$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa File: 59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa (raw, json) Hash identifier: Cn8zww69rd5rF9RtwQ0wNSuuxjWe7z06drO14zGTiqE= Subject key identifier: C9:FA:31:49:59:67:F5:DE:DF:00:1C:1D:0A:9C:B4:24:7C:81:7D:41 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 072C96550FAAE0D435CEEA42E45F6DA91C49C868 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa Signing time: Mon 11 Mar 2024 00:00:00 +0000 ROA not before: Mon 11 Mar 2024 00:00:00 +0000 ROA not after: Mon 15 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1004::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Mar 2024 12:04:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:2c:96:55:0f:aa:e0:d4:35:ce:ea:42:e4:5f:6d:a9:1c:49:c8:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 11 00:00:00 2024 GMT Not After : Apr 15 23:59:59 2024 GMT Subject: serialNumber=5e38683c4b0df464524f23588fcfb98603307c6c56a0816b5ccb40d8515e9aea, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:1b:ed:a9:64:7b:fb:ee:89:06:42:0b:35:a8: 93:73:d5:e4:cc:21:f7:76:55:ed:8c:96:0c:51:dc: 75:32:45:41:0c:32:4b:d1:ee:a0:09:f9:3e:ec:ea: b3:f2:86:b3:2a:6d:37:e7:78:f8:b4:28:3d:87:07: 4e:d8:38:48:68:e1:af:e5:82:43:fa:2d:7b:5a:f5: 3c:ef:d1:37:49:79:03:cd:6d:c1:2c:a7:06:21:6f: d1:e2:5c:c3:fe:b0:6c:5d:b9:d8:01:cb:d5:29:0b: 1d:1d:48:b1:90:4a:7b:c9:73:74:ee:fe:c1:6b:a4: f4:19:ad:3e:50:aa:5a:78:b6:a3:0d:d9:3f:61:4c: 21:c2:c5:cf:f7:ab:0f:aa:63:fe:35:bf:eb:e3:58: 73:36:5c:35:c2:1d:54:e7:5d:c6:c2:ce:ec:ee:f6: e6:4a:05:fe:7c:53:1b:7a:19:38:8e:68:f8:12:d4: fa:3e:07:c4:a3:5c:da:1a:8b:54:95:27:fd:df:b8: 1b:15:e7:a1:01:2e:35:86:c9:6e:4c:09:25:f3:3f: 47:63:50:3a:56:43:ec:4a:7b:a7:12:cc:2a:79:fe: 8b:4d:8b:bb:3b:67:84:ba:75:07:57:4b:58:a5:43: ec:24:da:49:93:7b:6c:ad:d1:66:45:07:23:3b:fa: 40:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:FA:31:49:59:67:F5:DE:DF:00:1C:1D:0A:9C:B4:24:7C:81:7D:41 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1004::/48 Signature Algorithm: sha256WithRSAEncryption 0a:e8:4a:50:b7:6d:82:24:30:12:57:e7:7e:93:e1:5f:e4:6f: 0e:66:fb:7c:ce:a4:6c:e3:83:78:51:b3:c7:9f:bc:d9:b9:e0: 35:ea:73:69:df:66:28:a2:59:ef:6e:7a:17:e0:28:54:43:d2: 56:8e:e2:0d:b4:fb:70:fc:49:96:8a:f0:6e:00:b1:c3:42:60: d6:99:2f:ef:3b:b4:98:df:9e:f6:0a:f9:09:7c:00:79:bc:f1: ce:94:d9:10:bc:dd:71:60:9a:1d:d8:0e:9f:5f:9d:8d:3b:52: 25:1e:69:b9:bf:6d:97:6e:ec:62:91:76:6a:01:15:6f:ea:54: d1:7e:9e:72:8a:fe:6e:0d:c9:24:d5:8c:47:67:ce:85:d0:18: f8:cc:37:6a:e2:92:41:4c:7b:25:33:2f:f8:26:41:9a:f9:fc: 75:e4:ab:3d:86:73:54:60:8e:83:be:04:f6:76:07:dd:b6:7f: 74:5c:df:be:83:47:b9:35:b0:cf:e1:40:b3:79:d8:d0:e2:bd: c3:3c:9c:13:00:46:84:28:d9:b8:4a:72:47:3c:1f:df:08:9a: 40:f8:57:e0:84:b9:a9:71:ea:65:43:c5:6b:8f:8a:8b:74:c4: 11:4e:07:bc:cf:32:c3:21:6a:34:86:04:f7:86:b2:f4:a5:f1: c8:c6:dd:d9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUByyWVQ+q4NQ1zupC5F9tqRxJyGgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MDMxMTAwMDAwMFoX DTI0MDQxNTIzNTk1OVowejFJMEcGA1UEBRNANWUzODY4M2M0YjBkZjQ2NDUyNGYy MzU4OGZjZmI5ODYwMzMwN2M2YzU2YTA4MTZiNWNjYjQwZDg1MTVlOWFlYTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhvtqWR7++6JBkILNaiTc9XkzCH3 dlXtjJYMUdx1MkVBDDJL0e6gCfk+7Oqz8oazKm0353j4tCg9hwdO2DhIaOGv5YJD +i17WvU879E3SXkDzW3BLKcGIW/R4lzD/rBsXbnYAcvVKQsdHUixkEp7yXN07v7B a6T0Ga0+UKpaeLajDdk/YUwhwsXP96sPqmP+Nb/r41hzNlw1wh1U513Gws7s7vbm SgX+fFMbehk4jmj4EtT6PgfEo1zaGotUlSf937gbFeehAS41hsluTAkl8z9HY1A6 VkPsSnunEswqef6LTYu7O2eEunUHV0tYpUPsJNpJk3tsrdFmRQcjO/pA1wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMn6MUlZZ/Xe3wAcHQqctCR8gX1BMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU5ODYwZWMxLTVmMDgtNDY0OC04ZmE5LTc5ZjJiYmYyZWM4ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAEMA0GCSqGSIb3DQEBCwUAA4IBAQAK6EpQt22CJDASV+d+ k+Ff5G8OZvt8zqRs44N4UbPHn7zZueA16nNp32YoolnvbnoX4ChUQ9JWjuINtPtw /EmWivBuALHDQmDWmS/vO7SY3572CvkJfAB5vPHOlNkQvN1xYJod2A6fX52NO1Il Hmm5v22XbuxikXZqARVv6lTRfp5yiv5uDckk1YxHZ86F0Bj4zDdq4pJBTHslMy/4 JkGa+fx15Ks9hnNUYI6DvgT2dgfdtn90XN++g0e5NbDP4UCzedjQ4r3DPJwTAEaE KNm4SnJHPB/fCJpA+FfghLmpceplQ8Vrj4qLdMQRTge8zzLDIWo0hgT3hrL0pfHI xt3Z -----END CERTIFICATE-----Generated at Fri Mar 29 02:38:19 2024 by rpki-client on console-fra.rpki-client.org