$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/90e88caa-70b7-406a-a161-a6118790ffdb.roa File: 90e88caa-70b7-406a-a161-a6118790ffdb.roa (raw, json) Hash identifier: Z4ut0O/81USGGkgnXM2e9y9+8wzB1cdWQvsWSaZfsjM= Subject key identifier: 26:2C:DE:9A:F6:5E:A4:B6:C6:56:F1:79:62:02:98:9A:A8:23:46:EF Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 4908B51333FEFEC9E8C7B17A4903131A61F1DFEF Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/90e88caa-70b7-406a-a161-a6118790ffdb.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1008::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:08:b5:13:33:fe:fe:c9:e8:c7:b1:7a:49:03:13:1a:61:f1:df:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=c9428c6ad333504c4fee5cd68030d6f42c33e4d85a58e0d9b21ad087011dc6d0, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d3:f7:d0:0f:5d:a1:81:5e:15:6f:04:0a:43: cf:ea:6c:31:2c:2c:ff:06:12:f0:07:45:39:df:aa: be:22:77:49:1d:b0:66:14:ca:1f:16:4b:c8:0c:3a: 04:48:e3:87:8e:ef:48:33:e4:06:b8:5f:18:af:4e: b7:fb:8e:c9:3f:4e:34:a7:11:fa:d5:e5:6e:f8:9f: a4:31:5f:2c:28:63:b4:6c:c2:4b:75:fc:af:12:28: e5:28:62:bd:77:3d:03:73:42:13:7c:47:7a:24:9f: a6:6b:5d:e2:df:77:84:1a:e6:af:4d:ba:bb:82:4a: 33:f9:58:61:ed:26:3f:62:42:bc:d9:f9:58:1a:ba: 88:67:b7:cf:1b:7c:3f:a0:05:a5:5a:bf:53:5c:da: 20:de:0a:ea:55:6e:5d:bf:f4:e7:6d:ef:cb:f9:27: 37:62:31:a9:01:64:08:07:b1:4c:59:56:6c:72:78: bc:d5:1a:ec:0d:20:ce:bb:b9:6f:2c:f7:fa:16:2b: 8d:0e:66:4d:23:98:9d:54:b3:7c:2a:40:90:19:0e: d6:f5:95:b3:b8:0a:47:fd:43:7e:2b:be:5b:76:6c: 51:c7:c8:e6:fb:d1:f0:9b:7d:b9:46:81:25:49:fe: 1e:0c:7b:7b:31:89:4b:4e:5a:11:65:c4:50:a5:17: 48:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:2C:DE:9A:F6:5E:A4:B6:C6:56:F1:79:62:02:98:9A:A8:23:46:EF X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/90e88caa-70b7-406a-a161-a6118790ffdb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1008::/48 Signature Algorithm: sha256WithRSAEncryption 48:db:37:b2:13:35:e6:3a:a3:d0:7e:79:fa:c6:50:95:30:94: ea:cf:f3:17:3c:2e:ab:bf:7d:63:68:20:ff:41:a0:b1:bf:15: cd:c6:57:f9:ec:d6:7a:1f:fa:19:ff:4e:40:c7:7f:85:21:47: c2:f4:6a:f8:72:b4:1c:6a:8c:08:55:0d:98:8c:7a:72:6a:ed: 64:3b:93:10:22:b2:3e:45:90:9a:13:ef:8b:77:5d:bf:54:84: db:81:83:5c:02:76:47:eb:eb:46:d1:59:1e:d9:72:52:23:5f: b5:77:4f:ad:9d:4c:12:13:5d:4b:52:2e:71:64:35:da:7b:96: 14:7a:3e:60:05:8b:8b:8d:b2:71:af:84:01:99:fd:dd:a3:4f: 54:88:f2:54:ec:14:6b:80:3f:9e:81:f7:59:2d:c7:e3:c8:03: 88:b9:8a:ec:14:fe:85:d6:a2:00:66:6e:80:25:d7:12:47:2b: 7b:d8:9f:89:0f:0b:7c:c2:df:c9:07:8d:9c:bc:9f:8c:d9:56: bc:d5:ce:14:1b:0e:48:1c:38:8b:fb:72:f3:0f:ac:52:ab:05: 19:d7:62:32:79:aa:46:31:85:f6:8c:7d:0a:2b:87:2c:a2:21: 79:1b:53:17:ff:85:25:63:17:97:18:6e:54:8d:20:1f:91:9d: 7a:c3:8d:2d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSQi1EzP+/snox7F6SQMTGmHx3+8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAYzk0MjhjNmFkMzMzNTA0YzRmZWU1 Y2Q2ODAzMGQ2ZjQyYzMzZTRkODVhNThlMGQ5YjIxYWQwODcwMTFkYzZkMDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9P30A9doYFeFW8ECkPP6mwxLCz/ BhLwB0U536q+IndJHbBmFMofFkvIDDoESOOHju9IM+QGuF8Yr063+47JP040pxH6 1eVu+J+kMV8sKGO0bMJLdfyvEijlKGK9dz0Dc0ITfEd6JJ+ma13i33eEGuavTbq7 gkoz+Vhh7SY/YkK82flYGrqIZ7fPG3w/oAWlWr9TXNog3grqVW5dv/Tnbe/L+Sc3 YjGpAWQIB7FMWVZscni81RrsDSDOu7lvLPf6FiuNDmZNI5idVLN8KkCQGQ7W9ZWz uApH/UN+K75bdmxRx8jm+9Hwm325RoElSf4eDHt7MYlLTloRZcRQpRdIyQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCYs3pr2XqS2xlbxeWICmJqoI0bvMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzkwZTg4Y2FhLTcwYjctNDA2YS1hMTYxLWE2MTE4NzkwZmZkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAIMA0GCSqGSIb3DQEBCwUAA4IBAQBI2zeyEzXmOqPQfnn6 xlCVMJTqz/MXPC6rv31jaCD/QaCxvxXNxlf57NZ6H/oZ/05Ax3+FIUfC9Gr4crQc aowIVQ2YjHpyau1kO5MQIrI+RZCaE++Ld12/VITbgYNcAnZH6+tG0Vke2XJSI1+1 d0+tnUwSE11LUi5xZDXae5YUej5gBYuLjbJxr4QBmf3do09UiPJU7BRrgD+egfdZ LcfjyAOIuYrsFP6F1qIAZm6AJdcSRyt72J+JDwt8wt/JB42cvJ+M2Va81c4UGw5I HDiL+3LzD6xSqwUZ12IyeapGMYX2jH0KK4csoiF5G1MX/4UlYxeXGG5UjSAfkZ16 w40t -----END CERTIFICATE-----Generated at Sat Sep 16 00:30:27 2023 by rpki-client on console-ams.rpki-client.org