$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa File: 2f35c729-72a9-490b-b37f-984abc13307d.roa (raw, json) Hash identifier: HEqQ7Yyb3Zkh+NFKAAh/jIzJj/qrYJdOS83q8VPnl4w= Subject key identifier: ED:7E:98:24:64:7D:8A:B5:2F:54:D8:E6:29:07:0A:61:A8:99:F7:32 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 4D54ABD6E7A8538FEDCE94ECFAA5BDF839D1683E Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1010::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:54:ab:d6:e7:a8:53:8f:ed:ce:94:ec:fa:a5:bd:f8:39:d1:68:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=6c112af10e49b16c9228cac46e09c15cfbaaafebae27318ed800f1a3e966e0d6, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:61:8b:61:04:f4:28:bc:45:e9:45:cc:53:f4: a3:e8:45:fd:70:c1:7a:14:f7:3c:a3:8e:37:f4:a3: f2:22:e2:99:c2:74:e7:7f:df:9f:18:07:12:20:d0: 70:01:03:82:88:23:34:0d:03:e5:75:c9:29:8e:ac: e9:76:5a:2a:3e:96:5c:b5:95:c7:06:f7:6d:4c:59: 37:ae:e0:fe:10:a5:9e:b5:8f:ca:bd:98:fc:89:bd: 9d:ac:50:41:f0:d5:52:fe:97:c1:82:d5:e3:43:38: a5:81:71:b7:54:af:56:c7:0e:b4:f8:ef:43:f5:3e: 23:37:44:89:93:7c:fc:c9:57:f2:99:d9:8d:27:57: 03:f9:f7:b2:50:75:5f:b9:d5:7b:98:a1:d1:91:59: f2:e2:b0:e9:f2:3a:84:0f:c9:1a:e4:b1:4f:f9:3d: 72:a8:1a:87:ef:15:3f:45:10:fa:f4:5a:f5:91:30: 9c:c7:7d:f4:4d:a9:ef:70:8d:c8:12:f7:52:42:1b: 9e:a3:d0:c1:35:21:ce:74:2e:fe:70:e4:1c:0b:8f: 2d:c8:67:a6:7f:a7:35:1b:50:71:1d:43:09:67:5d: e3:0a:ec:22:08:55:2b:36:ff:53:02:94:89:e3:e6: 01:94:91:a4:65:65:b1:ff:7c:4d:91:d6:75:99:af: 4a:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:7E:98:24:64:7D:8A:B5:2F:54:D8:E6:29:07:0A:61:A8:99:F7:32 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1010::/48 Signature Algorithm: sha256WithRSAEncryption 90:9d:c6:0b:83:68:44:ba:61:87:10:31:9b:4a:c5:5f:ca:61: 3e:be:aa:4d:8d:62:11:e8:7d:50:fe:ca:83:5c:f7:85:99:c0: 6a:43:f9:07:c9:9d:61:e5:b5:56:75:ef:92:32:22:85:12:59: 20:e3:27:e3:c8:aa:c4:b4:f9:91:88:57:71:66:9b:0a:bc:24: 85:89:07:ab:a2:cf:84:dc:9c:28:1d:cb:d8:c2:31:07:48:fd: 28:9d:5c:9c:5c:2e:0a:83:92:48:16:a3:eb:10:ca:fb:b3:3f: 55:22:c5:1d:74:c7:e4:30:33:c0:c0:95:0b:7b:2e:31:f3:69: 63:c9:09:1c:82:0f:a4:29:59:3c:20:be:8a:c3:ba:83:10:49: 38:ea:04:38:62:c6:cc:65:c2:ef:2e:ed:29:6b:e3:33:78:50: a9:82:6e:78:cc:c3:50:cd:f5:6e:92:ce:80:38:6f:7f:98:a8: f0:68:08:a5:25:a1:a3:02:70:46:22:a7:6c:05:92:4d:a6:11: ac:97:26:60:25:4f:8e:4f:9c:8a:d6:c7:68:ad:a9:1f:03:25: 5d:f7:30:7f:ef:85:fb:f1:55:32:e8:6b:6f:9d:fa:87:44:83: ca:57:25:91:9c:32:26:18:47:79:23:f6:e5:12:21:ec:7f:19: 08:d8:89:11 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTVSr1ueoU4/tzpTs+qW9+DnRaD4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNANmMxMTJhZjEwZTQ5YjE2YzkyMjhj YWM0NmUwOWMxNWNmYmFhYWZlYmFlMjczMThlZDgwMGYxYTNlOTY2ZTBkNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWGLYQT0KLxF6UXMU/Sj6EX9cMF6 FPc8o4439KPyIuKZwnTnf9+fGAcSINBwAQOCiCM0DQPldckpjqzpdloqPpZctZXH BvdtTFk3ruD+EKWetY/KvZj8ib2drFBB8NVS/pfBgtXjQzilgXG3VK9Wxw60+O9D 9T4jN0SJk3z8yVfymdmNJ1cD+feyUHVfudV7mKHRkVny4rDp8jqED8ka5LFP+T1y qBqH7xU/RRD69Fr1kTCcx330TanvcI3IEvdSQhueo9DBNSHOdC7+cOQcC48tyGem f6c1G1BxHUMJZ13jCuwiCFUrNv9TApSJ4+YBlJGkZWWx/3xNkdZ1ma9KVwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFO1+mCRkfYq1L1TY5ikHCmGomfcyMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzJmMzVjNzI5LTcyYTktNDkwYi1iMzdmLTk4NGFiYzEzMzA3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAQMA0GCSqGSIb3DQEBCwUAA4IBAQCQncYLg2hEumGHEDGb SsVfymE+vqpNjWIR6H1Q/sqDXPeFmcBqQ/kHyZ1h5bVWde+SMiKFElkg4yfjyKrE tPmRiFdxZpsKvCSFiQeros+E3JwoHcvYwjEHSP0onVycXC4Kg5JIFqPrEMr7sz9V IsUddMfkMDPAwJULey4x82ljyQkcgg+kKVk8IL6Kw7qDEEk46gQ4YsbMZcLvLu0p a+MzeFCpgm54zMNQzfVuks6AOG9/mKjwaAilJaGjAnBGIqdsBZJNphGslyZgJU+O T5yK1sdorakfAyVd9zB/74X78VUy6GtvnfqHRIPKVyWRnDImGEd5I/blEiHsfxkI 2IkR -----END CERTIFICATE-----Generated at Sat Sep 16 00:16:47 2023 by rpki-client on console-fra.rpki-client.org