$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/41ea98ba-f4ea-45c4-8f0a-438a367705db.roa File: 41ea98ba-f4ea-45c4-8f0a-438a367705db.roa (raw, json) Hash identifier: u3H50bdv/g3VCogAfoFw9Gg/mFNhJLafIdebnCqZ8H4= Subject key identifier: B6:59:20:27:8A:AD:D6:A0:F3:92:DA:AA:4C:4D:AD:79:A3:6E:FA:14 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 5E005341243FF1B45B3B1D954BD3CD98BEBBCD53 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/41ea98ba-f4ea-45c4-8f0a-438a367705db.roa Signing time: Fri 05 Apr 2024 00:00:00 +0000 ROA not before: Fri 05 Apr 2024 00:00:00 +0000 ROA not after: Fri 10 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1084::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:00:53:41:24:3f:f1:b4:5b:3b:1d:95:4b:d3:cd:98:be:bb:cd:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 5 00:00:00 2024 GMT Not After : May 10 23:59:59 2024 GMT Subject: serialNumber=ec2b9058b69be2b8f5f246ebb4e2db727a203cc37f9158877a5f9baf4e3fa536, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:02:87:3d:39:f6:04:7d:27:eb:26:7a:2b:1e: b4:41:2f:7b:49:6a:c1:37:3a:4b:c8:7c:58:e3:90: bf:e0:02:d0:ae:7b:28:c4:6b:5d:7e:ae:c0:a8:e1: 7a:08:02:7c:e4:c6:70:8c:40:84:98:24:d5:6b:b5: ac:44:cf:bc:40:ef:6d:7b:a5:e1:25:1c:c2:80:25: bb:4a:c7:e9:ff:9b:87:92:22:14:c5:d3:a6:38:ba: b5:54:6a:a5:4c:16:df:c1:fd:a4:a6:66:18:98:78: 42:af:df:74:e9:1c:0b:63:f1:39:ef:49:4f:45:e8: a5:88:13:c8:09:54:97:b2:ac:a9:6e:e0:1a:0a:00: 36:93:d4:2b:65:4b:0f:32:9c:24:83:53:34:f7:28: 2c:25:ed:ef:eb:b1:b2:de:2f:18:8e:f7:bd:a4:77: 0f:3d:27:08:77:97:f0:e8:89:20:2f:d5:4d:6d:6d: 6e:a3:0a:aa:6b:03:0a:5b:9a:55:88:de:1a:a3:b4: 55:09:2a:ff:61:bb:57:1d:69:a0:e9:fe:2d:99:e7: 8a:23:cd:f7:c3:59:41:1c:a0:fb:48:c7:17:c4:e9: 89:87:a2:db:43:ba:a1:04:3f:10:c4:f7:1a:55:45: 72:f5:1e:65:04:d7:04:c3:eb:87:3c:85:43:53:4b: 09:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:59:20:27:8A:AD:D6:A0:F3:92:DA:AA:4C:4D:AD:79:A3:6E:FA:14 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/41ea98ba-f4ea-45c4-8f0a-438a367705db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1084::/48 Signature Algorithm: sha256WithRSAEncryption 0b:83:43:40:ef:37:57:fb:82:d5:e1:d0:15:c1:ec:a4:2f:e9: fc:d7:6f:25:b8:d6:ad:8a:6c:c6:da:dd:42:67:b9:f1:4d:ba: c0:2d:8c:35:6c:3a:10:18:67:6a:2e:48:ba:bf:e6:b7:94:01: 61:fe:42:e6:33:93:f7:a3:cb:16:dd:bd:79:0a:84:e9:d0:a3: d8:e6:e6:07:aa:da:cd:a2:ce:dd:8d:a3:59:ad:7c:04:dc:a1: 49:56:82:94:11:43:26:c7:70:4d:19:37:c3:65:09:85:1d:82: fb:66:c9:b7:32:a6:b2:1e:3c:fb:9e:b9:45:f9:1e:a2:81:a1: c4:81:2c:42:4c:ab:e0:70:39:67:6e:e4:c5:45:9a:e3:55:2e: 38:ce:da:8c:7c:c6:9e:f7:08:bb:06:b7:74:ac:05:75:9d:cb: 8d:c3:36:ea:cf:47:b1:6f:da:56:3b:44:72:a4:7a:ec:35:93: 0a:56:d5:84:5f:39:0c:9e:1f:82:ab:07:74:aa:47:44:07:87: b1:1e:15:25:7f:f2:36:5d:64:67:37:8a:4c:a6:e7:95:f8:3b: b8:09:0f:ca:e4:7e:17:9b:4a:a5:d0:bc:f8:2f:10:74:3d:52: d3:25:cf:80:75:9f:31:81:f7:83:36:94:2c:a5:b6:a8:67:9e: 17:c4:11:3f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXgBTQSQ/8bRbOx2VS9PNmL67zVMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MDQwNTAwMDAwMFoX DTI0MDUxMDIzNTk1OVowejFJMEcGA1UEBRNAZWMyYjkwNThiNjliZTJiOGY1ZjI0 NmViYjRlMmRiNzI3YTIwM2NjMzdmOTE1ODg3N2E1ZjliYWY0ZTNmYTUzNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogKHPTn2BH0n6yZ6Kx60QS97SWrB NzpLyHxY45C/4ALQrnsoxGtdfq7AqOF6CAJ85MZwjECEmCTVa7WsRM+8QO9te6Xh JRzCgCW7Ssfp/5uHkiIUxdOmOLq1VGqlTBbfwf2kpmYYmHhCr9906RwLY/E570lP ReiliBPICVSXsqypbuAaCgA2k9QrZUsPMpwkg1M09ygsJe3v67Gy3i8Yjve9pHcP PScId5fw6IkgL9VNbW1uowqqawMKW5pViN4ao7RVCSr/YbtXHWmg6f4tmeeKI833 w1lBHKD7SMcXxOmJh6LbQ7qhBD8QxPcaVUVy9R5lBNcEw+uHPIVDU0sJtQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLZZICeKrdag85LaqkxNrXmjbvoUMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQxZWE5OGJhLWY0ZWEtNDVjNC04ZjBhLTQzOGEzNjc3MDVkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABCEMA0GCSqGSIb3DQEBCwUAA4IBAQALg0NA7zdX+4LV4dAV weykL+n8128luNatimzG2t1CZ7nxTbrALYw1bDoQGGdqLki6v+a3lAFh/kLmM5P3 o8sW3b15CoTp0KPY5uYHqtrNos7djaNZrXwE3KFJVoKUEUMmx3BNGTfDZQmFHYL7 Zsm3MqayHjz7nrlF+R6igaHEgSxCTKvgcDlnbuTFRZrjVS44ztqMfMae9wi7Brd0 rAV1ncuNwzbqz0exb9pWO0RypHrsNZMKVtWEXzkMnh+Cqwd0qkdEB4exHhUlf/I2 XWRnN4pMpueV+Du4CQ/K5H4Xm0ql0Lz4LxB0PVLTJc+AdZ8xgfeDNpQspbaoZ54X xBE/ -----END CERTIFICATE-----Generated at Thu Apr 25 00:31:13 2024 by rpki-client on console-fra.rpki-client.org