$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa File: 59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa (raw, json) Hash identifier: UgFWb1Rus8GBnQVWgWjI+A0UOxrr2Oic3VfiOGE7CDQ= Subject key identifier: B4:65:B6:81:97:9E:B4:D0:B4:06:6E:BE:C9:CA:3E:84:AE:48:EF:B3 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 03B9E5879670A4F5A03256C3DA8F95E9AE8ABFF3 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1004::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:b9:e5:87:96:70:a4:f5:a0:32:56:c3:da:8f:95:e9:ae:8a:bf:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=cdb39539ccece354d07cd571b964b15b78501872b8240d1ad38d94f2eb214a0f, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:45:f1:5a:95:b7:16:a5:1e:31:ce:56:77:db: 5c:f3:d7:ad:72:c5:a2:9c:44:63:cf:3b:29:2d:67: 01:82:0e:88:83:be:dd:4e:a0:1f:28:c2:c3:59:0b: cf:70:45:0e:4f:35:94:62:fb:fa:93:60:80:fb:24: e5:bc:6d:9a:2c:73:4f:57:33:e3:3e:fb:5e:88:7d: 85:c6:b7:ca:a4:43:e1:12:de:9c:90:ad:45:77:2f: ce:f2:23:67:f4:3c:19:12:29:70:84:6d:40:c3:22: b1:23:4a:21:28:ae:ff:12:fd:75:e2:0d:3b:2e:ae: 6f:0d:eb:5e:33:d3:16:25:95:88:71:92:86:ee:a7: 12:89:f4:0a:85:f5:f8:20:bd:0f:1f:f6:43:48:da: ea:fc:5b:51:ef:17:fc:15:57:05:98:9e:3f:39:00: 06:9d:3e:73:88:25:04:ef:df:08:c8:e9:4d:7a:5b: 1d:00:2b:58:ae:f3:18:16:d5:1f:0b:28:36:08:ca: 5c:75:e1:02:a1:62:4d:e9:07:db:cc:47:2d:1c:54: 11:96:d4:56:5d:61:8f:87:4a:59:50:b4:9d:a9:b3: a3:e9:48:8d:0d:f9:e5:84:1c:6d:78:a5:46:fc:f3: 06:95:ff:23:60:1e:32:36:a1:43:0e:a6:c7:bd:33: 44:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:65:B6:81:97:9E:B4:D0:B4:06:6E:BE:C9:CA:3E:84:AE:48:EF:B3 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1004::/48 Signature Algorithm: sha256WithRSAEncryption 4b:85:48:1c:a9:c6:b0:50:22:58:e3:d2:36:81:33:56:74:fd: 88:3a:c3:23:02:e2:55:8f:94:a9:26:f3:63:3d:2e:25:95:00: c2:0c:48:ff:3a:70:72:8c:c7:da:d5:ff:f8:92:81:a9:d5:4b: 4f:f4:97:59:8b:80:f0:8f:29:3b:7e:27:b1:1e:d4:ec:41:db: e8:33:79:9d:6d:a5:3a:94:ac:ad:f0:21:ba:25:e4:73:e0:a8: cb:ac:64:2f:3c:b9:4e:16:bd:14:fe:3f:a3:aa:fc:2c:5b:47: 95:c2:29:c9:fd:11:cc:e3:4e:74:4f:cd:34:b0:c1:0f:c2:a0: ce:e7:6b:c3:33:f2:c9:e8:1e:38:7a:69:e0:61:e1:d7:0c:f4: c8:7d:6d:7e:28:29:7c:2b:13:7b:31:19:cb:ae:99:57:ce:ea: b6:97:0d:40:bd:db:d4:d0:22:3a:08:83:28:8e:b5:cf:33:11: fa:4a:ee:f3:6a:c7:5f:79:ae:f1:43:5c:bf:45:49:ea:aa:87: b7:cb:7c:df:b5:7f:d0:dd:f5:9a:45:ef:2a:5a:94:68:10:17: bb:aa:6a:ae:cb:9f:3a:ce:bc:6d:2a:12:af:89:46:7b:03:f2: f8:b3:aa:a2:99:93:b8:c5:79:d4:a2:90:8d:7b:ef:05:96:d8: e5:fc:4b:15 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUA7nlh5ZwpPWgMlbD2o+V6a6Kv/MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAY2RiMzk1MzljY2VjZTM1NGQwN2Nk NTcxYjk2NGIxNWI3ODUwMTg3MmI4MjQwZDFhZDM4ZDk0ZjJlYjIxNGEwZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0XxWpW3FqUeMc5Wd9tc89etcsWi nERjzzspLWcBgg6Ig77dTqAfKMLDWQvPcEUOTzWUYvv6k2CA+yTlvG2aLHNPVzPj PvteiH2FxrfKpEPhEt6ckK1Fdy/O8iNn9DwZEilwhG1AwyKxI0ohKK7/Ev114g07 Lq5vDeteM9MWJZWIcZKG7qcSifQKhfX4IL0PH/ZDSNrq/FtR7xf8FVcFmJ4/OQAG nT5ziCUE798IyOlNelsdACtYrvMYFtUfCyg2CMpcdeECoWJN6QfbzEctHFQRltRW XWGPh0pZULSdqbOj6UiNDfnlhBxteKVG/PMGlf8jYB4yNqFDDqbHvTNEVQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLRltoGXnrTQtAZuvsnKPoSuSO+zMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU5ODYwZWMxLTVmMDgtNDY0OC04ZmE5LTc5ZjJiYmYyZWM4ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAEMA0GCSqGSIb3DQEBCwUAA4IBAQBLhUgcqcawUCJY49I2 gTNWdP2IOsMjAuJVj5SpJvNjPS4llQDCDEj/OnByjMfa1f/4koGp1UtP9JdZi4Dw jyk7fiexHtTsQdvoM3mdbaU6lKyt8CG6JeRz4KjLrGQvPLlOFr0U/j+jqvwsW0eV winJ/RHM4050T800sMEPwqDO52vDM/LJ6B44emngYeHXDPTIfW1+KCl8KxN7MRnL rplXzuq2lw1AvdvU0CI6CIMojrXPMxH6Su7zasdfea7xQ1y/RUnqqoe3y3zftX/Q 3fWaRe8qWpRoEBe7qmquy586zrxtKhKviUZ7A/L4s6qimZO4xXnUopCNe+8Fltjl /EsV -----END CERTIFICATE-----Generated at Sat Sep 16 00:16:47 2023 by rpki-client on console-fra.rpki-client.org