$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/f88f0730-b125-42e8-9451-f0a369a3bbc1.roa File: f88f0730-b125-42e8-9451-f0a369a3bbc1.roa (raw, json) Hash identifier: 07OMQLUOBP5BicXOo1WuWVWPL3zTnnyuSjXgyizDi3A= Subject key identifier: AE:6E:80:AF:60:F4:DA:FE:48:AF:CD:C6:A3:96:29:71:71:22:EE:25 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 7657D4FBDB3F33645F02DCEAAFE2A3C2A09FE371 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/f88f0730-b125-42e8-9451-f0a369a3bbc1.roa Signing time: Fri 29 Sep 2023 00:00:00 +0000 ROA not before: Fri 29 Sep 2023 00:00:00 +0000 ROA not after: Fri 03 Nov 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Sep 2023 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:57:d4:fb:db:3f:33:64:5f:02:dc:ea:af:e2:a3:c2:a0:9f:e3:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 29 00:00:00 2023 GMT Not After : Nov 3 23:59:59 2023 GMT Subject: serialNumber=b3ba750ce6ff503495de6d4c938c8961d6ae013a512a356fd6282b0b60c730e7, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:97:07:53:8b:3b:25:a1:b0:2e:b9:f3:ab:96: 24:bb:30:83:17:72:db:9a:74:95:16:4d:cd:8c:20: 15:18:fd:40:1a:48:62:65:ee:ca:45:b8:70:d5:8f: c6:e5:dc:b3:6f:0d:1a:a3:26:d9:f3:ab:36:8b:7b: 6b:7e:67:46:48:bc:d4:c6:a0:7b:84:74:71:5e:ea: f6:6e:3e:14:2f:95:74:93:dc:bc:22:9e:29:1d:28: 41:8b:00:c6:d2:ff:5a:a1:ee:f3:1b:ad:55:d9:0f: 75:f8:b9:7c:69:31:5b:8b:cd:4c:e1:1e:37:f5:96: e2:56:3f:5a:2f:71:2c:a4:84:ea:3e:d6:e1:a0:7d: 3e:00:9b:a8:16:c1:c7:de:30:8f:4b:dc:a2:ba:9d: 9f:dc:1b:0a:24:81:c3:d1:c7:9a:64:c6:9f:17:65: cc:a1:ba:6e:fd:4b:09:29:32:c8:e1:eb:c8:45:92: e9:75:0b:3f:87:e3:35:6c:49:34:c2:ae:64:f8:e9: ed:11:fa:8d:d1:91:90:ca:d2:1f:d4:f4:90:9f:32: 59:94:45:9d:da:1d:0f:bb:ad:e6:62:8a:0e:ec:af: b6:ec:6d:5a:60:54:24:d5:09:9e:4d:10:bf:78:a9: 24:69:52:c6:55:23:37:1e:54:2c:c3:94:7f:41:a3: 95:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:6E:80:AF:60:F4:DA:FE:48:AF:CD:C6:A3:96:29:71:71:22:EE:25 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/f88f0730-b125-42e8-9451-f0a369a3bbc1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300::/32 Signature Algorithm: sha256WithRSAEncryption 40:5e:73:3d:83:06:16:86:7a:c6:64:13:19:c0:17:be:d9:e4: 5b:e1:bc:f6:83:59:10:25:5e:2e:26:43:1c:07:9c:fe:f0:74: 8c:4e:75:2f:a2:96:a8:92:bc:26:da:8c:1a:01:ca:5e:af:8a: 93:32:db:f3:83:96:2e:60:4d:af:ec:8e:04:51:1c:ea:30:af: 8a:75:d7:26:a3:da:ef:28:f9:39:15:c3:bd:20:8b:30:dc:54: 46:bc:f9:b1:a3:74:2e:94:dd:58:23:e8:2d:11:8d:12:67:41: 83:a9:3b:62:a8:83:5a:23:b3:21:9c:d0:b2:a9:e0:07:b7:ba: df:cf:1e:da:cc:f9:e3:e8:30:da:14:26:d8:ad:e2:b5:2e:df: fc:62:d5:69:fa:0c:86:f0:76:4d:5b:0d:01:8c:14:e8:15:ef: 1a:9d:3c:d2:b0:71:9d:2b:e0:b7:7c:bc:7f:b0:b9:bc:9f:eb: fc:4b:ca:52:3a:44:2b:33:e6:4f:12:cc:0a:92:6d:99:51:9f: 20:fd:83:6c:a4:94:81:05:86:11:cf:72:fa:fe:64:0c:36:7f: a9:0d:e6:3f:f2:81:ea:0d:13:13:3c:e9:e4:10:b4:9d:4b:7d: 24:dc:64:91:5e:74:7f:c7:1d:f4:09:22:41:86:15:76:5c:a7: dc:04:35:60 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUdlfU+9s/M2RfAtzqr+KjwqCf43EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkyOTAwMDAwMFoX DTIzMTEwMzIzNTk1OVowejFJMEcGA1UEBRNAYjNiYTc1MGNlNmZmNTAzNDk1ZGU2 ZDRjOTM4Yzg5NjFkNmFlMDEzYTUxMmEzNTZmZDYyODJiMGI2MGM3MzBlNzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5cHU4s7JaGwLrnzq5YkuzCDF3Lb mnSVFk3NjCAVGP1AGkhiZe7KRbhw1Y/G5dyzbw0aoybZ86s2i3trfmdGSLzUxqB7 hHRxXur2bj4UL5V0k9y8Ip4pHShBiwDG0v9aoe7zG61V2Q91+Ll8aTFbi81M4R43 9ZbiVj9aL3EspITqPtbhoH0+AJuoFsHH3jCPS9yiup2f3BsKJIHD0ceaZMafF2XM obpu/UsJKTLI4evIRZLpdQs/h+M1bEk0wq5k+OntEfqN0ZGQytIf1PSQnzJZlEWd 2h0Pu63mYooO7K+27G1aYFQk1QmeTRC/eKkkaVLGVSM3HlQsw5R/QaOV7QIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFK5ugK9g9Nr+SK/NxqOWKXFxIu4lMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2Y4OGYwNzMwLWIxMjUtNDJlOC05NDUxLWYwYTM2OWEzYmJjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAOzADANBgkqhkiG9w0BAQsFAAOCAQEAQF5zPYMGFoZ6xmQTGcAX vtnkW+G89oNZECVeLiZDHAec/vB0jE51L6KWqJK8JtqMGgHKXq+KkzLb84OWLmBN r+yOBFEc6jCvinXXJqPa7yj5ORXDvSCLMNxURrz5saN0LpTdWCPoLRGNEmdBg6k7 YqiDWiOzIZzQsqngB7e6388e2sz54+gw2hQm2K3itS7f/GLVafoMhvB2TVsNAYwU 6BXvGp080rBxnSvgt3y8f7C5vJ/r/EvKUjpEKzPmTxLMCpJtmVGfIP2DbKSUgQWG Ec9y+v5kDDZ/qQ3mP/KB6g0TEzzp5BC0nUt9JNxkkV50f8cd9AkiQYYVdlyn3AQ1 YA== -----END CERTIFICATE-----Generated at Fri Sep 29 00:42:19 2023 by rpki-client on console-ams.rpki-client.org