$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: 8lc6EPwOSipzIAlxX7LwDIYWAD1tn6OW1XGJCMdRYoM= Subject key identifier: 0F:46:60:26:1F:46:9E:E9:A4:2B:AC:44:C1:7C:8B:A3:30:2A:A9:44 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 788169AEEF4A5BBBE35822BC6D57A7897129A716 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:81:69:ae:ef:4a:5b:bb:e3:58:22:bc:6d:57:a7:89:71:29:a7:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=50a73dca508375f157c335910ceb9b5ffb18d99dcfd904645896e4cebacef5e0, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:48:11:ef:6a:a5:6f:23:17:07:a9:d9:5e:2f: 9d:21:35:81:01:c0:b2:ab:62:13:d8:91:3b:4c:7c: 27:80:cc:75:3e:b3:74:04:db:d9:be:f6:c1:30:94: 58:73:62:0a:14:31:84:c7:79:10:02:c2:bd:f0:ea: 87:f3:98:8d:4e:12:62:6c:cd:69:65:16:d7:ed:a3: 33:ed:06:98:24:7c:76:2c:27:6b:e8:19:06:1c:1c: 43:cd:38:8e:56:9a:01:31:81:ad:12:ff:3c:68:6d: 09:82:27:2f:6c:c5:94:ce:0c:fb:57:26:f6:b8:4a: c8:38:22:82:b4:ce:b7:11:a7:1a:41:fa:51:3c:33: 34:e1:35:c9:5a:b2:e4:99:27:58:46:d8:84:f9:5b: a4:c3:80:0b:96:ff:db:a3:7c:9f:71:2b:8c:e5:98: 31:19:96:2f:45:dc:95:69:bb:38:7a:7c:07:e5:ff: 57:d0:e0:1a:22:1e:cb:cb:20:d5:2c:f2:d0:81:67: 79:c4:3e:48:4b:fa:55:8d:1d:97:df:78:97:f3:b9: cc:ff:19:f3:2f:7e:94:7a:c8:49:54:a5:89:af:8d: 31:ca:7d:c9:1b:a0:7f:08:2a:38:30:5a:01:65:f8: b7:70:41:cf:9a:e7:60:9d:47:32:8c:4c:fb:d0:5e: e4:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:46:60:26:1F:46:9E:E9:A4:2B:AC:44:C1:7C:8B:A3:30:2A:A9:44 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 07:40:a4:6f:2c:57:51:91:bc:3f:da:02:4e:f9:f1:03:da:60: 61:96:1a:5a:b7:ea:2f:2a:c7:6d:12:e2:37:13:3c:88:59:c5: a7:34:04:f1:5e:8e:57:16:53:da:5d:a9:8a:03:b4:c3:ff:d7: 0e:f1:6e:f3:21:91:fc:8d:ed:be:69:c7:92:03:53:56:4f:2b: 0f:af:6e:66:26:5a:86:c2:3b:b1:72:1c:a6:4d:a5:a1:73:8f: 22:60:2d:5a:84:0b:38:10:01:22:44:5a:41:fa:78:e4:61:a0: db:30:b5:dd:43:da:94:b4:46:3e:74:bb:fe:83:48:05:3e:0a: 84:df:8c:4d:b9:df:95:99:e4:23:62:2d:f4:bf:44:fc:42:3f: 42:1f:3d:2f:8e:60:3e:3c:fb:80:92:75:52:d8:fb:9d:60:d4: 75:b2:59:65:93:aa:32:7e:a3:7a:a8:d6:19:08:04:20:6d:59: 15:48:9f:59:de:89:c5:6e:28:9c:08:1a:0e:7e:9c:69:cc:94: af:b2:8b:0e:05:02:0b:a3:10:39:c5:24:66:bd:89:0b:5e:0b: bd:39:e3:03:6a:e6:26:1a:6f:35:2a:21:2d:2b:dd:91:f6:2a: 54:27:77:b2:8d:9a:dc:db:9c:cf:90:0a:ac:1e:df:bb:0d:43: 57:36:78:e8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUeIFpru9KW7vjWCK8bVeniXEppxYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MDQxNzAwMDAwMFoX DTI0MDUyMjIzNTk1OVowejFJMEcGA1UEBRNANTBhNzNkY2E1MDgzNzVmMTU3YzMz NTkxMGNlYjliNWZmYjE4ZDk5ZGNmZDkwNDY0NTg5NmU0Y2ViYWNlZjVlMDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUgR72qlbyMXB6nZXi+dITWBAcCy q2IT2JE7THwngMx1PrN0BNvZvvbBMJRYc2IKFDGEx3kQAsK98OqH85iNThJibM1p ZRbX7aMz7QaYJHx2LCdr6BkGHBxDzTiOVpoBMYGtEv88aG0JgicvbMWUzgz7Vyb2 uErIOCKCtM63EacaQfpRPDM04TXJWrLkmSdYRtiE+Vukw4ALlv/bo3yfcSuM5Zgx GZYvRdyVabs4enwH5f9X0OAaIh7LyyDVLPLQgWd5xD5IS/pVjR2X33iX87nM/xnz L36UeshJVKWJr40xyn3JG6B/CCo4MFoBZfi3cEHPmudgnUcyjEz70F7kzQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFA9GYCYfRp7ppCusRMF8i6MwKqlEMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAHQKRvLFdRkbw/2gJO +fED2mBhlhpat+ovKsdtEuI3EzyIWcWnNATxXo5XFlPaXamKA7TD/9cO8W7zIZH8 je2+aceSA1NWTysPr25mJlqGwjuxchymTaWhc48iYC1ahAs4EAEiRFpB+njkYaDb MLXdQ9qUtEY+dLv+g0gFPgqE34xNud+VmeQjYi30v0T8Qj9CHz0vjmA+PPuAknVS 2PudYNR1slllk6oyfqN6qNYZCAQgbVkVSJ9Z3onFbiicCBoOfpxpzJSvsosOBQIL oxA5xSRmvYkLXgu9OeMDauYmGm81KiEtK92R9ipUJ3eyjZrc25zPkAqsHt+7DUNX Nnjo -----END CERTIFICATE-----Generated at Fri Apr 19 00:52:14 2024 by rpki-client on console-ams.rpki-client.org