$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa File: 2f35c729-72a9-490b-b37f-984abc13307d.roa (raw, json) Hash identifier: V/aFOF/G9ThMO9gvNFtgnoYYKhhF5x+ux5IwUGQItLg= Subject key identifier: 5C:C4:8D:0B:1E:04:11:A3:7C:12:F7:57:D4:33:ED:9B:13:B1:83:7C Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 2A3F08FEC4CEEC956CDB1B7768261C9FD2EE8F08 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa Signing time: Mon 11 Mar 2024 00:00:00 +0000 ROA not before: Mon 11 Mar 2024 00:00:00 +0000 ROA not after: Mon 15 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1010::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Mar 2024 12:04:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:3f:08:fe:c4:ce:ec:95:6c:db:1b:77:68:26:1c:9f:d2:ee:8f:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 11 00:00:00 2024 GMT Not After : Apr 15 23:59:59 2024 GMT Subject: serialNumber=3e8d947a4b7c9b285890ed9dd5b0d02be31e60cfe0142d112cd4caabd4f6ecc8, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:e5:87:4c:3b:ef:8b:6f:d7:c6:45:2b:ab:31: 79:b6:e8:f2:b1:ea:da:a7:99:00:5d:67:2b:42:da: 58:92:2f:42:8d:f1:81:48:48:2e:f4:af:3d:ad:84: 79:0d:8b:b6:20:bf:8b:16:0c:e5:f9:53:2f:a6:46: 49:b1:3e:ca:0a:20:b2:37:b1:a3:e0:70:e8:44:0a: 12:a6:15:80:4f:08:d4:cf:70:f9:58:ba:8b:1c:59: e6:b8:93:13:39:30:61:cd:df:7e:84:a1:86:26:78: ae:a5:88:0d:d6:82:e7:71:20:79:e0:ac:d3:9f:42: 75:8c:34:3b:d8:ac:24:c6:ff:0e:c0:26:4a:6c:58: dc:a9:d7:fc:05:c9:da:d8:5c:77:69:0c:21:ac:82: 87:a7:b2:84:61:12:c6:1b:b1:19:ec:28:8e:ec:5d: 8d:cd:0c:47:09:e3:8a:3c:8b:12:fa:f4:fc:d0:ba: 05:41:07:3a:70:ae:cf:f8:16:d2:f7:65:24:68:27: 87:3b:2c:85:b6:2a:82:4a:44:71:70:33:42:53:88: bb:63:cc:d4:cb:a7:40:36:c1:14:fb:14:cf:f6:53: 60:56:dd:0d:b3:99:f5:3f:9c:6c:b7:ba:f1:2e:3e: 8d:38:68:ef:07:04:9c:42:eb:6a:4d:20:7b:bd:45: 85:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:C4:8D:0B:1E:04:11:A3:7C:12:F7:57:D4:33:ED:9B:13:B1:83:7C X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1010::/48 Signature Algorithm: sha256WithRSAEncryption 1b:4c:9a:99:f9:d2:0b:f9:78:92:ea:21:47:e0:70:c5:40:c4: 28:91:3c:6f:a0:b8:78:f7:e5:b6:e0:d5:c7:d2:57:bd:11:4a: 53:26:9c:90:bb:15:01:6c:a3:22:2a:d5:f1:71:a4:1d:15:e8: 09:3f:55:34:67:d9:09:5b:63:7b:c1:53:a4:13:39:49:47:45: 98:94:c9:47:28:01:6a:fa:df:53:7d:27:2a:92:6d:73:38:d0: f8:ca:8c:71:c8:7a:a0:27:ff:48:a5:f2:c6:9d:79:0e:52:51: bc:73:9f:8c:af:b4:73:39:4a:38:c4:2e:3e:ed:b3:ff:a4:d6: ef:3b:e1:a1:0c:32:6f:b1:4b:3b:3d:6c:a3:48:a2:fd:cd:83: eb:e3:9b:9d:cd:52:7f:e2:e9:4d:e7:a9:df:d9:c2:69:5e:68: ff:5a:3f:44:b5:42:1e:f6:1b:e8:71:08:54:e5:5a:22:65:db: 2a:bf:99:aa:78:b8:ca:96:0c:69:d2:09:99:ac:7d:8e:2b:94: 66:6a:82:6e:bd:85:be:fb:68:a1:8b:76:4c:c9:a4:bd:51:39: bd:9b:4e:f8:54:67:48:cd:6b:8c:f3:0b:be:88:25:13:eb:51: 07:34:a7:91:06:93:73:f9:c9:c9:9f:ab:f7:66:4e:ee:75:b5: 8b:b0:97:28 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKj8I/sTO7JVs2xt3aCYcn9LujwgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MDMxMTAwMDAwMFoX DTI0MDQxNTIzNTk1OVowejFJMEcGA1UEBRNAM2U4ZDk0N2E0YjdjOWIyODU4OTBl ZDlkZDViMGQwMmJlMzFlNjBjZmUwMTQyZDExMmNkNGNhYWJkNGY2ZWNjODEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+WHTDvvi2/XxkUrqzF5tujysera p5kAXWcrQtpYki9CjfGBSEgu9K89rYR5DYu2IL+LFgzl+VMvpkZJsT7KCiCyN7Gj 4HDoRAoSphWATwjUz3D5WLqLHFnmuJMTOTBhzd9+hKGGJniupYgN1oLncSB54KzT n0J1jDQ72Kwkxv8OwCZKbFjcqdf8Bcna2Fx3aQwhrIKHp7KEYRLGG7EZ7CiO7F2N zQxHCeOKPIsS+vT80LoFQQc6cK7P+BbS92UkaCeHOyyFtiqCSkRxcDNCU4i7Y8zU y6dANsEU+xTP9lNgVt0Ns5n1P5xst7rxLj6NOGjvBwScQutqTSB7vUWFuQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFzEjQseBBGjfBL3V9Qz7ZsTsYN8MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzJmMzVjNzI5LTcyYTktNDkwYi1iMzdmLTk4NGFiYzEzMzA3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAQMA0GCSqGSIb3DQEBCwUAA4IBAQAbTJqZ+dIL+XiS6iFH 4HDFQMQokTxvoLh49+W24NXH0le9EUpTJpyQuxUBbKMiKtXxcaQdFegJP1U0Z9kJ W2N7wVOkEzlJR0WYlMlHKAFq+t9TfScqkm1zOND4yoxxyHqgJ/9IpfLGnXkOUlG8 c5+Mr7RzOUo4xC4+7bP/pNbvO+GhDDJvsUs7PWyjSKL9zYPr45udzVJ/4ulN56nf 2cJpXmj/Wj9EtUIe9hvocQhU5VoiZdsqv5mqeLjKlgxp0gmZrH2OK5RmaoJuvYW+ +2ihi3ZMyaS9UTm9m074VGdIzWuM8wu+iCUT61EHNKeRBpNz+cnJn6v3Zk7udbWL sJco -----END CERTIFICATE-----Generated at Fri Mar 29 02:18:27 2024 by rpki-client on console-ams.rpki-client.org