$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/037679cc-778a-417e-add9-45a9bf4f8fbc.roa File: 037679cc-778a-417e-add9-45a9bf4f8fbc.roa (raw, json) Hash identifier: yZ/wcPjWQwxCrZyvXjZ2pcR/uXWM1ImA7kkuqzFck+Q= Subject key identifier: D3:9D:3B:BB:D5:1E:2B:1D:A7:6F:54:D3:04:37:F5:90:DE:49:72:38 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 3EBB4D9574EBC3D20C2FEA3E19577EE2DB5F46E1 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/037679cc-778a-417e-add9-45a9bf4f8fbc.roa Signing time: Fri 05 Apr 2024 00:00:00 +0000 ROA not before: Fri 05 Apr 2024 00:00:00 +0000 ROA not after: Fri 10 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:10b8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Apr 2024 12:02:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:bb:4d:95:74:eb:c3:d2:0c:2f:ea:3e:19:57:7e:e2:db:5f:46:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 5 00:00:00 2024 GMT Not After : May 10 23:59:59 2024 GMT Subject: serialNumber=814dd9745f058696254c20bd1de0690f6c1d1b1031f1b35c7eb8e31f7259ca82, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:b9:75:09:09:53:2b:c7:22:43:4f:f4:fb:57: 73:05:84:f3:ac:96:ce:fe:93:55:00:43:61:70:67: ca:32:be:44:9b:45:80:e4:b4:be:0a:31:9f:f5:3c: 52:7a:99:5e:04:ea:bf:13:7d:9a:c1:c5:33:c8:a0: 32:87:94:5e:31:04:70:c3:54:68:83:a7:85:f8:9d: a2:3f:fc:e6:69:bd:ee:1e:48:d0:7c:af:f4:47:95: 19:bb:ea:bc:f7:f4:14:44:54:75:d2:05:7b:b6:60: 93:bd:91:2f:b2:1d:d4:ec:37:fd:e2:4d:14:65:9f: 5e:39:70:86:d8:b1:a7:98:bb:0d:12:a9:37:f6:26: 80:de:aa:23:a5:02:2a:48:5a:b4:6b:77:9b:95:e4: 34:a5:fa:fb:56:ef:a3:f9:d4:d5:46:fb:2b:82:6b: 9c:05:a1:9d:1b:43:76:6b:d2:8f:33:19:66:28:df: 06:97:20:37:3b:59:72:05:c2:97:24:06:f4:fa:98: 43:1c:8d:d4:63:69:30:54:df:60:a8:93:3b:4a:bd: 72:58:7d:9e:4c:73:11:29:30:0b:0a:bf:20:fe:c4: 0f:5e:9c:b0:72:24:c1:2f:32:03:be:df:1e:d5:2a: e5:78:a4:2a:be:16:56:0d:fc:0a:02:ed:5f:55:db: ec:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:9D:3B:BB:D5:1E:2B:1D:A7:6F:54:D3:04:37:F5:90:DE:49:72:38 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/037679cc-778a-417e-add9-45a9bf4f8fbc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:10b8::/48 Signature Algorithm: sha256WithRSAEncryption 08:8b:34:da:c5:1b:81:85:05:67:7f:e5:98:3b:1a:95:f1:9d: f7:b4:6a:81:7f:09:8f:32:40:cf:2d:a7:23:f9:82:d4:a5:be: c4:cb:90:e8:c3:f3:33:a8:53:23:c9:26:49:6c:0c:fd:62:0f: 27:c0:f5:ee:34:ea:ae:a6:97:c4:ba:cf:cc:0a:04:dd:32:df: 2b:d5:42:fb:f8:8a:2c:25:8c:7a:b0:3a:b1:fe:9d:45:e4:a1: 17:28:5e:5f:4f:d7:15:69:02:9c:12:7a:1e:04:bf:61:9c:93: 9d:8d:be:b5:9a:22:2c:76:b7:65:3b:99:4c:7d:8e:03:63:c9: 66:a6:12:c3:a3:03:c4:a6:8a:64:28:aa:01:15:cc:0b:c4:86: 57:fc:4b:1d:64:05:aa:b5:b6:fe:a0:fb:71:ee:7d:ba:ff:fb: 88:f3:fd:84:47:99:6b:a8:1b:ef:f0:db:b5:fe:0f:b4:0c:65: 50:84:b8:79:71:33:42:b0:a4:e3:06:3d:2c:45:5d:d0:ae:98: dd:ff:0e:e8:d4:be:94:1f:f2:bb:d8:10:34:eb:31:5b:fe:2a: 5d:e7:c7:71:df:ec:3d:d1:11:7c:15:22:f0:17:7d:89:7a:05: b3:0b:77:7c:52:b7:6a:27:3f:bc:f5:e9:6b:63:d8:b2:16:6d: 17:70:a2:b8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPrtNlXTrw9IML+o+GVd+4ttfRuEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MDQwNTAwMDAwMFoX DTI0MDUxMDIzNTk1OVowejFJMEcGA1UEBRNAODE0ZGQ5NzQ1ZjA1ODY5NjI1NGMy MGJkMWRlMDY5MGY2YzFkMWIxMDMxZjFiMzVjN2ViOGUzMWY3MjU5Y2E4MjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbl1CQlTK8ciQ0/0+1dzBYTzrJbO /pNVAENhcGfKMr5Em0WA5LS+CjGf9TxSepleBOq/E32awcUzyKAyh5ReMQRww1Ro g6eF+J2iP/zmab3uHkjQfK/0R5UZu+q89/QURFR10gV7tmCTvZEvsh3U7Df94k0U ZZ9eOXCG2LGnmLsNEqk39iaA3qojpQIqSFq0a3ebleQ0pfr7Vu+j+dTVRvsrgmuc BaGdG0N2a9KPMxlmKN8GlyA3O1lyBcKXJAb0+phDHI3UY2kwVN9gqJM7Sr1yWH2e THMRKTALCr8g/sQPXpywciTBLzIDvt8e1SrleKQqvhZWDfwKAu1fVdvsqQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNOdO7vVHisdp29U0wQ39ZDeSXI4MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzAzNzY3OWNjLTc3OGEtNDE3ZS1hZGQ5LTQ1YTliZjRmOGZiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABC4MA0GCSqGSIb3DQEBCwUAA4IBAQAIizTaxRuBhQVnf+WY OxqV8Z33tGqBfwmPMkDPLacj+YLUpb7Ey5Dow/MzqFMjySZJbAz9Yg8nwPXuNOqu ppfEus/MCgTdMt8r1UL7+IosJYx6sDqx/p1F5KEXKF5fT9cVaQKcEnoeBL9hnJOd jb61miIsdrdlO5lMfY4DY8lmphLDowPEpopkKKoBFcwLxIZX/EsdZAWqtbb+oPtx 7n26//uI8/2ER5lrqBvv8Nu1/g+0DGVQhLh5cTNCsKTjBj0sRV3Qrpjd/w7o1L6U H/K72BA06zFb/ipd58dx3+w90RF8FSLwF32JegWzC3d8UrdqJz+89elrY9iyFm0X cKK4 -----END CERTIFICATE-----Generated at Tue Apr 16 00:29:52 2024 by rpki-client on console-ams.rpki-client.org