$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/28716f72-e93f-4c3d-a271-5f3613042c49.roa File: 28716f72-e93f-4c3d-a271-5f3613042c49.roa (raw, json) Hash identifier: Gn80fARCqHgZvn6EKlRkVt1ilKgZjmPTSg9AgYH6ONs= Subject key identifier: 53:41:2C:A6:63:EB:6C:4E:D1:87:4D:26:14:70:E5:EC:B3:80:05:F6 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 5ECBD88114A9F9E3CA65DE58CDEA9BD53860408A Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/28716f72-e93f-4c3d-a271-5f3613042c49.roa Signing time: Sat 02 Sep 2023 00:00:00 +0000 ROA not before: Sat 02 Sep 2023 00:00:00 +0000 ROA not after: Sat 07 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Sep 2023 12:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:cb:d8:81:14:a9:f9:e3:ca:65:de:58:cd:ea:9b:d5:38:60:40:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Sep 2 00:00:00 2023 GMT Not After : Oct 7 23:59:59 2023 GMT Subject: serialNumber=799d7263438ce02dd0295283d02c7e0b66267db530ca00870ad2b4a9d3da34fc, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:7b:77:f8:5e:26:5a:b7:af:05:33:be:38:7d: 9e:66:a3:a8:6b:2c:66:f1:de:51:42:23:a6:ad:9f: 32:ce:87:cd:b2:ea:27:72:cd:4d:ca:00:a3:13:98: 66:0a:6e:f3:f9:6c:df:e4:4a:c7:f0:3f:bc:c6:3f: 97:e2:e5:61:75:d4:05:67:ce:a6:87:93:cb:86:64: 2d:49:f4:a8:0a:04:ce:bc:a9:ef:d5:0f:7c:23:c7: 9a:13:d8:23:1e:e3:06:df:aa:7c:8a:49:d2:60:e3: c1:df:02:98:f0:1f:89:6a:09:4a:1d:44:bd:05:80: 4b:4e:41:ad:fc:3e:f7:80:71:71:48:4e:77:78:91: b6:e0:b1:9e:f5:d9:a8:e8:fa:d6:8e:81:d4:e1:2b: c6:4f:2a:ea:f9:e4:6e:f0:d6:e7:24:e1:d1:56:8a: 28:19:94:a4:e2:b4:21:8a:90:3e:59:c9:d7:4a:af: a5:a9:fa:36:ae:f8:e7:ca:20:2c:97:8c:66:52:2c: 22:2e:e4:df:48:42:05:eb:7c:f5:e2:bf:74:e0:35: 94:c8:04:07:36:f8:64:58:8c:c3:7a:05:81:f0:98: 74:b9:0b:93:d2:d0:8c:c9:c9:95:74:81:dd:4f:8b: 2e:1a:df:55:3e:10:33:f4:8f:8e:d0:03:b8:15:d9: 49:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:41:2C:A6:63:EB:6C:4E:D1:87:4D:26:14:70:E5:EC:B3:80:05:F6 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/28716f72-e93f-4c3d-a271-5f3613042c49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption f6:12:ef:90:7b:6f:76:6c:57:4f:f9:d1:41:3a:1c:71:ba:79: a9:e7:c5:53:b7:a3:80:62:19:a4:f8:7d:ec:d4:27:12:95:e2: a0:0c:f9:db:42:2c:22:3a:04:f7:cc:68:a4:df:f6:ec:d5:07: f0:35:8a:31:70:9e:31:0c:74:75:57:4d:d8:da:d4:e9:1a:d2: ec:4e:5f:8e:e0:c4:df:de:10:e2:72:4b:2c:f2:22:df:11:0d: 76:26:20:9a:3b:63:b6:7d:cf:7b:fc:e1:3f:37:46:83:0c:92: 86:ab:45:87:40:dc:b5:77:d1:ab:e8:c4:6c:90:45:a2:a9:ba: e7:b3:c5:67:2d:d5:f4:f7:b6:68:79:75:d0:ab:72:4e:96:0a: 3e:52:79:13:e9:45:73:42:7f:ce:05:5b:c5:2e:84:9c:a8:d9: c9:0c:d1:3f:a1:03:95:f5:e9:10:d5:e3:c4:6c:4e:d5:d5:b3: eb:94:1c:39:92:75:35:22:5d:9d:44:6d:ae:a9:15:a4:b3:6c: c1:e8:95:c9:75:4e:95:8c:e5:ec:f8:88:df:f7:d2:c2:29:c0: 6c:a7:78:28:c7:05:c1:2a:f7:1b:00:5c:fe:83:21:b5:c5:3a: 74:b4:46:4e:bf:c7:7e:c1:c7:af:15:61:f0:08:5d:f4:35:5a: 98:18:5c:d4 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUXsvYgRSp+ePKZd5Yzeqb1ThgQIowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTIzMDkwMjAwMDAwMFoX DTIzMTAwNzIzNTk1OVowejFJMEcGA1UEBRNANzk5ZDcyNjM0MzhjZTAyZGQwMjk1 MjgzZDAyYzdlMGI2NjI2N2RiNTMwY2EwMDg3MGFkMmI0YTlkM2RhMzRmYzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3t3+F4mWrevBTO+OH2eZqOoayxm 8d5RQiOmrZ8yzofNsuoncs1NygCjE5hmCm7z+Wzf5ErH8D+8xj+X4uVhddQFZ86m h5PLhmQtSfSoCgTOvKnv1Q98I8eaE9gjHuMG36p8iknSYOPB3wKY8B+JaglKHUS9 BYBLTkGt/D73gHFxSE53eJG24LGe9dmo6PrWjoHU4SvGTyrq+eRu8NbnJOHRVooo GZSk4rQhipA+WcnXSq+lqfo2rvjnyiAsl4xmUiwiLuTfSEIF63z14r904DWUyAQH NvhkWIzDegWB8Jh0uQuT0tCMycmVdIHdT4suGt9VPhAz9I+O0AO4FdlJuwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFFNBLKZj62xO0YdNJhRw5eyzgAX2MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzI4NzE2ZjcyLWU5M2YtNGMzZC1hMjcxLTVmMzYxMzA0MmM0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEA9hLvkHtvdmxXT/nRQToc cbp5qefFU7ejgGIZpPh97NQnEpXioAz520IsIjoE98xopN/27NUH8DWKMXCeMQx0 dVdN2NrU6RrS7E5fjuDE394Q4nJLLPIi3xENdiYgmjtjtn3Pe/zhPzdGgwyShqtF h0DctXfRq+jEbJBFoqm657PFZy3V9Pe2aHl10KtyTpYKPlJ5E+lFc0J/zgVbxS6E nKjZyQzRP6EDlfXpENXjxGxO1dWz65QcOZJ1NSJdnURtrqkVpLNsweiVyXVOlYzl 7PiI3/fSwinAbKd4KMcFwSr3GwBc/oMhtcU6dLRGTr/HfsHHrxVh8Ahd9DVamBhc 1A== -----END CERTIFICATE-----Generated at Sat Sep 2 00:20:14 2023 by rpki-client on console-ams.rpki-client.org