$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/037679cc-778a-417e-add9-45a9bf4f8fbc.roa File: 037679cc-778a-417e-add9-45a9bf4f8fbc.roa (raw, json) Hash identifier: nmr8NZ9YqdsIRbhOs/dd7yYGyD78ApHSt2+U5OjWBGY= Subject key identifier: B1:8B:1E:D5:03:47:2C:B8:75:47:67:DE:6F:73:09:AD:28:6D:EE:2B Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 2C037149A61633F8727740CFD8E43802FBBB6A19 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/037679cc-778a-417e-add9-45a9bf4f8fbc.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:10b8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:03:71:49:a6:16:33:f8:72:77:40:cf:d8:e4:38:02:fb:bb:6a:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=8f338cc7a204425df68f2cbdc9d8b72e759f19132d6d0b5d0df4c1316d835070, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f4:4f:8f:b5:3c:ce:9e:e1:37:26:0f:f2:46: 99:ec:1c:65:f7:93:15:ea:6d:f6:ad:61:30:65:86: ce:7b:7e:95:62:c8:85:0c:fb:73:7d:8a:2e:22:20: 6f:e7:ab:04:45:a9:16:d5:e5:02:3e:af:48:94:15: 60:dd:b7:31:20:ae:1b:89:f0:e7:28:d3:f0:25:43: 53:b4:c8:ec:43:c0:19:d8:bc:df:11:dc:3b:6a:91: 18:51:e6:b7:cc:38:4a:75:11:02:31:13:87:e4:0d: b2:fa:07:ba:5d:15:0c:bc:7b:04:23:02:64:d5:bc: 38:39:6c:cb:20:58:40:53:9d:47:e9:48:1a:63:5b: 68:67:4a:6e:24:d2:d2:05:d2:6e:b2:4a:3e:30:46: 69:43:fe:87:5e:58:9b:ab:0a:b4:cc:12:27:f9:3d: 27:59:9f:68:7f:c6:64:a0:50:05:e0:b8:85:f1:15: e7:13:96:ea:e2:89:64:45:8e:5b:ae:3e:22:f8:6e: 29:49:22:b0:93:c5:63:ab:9f:3b:09:f2:86:c7:12: c3:68:36:64:69:4f:e4:50:e9:40:64:bd:f5:f7:42: d5:be:8d:3d:f6:b4:59:8e:a8:38:91:63:26:f1:5b: 93:0c:f3:0a:96:51:02:4f:47:0a:a5:f6:e1:12:c4: da:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:8B:1E:D5:03:47:2C:B8:75:47:67:DE:6F:73:09:AD:28:6D:EE:2B X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/037679cc-778a-417e-add9-45a9bf4f8fbc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:10b8::/48 Signature Algorithm: sha256WithRSAEncryption 43:f6:f3:4a:b2:bb:c5:e0:41:29:fc:46:c4:08:0e:80:2e:49: 3f:45:60:c5:2d:3b:7c:f9:b8:cc:c3:58:d7:22:d9:a7:82:fa: 85:fe:0f:07:3a:9c:a9:18:b0:0a:d1:08:9e:56:be:51:44:c8: ef:d3:4b:a4:1e:2a:af:73:5e:48:fa:ac:5a:ec:11:82:b5:d5: 99:e0:4e:15:bd:f9:92:05:1e:1c:82:40:53:2c:2f:eb:f6:86: 24:8c:5c:75:78:02:ee:b6:78:eb:ad:6f:38:f0:2e:b9:b9:cf: ff:59:48:e2:9c:ba:1e:3d:b4:f5:12:a1:69:65:bd:d2:99:f4: ed:9b:17:67:42:f8:46:48:b5:6a:31:ad:28:d0:09:6e:18:2b: 38:58:1c:7c:e1:5f:46:20:cb:17:99:71:c4:cf:02:af:c6:5c: 99:d2:d5:0a:f7:86:68:a7:bd:fe:15:a4:2d:d3:e8:3e:23:cf: 98:82:1d:75:ca:09:26:2e:24:03:69:4a:47:05:36:a5:e2:3e: de:e7:50:f9:ba:6d:24:f4:a4:d6:17:08:8b:7d:c8:c1:13:35: a6:ca:67:95:79:f3:e7:44:78:1b:24:cc:8c:a1:31:02:a5:57: 75:86:6b:c4:a4:ad:c0:df:26:18:e6:fb:cd:36:66:f2:f5:c3: 4d:26:bf:d1 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULANxSaYWM/hyd0DP2OQ4Avu7ahkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAOGYzMzhjYzdhMjA0NDI1ZGY2OGYy Y2JkYzlkOGI3MmU3NTlmMTkxMzJkNmQwYjVkMGRmNGMxMzE2ZDgzNTA3MDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/RPj7U8zp7hNyYP8kaZ7Bxl95MV 6m32rWEwZYbOe36VYsiFDPtzfYouIiBv56sERakW1eUCPq9IlBVg3bcxIK4bifDn KNPwJUNTtMjsQ8AZ2LzfEdw7apEYUea3zDhKdRECMROH5A2y+ge6XRUMvHsEIwJk 1bw4OWzLIFhAU51H6UgaY1toZ0puJNLSBdJusko+MEZpQ/6HXlibqwq0zBIn+T0n WZ9of8ZkoFAF4LiF8RXnE5bq4olkRY5brj4i+G4pSSKwk8Vjq587CfKGxxLDaDZk aU/kUOlAZL3190LVvo099rRZjqg4kWMm8VuTDPMKllECT0cKpfbhEsTa0QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLGLHtUDRyy4dUdn3m9zCa0obe4rMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzAzNzY3OWNjLTc3OGEtNDE3ZS1hZGQ5LTQ1YTliZjRmOGZiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABC4MA0GCSqGSIb3DQEBCwUAA4IBAQBD9vNKsrvF4EEp/EbE CA6ALkk/RWDFLTt8+bjMw1jXItmngvqF/g8HOpypGLAK0QieVr5RRMjv00ukHiqv c15I+qxa7BGCtdWZ4E4VvfmSBR4cgkBTLC/r9oYkjFx1eALutnjrrW848C65uc// WUjinLoePbT1EqFpZb3SmfTtmxdnQvhGSLVqMa0o0AluGCs4WBx84V9GIMsXmXHE zwKvxlyZ0tUK94Zop73+FaQt0+g+I8+Ygh11ygkmLiQDaUpHBTal4j7e51D5um0k 9KTWFwiLfcjBEzWmymeVefPnRHgbJMyMoTECpVd1hmvEpK3A3yYY5vvNNmby9cNN Jr/R -----END CERTIFICATE-----Generated at Sat Sep 16 00:30:27 2023 by rpki-client on console-ams.rpki-client.org