$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0dfd6e20-2823-4f68-ae48-725fe4ee2f81.roa File: 0dfd6e20-2823-4f68-ae48-725fe4ee2f81.roa (raw, json) Hash identifier: CaorKc9EhtPFdZWi7IchsCJjWbOU9i3ENsyMe1Zu4B8= Subject key identifier: C8:1B:B4:15:EF:A9:1B:5F:BD:53:3A:DE:63:50:66:3B:9A:DC:41:AA Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 148D5D519640EF39EF57E079575AB6D7F292572A Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0dfd6e20-2823-4f68-ae48-725fe4ee2f81.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:8d:5d:51:96:40:ef:39:ef:57:e0:79:57:5a:b6:d7:f2:92:57:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=271b7efc0c398e52a1ee32f05d67da3566164cf4e5387bf7dbb3015785081b98, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:46:5e:6b:f6:60:39:96:63:0b:ff:b0:36:b1: 77:22:82:74:65:37:b7:cb:9f:1e:2f:ed:ef:3f:86: 9b:f2:e2:70:b8:57:00:ed:8c:74:61:bd:4b:f0:8b: f3:92:01:51:ff:6a:b3:38:cb:87:71:0d:97:d2:0e: 53:ed:0f:86:9d:c8:9a:dd:d1:ed:9a:51:97:35:06: b6:75:22:f4:a1:1e:09:42:43:cf:a9:41:f7:78:c4: ac:7a:7c:ef:da:57:f3:5d:9a:0d:c8:24:4a:db:aa: 8c:2e:6b:1f:57:43:75:a4:7d:3b:a7:ba:4f:25:66: 02:a4:f1:4b:bd:fc:be:8a:d7:6c:ac:6b:98:f6:0f: f4:59:55:6d:0f:22:83:e7:8f:cc:df:f7:80:4a:29: 50:29:c0:5b:e0:bb:c1:d8:27:f1:3e:25:74:2a:56: 9f:d8:36:01:f7:86:fc:b5:31:e5:a2:c3:41:fe:6b: 7d:cb:37:63:d8:ed:88:26:50:de:1b:c8:2d:d4:43: 71:5e:77:a0:e7:97:f1:19:29:1f:19:ea:e5:79:1f: 40:ee:f1:ea:c6:ae:6b:01:43:92:a9:76:32:4c:b3: a3:e9:4e:74:99:21:80:3f:7e:f8:55:c7:e6:3d:63: 91:03:8e:a8:ff:2b:1d:b6:36:0a:8f:61:91:36:12: ef:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:1B:B4:15:EF:A9:1B:5F:BD:53:3A:DE:63:50:66:3B:9A:DC:41:AA X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0dfd6e20-2823-4f68-ae48-725fe4ee2f81.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1080::/48 Signature Algorithm: sha256WithRSAEncryption 02:e8:ca:e8:b6:18:30:96:4f:c6:43:93:2b:b3:93:1f:61:a8: 6e:1d:e8:6a:9a:be:87:b1:35:80:25:ec:22:cf:3b:e5:46:cc: 5e:0a:77:d2:82:12:9a:33:01:97:7b:f8:bc:91:75:b3:da:ad: 22:c6:30:66:22:bc:64:df:a6:b7:52:71:2d:1b:ec:bc:3e:11: e1:da:78:5c:30:c6:b9:a6:c9:09:36:19:5e:70:7b:2e:ab:0f: 9a:7c:92:dc:41:79:66:5d:c9:1e:07:8f:04:b5:2a:b2:f8:19: 3b:06:9d:64:70:17:d3:2e:f0:c8:56:18:8b:00:f1:d2:75:0b: c7:c1:d8:94:f6:40:c3:2c:00:f2:6b:71:48:28:89:40:59:95: 22:ec:15:42:f8:df:26:30:74:a1:8e:bd:11:8d:df:9f:51:a4: 8e:60:01:8e:bd:04:c5:cb:7b:cd:4a:e5:9a:e8:f0:2d:34:89: 72:6d:b4:f3:da:03:70:06:af:17:6f:f2:f5:ee:91:51:6f:a7: 15:f8:a1:26:8d:47:86:8a:f9:80:2f:d9:bb:6f:34:35:96:e2: 8e:ae:c8:de:9d:74:a0:a3:06:fe:19:8a:48:61:8b:31:c9:db: 80:36:63:71:18:e0:6f:56:d2:74:89:91:fd:28:b7:fc:58:6d: 25:f7:9a:fd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFI1dUZZA7znvV+B5V1q21/KSVyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAMjcxYjdlZmMwYzM5OGU1MmExZWUz MmYwNWQ2N2RhMzU2NjE2NGNmNGU1Mzg3YmY3ZGJiMzAxNTc4NTA4MWI5ODEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEZea/ZgOZZjC/+wNrF3IoJ0ZTe3 y58eL+3vP4ab8uJwuFcA7Yx0Yb1L8IvzkgFR/2qzOMuHcQ2X0g5T7Q+Gncia3dHt mlGXNQa2dSL0oR4JQkPPqUH3eMSsenzv2lfzXZoNyCRK26qMLmsfV0N1pH07p7pP JWYCpPFLvfy+itdsrGuY9g/0WVVtDyKD54/M3/eASilQKcBb4LvB2CfxPiV0Klaf 2DYB94b8tTHlosNB/mt9yzdj2O2IJlDeG8gt1ENxXneg55fxGSkfGerleR9A7vHq xq5rAUOSqXYyTLOj6U50mSGAP374VcfmPWORA46o/ysdtjYKj2GRNhLviQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMgbtBXvqRtfvVM63mNQZjua3EGqMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzBkZmQ2ZTIwLTI4MjMtNGY2OC1hZTQ4LTcyNWZlNGVlMmY4MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABCAMA0GCSqGSIb3DQEBCwUAA4IBAQAC6Mrothgwlk/GQ5Mr s5MfYahuHehqmr6HsTWAJewizzvlRsxeCnfSghKaMwGXe/i8kXWz2q0ixjBmIrxk 36a3UnEtG+y8PhHh2nhcMMa5pskJNhlecHsuqw+afJLcQXlmXckeB48EtSqy+Bk7 Bp1kcBfTLvDIVhiLAPHSdQvHwdiU9kDDLADya3FIKIlAWZUi7BVC+N8mMHShjr0R jd+fUaSOYAGOvQTFy3vNSuWa6PAtNIlybbTz2gNwBq8Xb/L17pFRb6cV+KEmjUeG ivmAL9m7bzQ1luKOrsjenXSgowb+GYpIYYsxyduANmNxGOBvVtJ0iZH9KLf8WG0l 95r9 -----END CERTIFICATE-----Generated at Sat Sep 16 00:30:27 2023 by rpki-client on console-ams.rpki-client.org