$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/f88f0730-b125-42e8-9451-f0a369a3bbc1.roa File: f88f0730-b125-42e8-9451-f0a369a3bbc1.roa (raw, json) Hash identifier: zMotzpIfjaDma9hLJxLtr+IIoZsXjBnuuxVPrnIPs+w= Subject key identifier: 8A:4C:F3:5A:A1:B6:DD:7E:59:8D:E3:28:EF:E9:9C:33:61:FB:0A:6B Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 56B5E40ECF27074A5A5C61CE5AC9BFF34F89915C Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/f88f0730-b125-42e8-9451-f0a369a3bbc1.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Apr 2024 00:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:b5:e4:0e:cf:27:07:4a:5a:5c:61:ce:5a:c9:bf:f3:4f:89:91:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=a72599e3cd659e41abd4e7fff42935d588a4965baddd79f14c40d677ac13c7d7, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:6f:00:5c:cd:df:0f:97:0d:51:b5:60:67:30: 57:b3:69:e9:82:97:f9:d8:bd:51:1f:c8:4b:27:1c: 86:d4:80:84:76:8b:88:d1:ca:fc:6b:2b:17:74:e4: 01:1c:fe:26:ff:a1:7f:b4:76:5c:9f:6c:42:16:85: 4d:95:a7:8b:8b:b6:8b:f0:4c:9e:e6:3a:c4:28:04: b2:21:d1:40:56:6a:fd:45:4d:7a:c8:7b:0b:19:da: b8:17:29:40:ea:35:73:e6:93:10:5f:fc:3b:8f:c0: 69:11:a5:42:46:d5:e6:b8:36:81:fe:5b:36:15:1b: 7d:ec:fa:34:63:d2:64:c4:67:a3:b1:03:40:70:c6: 07:c9:28:24:16:96:74:56:f7:f3:7c:1b:02:6a:1e: 78:2c:a9:60:51:aa:6e:c4:ad:fe:75:0e:60:47:b9: cb:2e:70:94:8e:ea:c8:b7:7f:a2:c2:3c:c9:dd:2b: e6:2d:ba:59:9e:5c:24:6d:8d:dc:40:e7:7e:49:66: f2:07:51:4a:6d:9c:da:56:28:d5:0d:86:a2:4f:04: 9c:ba:4d:a4:4d:75:36:c1:ff:3a:c6:aa:84:05:9d: 03:81:34:aa:c0:36:89:e2:43:ad:0b:a1:1c:cc:86: 74:56:4e:f4:32:29:20:c5:8e:af:58:e7:62:b7:b4: 33:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:4C:F3:5A:A1:B6:DD:7E:59:8D:E3:28:EF:E9:9C:33:61:FB:0A:6B X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/f88f0730-b125-42e8-9451-f0a369a3bbc1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300::/32 Signature Algorithm: sha256WithRSAEncryption 83:86:bb:46:36:3f:cf:09:84:c0:c7:b0:82:5b:21:4a:58:3e: 3c:3a:b1:a5:e6:0d:aa:ea:36:7b:02:34:11:0e:b7:91:ec:67: 79:b2:00:00:3a:15:af:5b:da:67:9d:9c:93:a8:51:6a:18:97: 56:f6:77:3e:bf:12:46:b4:e1:2e:dc:e5:1c:6c:87:a2:28:a0: 73:df:00:6c:98:9e:f0:34:cb:0f:0d:31:88:f1:a3:8d:57:2e: f0:b5:9d:75:18:8c:ab:fa:45:88:06:c4:b0:ce:68:f9:49:85: 97:af:0b:d2:3d:fd:7b:a0:48:d4:6f:2f:17:c6:63:db:cd:75: 0b:68:c4:02:ae:d2:0d:9e:20:f2:65:a7:bf:47:b5:c0:cf:d4: 12:ef:a4:f0:a8:46:e2:78:79:db:39:45:a8:df:01:09:56:d7: 4b:80:25:18:35:c2:df:d8:4a:0c:d9:13:24:72:a6:91:92:b7: 2a:fa:44:37:57:44:f2:54:41:6a:48:1e:6c:f6:34:47:4f:e1: 58:c5:90:01:b7:eb:9e:3e:17:35:92:c5:94:f3:64:96:25:23: c0:73:11:77:e4:56:27:0d:5d:be:a6:1d:02:f8:37:bc:a2:ae: e0:f2:42:79:cd:33:21:5c:32:b2:08:71:5e:0a:a0:31:6e:89: 64:26:14:10 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUVrXkDs8nB0paXGHOWsm/80+JkVwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MDQxNzAwMDAwMFoX DTI0MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAYTcyNTk5ZTNjZDY1OWU0MWFiZDRl N2ZmZjQyOTM1ZDU4OGE0OTY1YmFkZGQ3OWYxNGM0MGQ2NzdhYzEzYzdkNzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0m8AXM3fD5cNUbVgZzBXs2npgpf5 2L1RH8hLJxyG1ICEdouI0cr8aysXdOQBHP4m/6F/tHZcn2xCFoVNlaeLi7aL8Eye 5jrEKASyIdFAVmr9RU16yHsLGdq4FylA6jVz5pMQX/w7j8BpEaVCRtXmuDaB/ls2 FRt97Po0Y9JkxGejsQNAcMYHySgkFpZ0VvfzfBsCah54LKlgUapuxK3+dQ5gR7nL LnCUjurIt3+iwjzJ3SvmLbpZnlwkbY3cQOd+SWbyB1FKbZzaVijVDYaiTwScuk2k TXU2wf86xqqEBZ0DgTSqwDaJ4kOtC6EczIZ0Vk70MikgxY6vWOdit7QzmwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFIpM81qhtt1+WY3jKO/pnDNh+wprMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2Y4OGYwNzMwLWIxMjUtNDJlOC05NDUxLWYwYTM2OWEzYmJjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAOzADANBgkqhkiG9w0BAQsFAAOCAQEAg4a7RjY/zwmEwMewglsh Slg+PDqxpeYNquo2ewI0EQ63kexnebIAADoVr1vaZ52ck6hRahiXVvZ3Pr8SRrTh LtzlHGyHoiigc98AbJie8DTLDw0xiPGjjVcu8LWddRiMq/pFiAbEsM5o+UmFl68L 0j39e6BI1G8vF8Zj2811C2jEAq7SDZ4g8mWnv0e1wM/UEu+k8KhG4nh52zlFqN8B CVbXS4AlGDXC39hKDNkTJHKmkZK3KvpEN1dE8lRBakgebPY0R0/hWMWQAbfrnj4X NZLFlPNkliUjwHMRd+RWJw1dvqYdAvg3vKKu4PJCec0zIVwysghxXgqgMW6JZCYU EA== -----END CERTIFICATE-----Generated at Sat Apr 20 01:02:31 2024 by rpki-client on console-fra.rpki-client.org