$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: 1fRnscWYv3atAiYHFY1AqixytsRNS4oYsc8kAHU4ts8= Subject key identifier: D8:7E:F0:B8:48:B4:E0:9B:FB:E3:72:41:58:73:50:49:43:D0:17:B8 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 2577713D4C4DE442CBD40B39DDF7E8F3C5598D89 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Mon 04 Sep 2023 00:00:00 +0000 ROA not before: Mon 04 Sep 2023 00:00:00 +0000 ROA not after: Mon 09 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 Sep 2023 03:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:77:71:3d:4c:4d:e4:42:cb:d4:0b:39:dd:f7:e8:f3:c5:59:8d:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 4 00:00:00 2023 GMT Not After : Oct 9 23:59:59 2023 GMT Subject: serialNumber=3aa8ce6072cfd0b464e456d6eabf52b65add2a01a526c060235309a8c1de2efb, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:37:15:ed:4b:36:2f:79:c8:85:1f:1c:62:d1: f3:61:b6:2a:3a:0a:f0:f5:d4:a0:90:39:93:8b:e5: af:a5:c3:3f:68:00:ca:bd:0b:ae:b8:0a:d2:3a:6b: bb:eb:05:e8:85:ed:65:20:e8:a1:8f:44:24:db:67: 1c:1b:70:be:f8:42:95:4f:ba:92:b9:23:dc:55:60: aa:65:8f:e0:12:41:98:f6:e1:dc:75:b0:9a:fc:3d: ab:66:4e:96:f9:d8:ac:89:69:a1:d0:1f:6c:6a:2d: b3:f8:36:41:55:85:a0:8b:ff:7b:82:0a:c4:a5:0e: d2:d4:dc:8f:6f:3b:f4:80:e6:8d:52:d3:b6:7d:24: 42:13:52:b7:b3:bc:ea:59:14:84:69:5b:a7:60:b4: 92:3f:f4:32:9c:b4:80:0f:35:9a:a4:e8:fe:62:30: 17:d3:ba:c2:5a:ac:bb:56:45:6e:05:e6:26:a5:23: 01:cb:cc:b7:ab:f4:81:b6:8b:7a:8a:cf:0b:06:25: 64:df:59:21:98:a6:64:e4:0d:17:37:63:c6:85:99: ec:8e:f4:93:76:f8:76:41:7a:88:c0:ab:6d:76:c6: 69:42:5b:04:6b:10:97:aa:4c:86:95:cd:98:52:9a: 71:69:03:db:34:48:d2:a5:83:1b:70:ef:de:b0:e5: 4f:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:7E:F0:B8:48:B4:E0:9B:FB:E3:72:41:58:73:50:49:43:D0:17:B8 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 68:80:cb:4d:2b:af:d4:d0:fb:d9:67:c2:91:de:ff:0f:a1:41: 21:35:7c:5a:d5:ef:24:d5:e8:c9:43:f5:df:5e:3b:ff:14:37: dd:09:00:16:cd:8b:33:a8:ea:1c:85:26:bf:7a:35:4c:38:02: ea:32:92:d9:17:8d:4b:fa:9f:7a:93:34:0b:67:c2:77:7e:db: 70:7c:9d:4d:d9:11:ba:55:34:d8:4f:54:d7:71:1a:17:9a:0f: 0a:e4:4c:32:de:80:e1:bd:c4:70:fa:a3:ac:76:27:88:1b:ed: 7e:62:4f:33:b5:d9:5c:66:93:76:4c:e8:bb:3c:cc:51:b3:82: 63:97:87:86:d3:ec:bf:8b:d0:1a:ce:0b:1c:5e:85:e5:d2:c1: c8:f3:a1:df:d7:bb:eb:cf:dc:0c:14:3f:7d:4c:85:e1:14:42: bc:13:e1:1e:fc:97:d7:d6:57:72:1c:ad:93:0b:93:da:28:2a: fd:49:26:c5:fd:80:bc:b0:e4:5d:3e:85:64:ae:93:f3:12:69: 20:dd:14:f8:90:df:08:a0:12:c0:67:ab:62:9d:23:73:87:36: e1:94:05:f9:35:24:9f:55:2f:56:09:fe:0e:d2:3d:c0:01:7c: 62:6a:a8:91:68:92:90:71:aa:de:13:a7:1e:e1:b9:8d:88:c7: 7f:41:77:65 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJXdxPUxN5ELL1As53ffo88VZjYkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkwNDAwMDAwMFoX DTIzMTAwOTIzNTk1OVowejFJMEcGA1UEBRNAM2FhOGNlNjA3MmNmZDBiNDY0ZTQ1 NmQ2ZWFiZjUyYjY1YWRkMmEwMWE1MjZjMDYwMjM1MzA5YThjMWRlMmVmYjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzcV7Us2L3nIhR8cYtHzYbYqOgrw 9dSgkDmTi+WvpcM/aADKvQuuuArSOmu76wXohe1lIOihj0Qk22ccG3C++EKVT7qS uSPcVWCqZY/gEkGY9uHcdbCa/D2rZk6W+disiWmh0B9sai2z+DZBVYWgi/97ggrE pQ7S1NyPbzv0gOaNUtO2fSRCE1K3s7zqWRSEaVunYLSSP/QynLSADzWapOj+YjAX 07rCWqy7VkVuBeYmpSMBy8y3q/SBtot6is8LBiVk31khmKZk5A0XN2PGhZnsjvST dvh2QXqIwKttdsZpQlsEaxCXqkyGlc2YUppxaQPbNEjSpYMbcO/esOVPHwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNh+8LhItOCb++NyQVhzUElD0Be4MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQBogMtNK6/U0PvZZ8KR 3v8PoUEhNXxa1e8k1ejJQ/XfXjv/FDfdCQAWzYszqOochSa/ejVMOALqMpLZF41L +p96kzQLZ8J3fttwfJ1N2RG6VTTYT1TXcRoXmg8K5Ewy3oDhvcRw+qOsdieIG+1+ Yk8ztdlcZpN2TOi7PMxRs4Jjl4eG0+y/i9AazgscXoXl0sHI86Hf17vrz9wMFD99 TIXhFEK8E+Ee/JfX1ldyHK2TC5PaKCr9SSbF/YC8sORdPoVkrpPzEmkg3RT4kN8I oBLAZ6tinSNzhzbhlAX5NSSfVS9WCf4O0j3AAXxiaqiRaJKQcareE6ce4bmNiMd/ QXdl -----END CERTIFICATE-----Generated at Mon Sep 4 15:17:37 2023 by rpki-client on console-ams.rpki-client.org