$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0b839f01-283b-4c23-b8a7-3697b9583ee1.roa File: 0b839f01-283b-4c23-b8a7-3697b9583ee1.roa (raw, json) Hash identifier: JkiZy22K7fwMPlQ8ZnrJZcLHp127wgAKpdlRU0Gn9vo= Subject key identifier: 39:D1:F0:25:A1:6F:E9:3F:CD:20:34:DB:94:96:B7:4B:E2:F2:6C:3C Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 050DFF6EC5C3539D65F6CAA9BDA15EEDF5331A53 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0b839f01-283b-4c23-b8a7-3697b9583ee1.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:100c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:0d:ff:6e:c5:c3:53:9d:65:f6:ca:a9:bd:a1:5e:ed:f5:33:1a:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=3e07730b1cca8c983761c6792e59156d1cf9f14c1040f22d81abe9075f135532, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ff:63:0e:d0:f2:bb:da:7f:35:2b:0e:72:70: 9c:6e:b0:86:4b:1e:cf:bb:61:f7:7e:a4:7d:2d:5e: 06:a1:6e:a5:5e:c4:96:4c:4f:c9:19:74:5f:96:b8: d1:5e:83:6e:10:f3:21:e2:71:15:23:54:59:18:4b: d8:e7:81:41:d8:23:74:c7:3a:7e:91:a7:d8:bc:1a: 85:0a:58:00:36:61:46:26:cf:89:da:bd:de:9e:f4: 67:59:48:c4:41:a5:62:58:9c:05:64:d9:cd:bf:b9: c7:38:45:d3:ab:1f:59:77:47:ee:e9:79:39:85:f4: 54:0d:83:6d:c7:e7:79:a7:77:62:9a:9e:98:d1:84: 47:1d:b2:4d:2f:e4:f2:e6:49:25:31:27:a4:37:cd: dd:13:55:cd:1b:54:2d:49:e7:80:98:9b:8f:88:2c: 9c:e3:dc:04:a7:82:bf:85:80:15:74:72:42:68:23: 9b:65:b2:9d:39:be:22:62:5b:81:5e:21:6c:62:15: ba:20:ce:47:cb:67:f1:6e:f9:51:07:fe:43:06:15: db:af:78:c4:87:4e:de:01:f4:0f:bd:94:cb:63:45: 66:d8:fb:88:35:66:06:40:9f:68:ce:d3:78:94:0d: 6a:e2:85:1f:35:5d:a3:70:10:88:10:ac:1d:32:26: 02:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:D1:F0:25:A1:6F:E9:3F:CD:20:34:DB:94:96:B7:4B:E2:F2:6C:3C X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0b839f01-283b-4c23-b8a7-3697b9583ee1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:100c::/48 Signature Algorithm: sha256WithRSAEncryption 6d:b1:12:4b:59:c4:fd:9f:c4:f6:98:00:aa:c4:9d:12:87:43: 23:31:b0:07:24:d6:a3:ec:78:47:38:54:9c:82:22:e1:2d:93: ed:0a:0a:34:24:76:0a:2a:3c:9e:68:d9:fe:4e:dc:25:cd:d6: 9f:34:21:a7:f3:bd:3a:f2:10:2f:c8:56:e8:e5:39:6d:22:a4: 3f:c9:b8:e5:f8:e1:ea:cd:74:d0:ef:c2:bd:0c:2f:f8:b6:63: 72:31:89:d4:31:bd:58:4a:92:7e:d7:d2:7a:bd:1b:41:80:40: 24:27:10:d5:1b:9b:d9:10:5c:1d:39:ea:ef:59:26:dd:5d:71: 5a:4c:38:15:5a:5b:0c:c2:08:34:67:07:a7:88:6c:93:e4:4b: 08:34:49:7b:85:e5:eb:2a:f8:b6:4d:7b:c0:88:4e:53:e4:03: 17:b0:a7:e0:4a:4a:33:29:f3:80:8b:8c:e1:3c:94:ff:28:77: 6d:45:5d:86:aa:42:98:cd:ff:7f:de:b0:17:9f:f4:c3:cc:e5: 2d:e1:83:2d:f2:ee:40:d9:2a:78:c6:a7:25:4f:d7:87:77:4d: 28:41:59:6d:2f:9a:2d:27:0c:34:2f:91:56:77:33:54:a5:6d: 38:6b:1b:66:c9:13:8a:91:40:37:90:0c:09:bf:a7:ca:10:d7: a7:e1:55:1b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBQ3/bsXDU51l9sqpvaFe7fUzGlMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAM2UwNzczMGIxY2NhOGM5ODM3NjFj Njc5MmU1OTE1NmQxY2Y5ZjE0YzEwNDBmMjJkODFhYmU5MDc1ZjEzNTUzMjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/9jDtDyu9p/NSsOcnCcbrCGSx7P u2H3fqR9LV4GoW6lXsSWTE/JGXRflrjRXoNuEPMh4nEVI1RZGEvY54FB2CN0xzp+ kafYvBqFClgANmFGJs+J2r3envRnWUjEQaViWJwFZNnNv7nHOEXTqx9Zd0fu6Xk5 hfRUDYNtx+d5p3dimp6Y0YRHHbJNL+Ty5kklMSekN83dE1XNG1QtSeeAmJuPiCyc 49wEp4K/hYAVdHJCaCObZbKdOb4iYluBXiFsYhW6IM5Hy2fxbvlRB/5DBhXbr3jE h07eAfQPvZTLY0Vm2PuINWYGQJ9oztN4lA1q4oUfNV2jcBCIEKwdMiYCdwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDnR8CWhb+k/zSA025SWt0vi8mw8MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzBiODM5ZjAxLTI4M2ItNGMyMy1iOGE3LTM2OTdiOTU4M2VlMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAMMA0GCSqGSIb3DQEBCwUAA4IBAQBtsRJLWcT9n8T2mACq xJ0Sh0MjMbAHJNaj7HhHOFScgiLhLZPtCgo0JHYKKjyeaNn+TtwlzdafNCGn8706 8hAvyFbo5TltIqQ/ybjl+OHqzXTQ78K9DC/4tmNyMYnUMb1YSpJ+19J6vRtBgEAk JxDVG5vZEFwdOervWSbdXXFaTDgVWlsMwgg0ZweniGyT5EsINEl7heXrKvi2TXvA iE5T5AMXsKfgSkozKfOAi4zhPJT/KHdtRV2GqkKYzf9/3rAXn/TDzOUt4YMt8u5A 2Sp4xqclT9eHd00oQVltL5otJww0L5FWdzNUpW04axtmyROKkUA3kAwJv6fKENen 4VUb -----END CERTIFICATE-----Generated at Sat Sep 16 00:16:47 2023 by rpki-client on console-fra.rpki-client.org