$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/41ea98ba-f4ea-45c4-8f0a-438a367705db.roa File: 41ea98ba-f4ea-45c4-8f0a-438a367705db.roa (raw, json) Hash identifier: VFzXXMFEw+h+HDKdyp1UJiKxngXq4+SvEfzjr5ba8Z4= Subject key identifier: BA:1C:FA:D7:44:9D:8D:25:39:41:61:38:59:BE:1C:A8:F5:FD:16:A3 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 62C86112BC78C71CA1299D24DD825A08B3294C43 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/41ea98ba-f4ea-45c4-8f0a-438a367705db.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1084::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:c8:61:12:bc:78:c7:1c:a1:29:9d:24:dd:82:5a:08:b3:29:4c:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=311950d2a71e01f236cfc063847f07ebce898c439d9b3303c8636952e1d90735, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5a:e3:46:ef:3e:40:f4:0f:45:c4:07:f7:8c: 65:d2:80:f0:aa:df:c4:60:c9:63:f5:bc:b3:a4:1f: 83:7a:c6:45:84:ad:77:26:b0:bf:e2:a5:cc:b8:b3: eb:c0:c5:19:b3:17:e4:89:4b:77:ce:bd:3a:06:19: b5:1e:3d:d9:a9:5d:c1:91:d9:a8:6b:21:a9:4f:0e: 53:77:69:28:02:17:09:cb:8a:1c:8b:d3:62:91:bb: f5:48:5b:a1:3b:fd:53:6a:76:1b:7f:bd:7a:bf:7b: cb:bb:71:02:f3:e9:4b:ca:68:f3:2d:ec:52:ff:63: 14:5f:ea:7e:c7:41:8e:7e:5c:6b:4a:92:2b:15:51: ac:79:7e:60:a4:4e:af:2a:fa:8e:af:99:d9:cf:32: 75:f1:26:4f:3b:12:ab:09:23:54:2f:02:c8:28:30: bb:86:f9:77:1d:4e:c1:8f:cd:0c:70:55:73:ef:56: 49:c1:c7:12:9f:43:2b:9f:ea:e1:a7:7a:e4:35:3a: 11:5b:d7:dc:7b:73:9d:60:7c:d5:8b:7f:fe:c6:04: 11:41:31:4b:49:38:69:68:77:a4:73:4c:9c:42:ae: 8c:4d:84:96:f6:37:83:01:d8:2c:d3:a5:56:d1:d5: 08:57:e3:2a:f5:9c:5a:75:3f:70:41:a1:e3:ee:27: 71:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:1C:FA:D7:44:9D:8D:25:39:41:61:38:59:BE:1C:A8:F5:FD:16:A3 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/41ea98ba-f4ea-45c4-8f0a-438a367705db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1084::/48 Signature Algorithm: sha256WithRSAEncryption 5d:7a:04:8f:a0:9b:ae:33:28:a8:ad:55:ec:eb:b0:82:23:e3: 21:19:3d:f5:44:4a:01:21:d1:20:d2:ad:de:b3:25:65:82:9e: f0:62:12:54:65:87:fe:6b:60:6e:b7:f6:50:d8:35:09:7a:a2: 20:c9:c3:5e:94:8f:0a:2e:dc:30:b7:26:c1:0f:3f:ca:2f:6f: b3:46:7c:f9:28:0b:e7:cb:ed:d7:3d:47:c6:b8:bf:20:63:0d: 8e:87:d3:d4:40:78:86:6a:e5:2c:b5:0f:57:2b:d8:8d:6d:81: 4b:5d:80:b5:08:b7:56:f6:87:97:ed:40:d5:ee:87:da:0e:59: de:85:11:9e:cd:1c:14:fe:7d:06:a7:a4:af:9f:24:d3:04:51: 7a:66:76:fe:b9:eb:23:0c:a9:a5:8b:65:c6:49:04:21:cb:a5: c3:f8:f1:33:01:77:e1:22:c7:37:7e:95:9e:f0:cc:4c:d2:bb: b7:f0:8e:b3:0c:49:c0:75:3d:0f:90:c1:2a:06:64:b0:31:3b: 55:b8:fb:52:71:09:b7:5b:5f:de:32:74:83:13:68:61:5a:8d: 31:0f:c5:05:08:b6:56:55:74:98:d2:09:b1:46:73:bd:40:23: 5e:19:84:8b:81:4b:f3:84:40:3e:e7:0d:20:2b:20:52:8b:85: 67:4f:7b:42 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYshhErx4xxyhKZ0k3YJaCLMpTEMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAMzExOTUwZDJhNzFlMDFmMjM2Y2Zj MDYzODQ3ZjA3ZWJjZTg5OGM0MzlkOWIzMzAzYzg2MzY5NTJlMWQ5MDczNTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1rjRu8+QPQPRcQH94xl0oDwqt/E YMlj9byzpB+DesZFhK13JrC/4qXMuLPrwMUZsxfkiUt3zr06Bhm1Hj3ZqV3Bkdmo ayGpTw5Td2koAhcJy4oci9Nikbv1SFuhO/1TanYbf716v3vLu3EC8+lLymjzLexS /2MUX+p+x0GOflxrSpIrFVGseX5gpE6vKvqOr5nZzzJ18SZPOxKrCSNULwLIKDC7 hvl3HU7Bj80McFVz71ZJwccSn0Mrn+rhp3rkNToRW9fce3OdYHzVi3/+xgQRQTFL SThpaHekc0ycQq6MTYSW9jeDAdgs06VW0dUIV+Mq9ZxadT9wQaHj7idxrwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLoc+tdEnY0lOUFhOFm+HKj1/RajMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQxZWE5OGJhLWY0ZWEtNDVjNC04ZjBhLTQzOGEzNjc3MDVkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABCEMA0GCSqGSIb3DQEBCwUAA4IBAQBdegSPoJuuMyiorVXs 67CCI+MhGT31REoBIdEg0q3esyVlgp7wYhJUZYf+a2But/ZQ2DUJeqIgycNelI8K LtwwtybBDz/KL2+zRnz5KAvny+3XPUfGuL8gYw2Oh9PUQHiGauUstQ9XK9iNbYFL XYC1CLdW9oeX7UDV7ofaDlnehRGezRwU/n0Gp6SvnyTTBFF6Znb+uesjDKmli2XG SQQhy6XD+PEzAXfhIsc3fpWe8MxM0ru38I6zDEnAdT0PkMEqBmSwMTtVuPtScQm3 W1/eMnSDE2hhWo0xD8UFCLZWVXSY0gmxRnO9QCNeGYSLgUvzhEA+5w0gKyBSi4Vn T3tC -----END CERTIFICATE-----Generated at Sat Sep 16 00:16:47 2023 by rpki-client on console-fra.rpki-client.org