:09:43:df:d5:f8: f0:45:e9:d8:a7:17:b2:00:64:ab:34:80:f2:40:81:e7:85:ed: 4a:4c:1d:85:c8:f3:b5:2c:70:08:a3:4e:19:f1:30:4a:d0:51: dc:79:5b:c5:61:28:cc:49:c4:bd:db:4a:67:9b:72:c0:5b:0f: ee:84:93:c5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSRyn+lqiuJ3i5qcKG716eg6iuQ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAODA1N2E3MmQ4M2Y2NjZiMTc5MmI4 NmNjODNjM2NhNTNjNzVkNWQwNDRjZGM0ZGY4NGU1YmNjNWM0Y2MyMDg0ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypxJYV/rvLiR4Hg0Lwv70anB0KfI jjF/QF/It5oFVsYfr5PTsMCCRRuNkuq9KihzMBePWhF/X9e5fzwQT4v0VzMJrkoS Pu4/oPw9LwEQbs2Bhg4acKApYjtto9fMNwUiXDRUU9RGcxUiCjqhQC8kl3MOXwXT D2G3hPdbaQWmusrRHnsCSAMrnF5eWZqulhz3qqZiFc1MPm/fnXXoHa9bJ9QQzvvF KqqUDe2U2sP4IUjpCUt/MUYI9gQQx7dNex8RuW+/MHnP9BwiLpPFhPjenDEvz2hy n3ccR4aust5zAbMqRobl1NwYr3E3eRcJoR791BgW+Ifpft/0dDKH3JEHzwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGE1TINn1nSx/S9WwSTJZaH0h7rXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmZDg5ZmYyLTRkZTYtNDUxNy04OGZjLTEyMzQ1Y2FiYjk2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFQAwDQYJKoZIhvcNAQELBQADggEBACYsZkfOEplZNZhu3ZT0 g/IDYWHH/UFX1remD4s9A23RQ9K9EiFSITEmuSX7CHNVicq2pPkfUadEXfPJDJpM 5K9Dbax9z58mNjO0jjOooyEB10zGSwxd0NSDdclR5lQuuz5KDXJZRBzvTImQNYwo +TrHKLXdhVhTEODlXLTvojcFbYxoAWvlj67HmbKaR8Ymtx96hiNoj+i3YCFcX/we 7ixQs65yxJremuKPtUEhmM2H68Zt+e183i7rtKUI9FnT3TwJQ9/V+PBF6dinF7IA ZKs0gPJAgeeF7UpMHYXI87UscAijThnxMErQUdx5W8VhKMxJxL3bSmebcsBbD+6E k8U= -----END CERTIFICATE-----Generated at Sat Jul 27 00:57:56 2024 by rpki-client on console-ams.rpki-client.org