$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/28716f72-e93f-4c3d-a271-5f3613042c49.roa File: 28716f72-e93f-4c3d-a271-5f3613042c49.roa (raw, json) Hash identifier: DYorhmhVohOjuZ+4bvDz0MxXbQ/wGuRyNhTcf/C10yM= Subject key identifier: 45:E8:5D:E5:04:96:AD:0C:B3:43:7A:6F:43:21:40:B6:DE:3B:B4:6D Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 33201B37DE8738B9830FA8017DD94045652C4104 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/28716f72-e93f-4c3d-a271-5f3613042c49.roa Signing time: Fri 22 Mar 2024 00:00:00 +0000 ROA not before: Fri 22 Mar 2024 00:00:00 +0000 ROA not after: Fri 26 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Mar 2024 12:04:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:20:1b:37:de:87:38:b9:83:0f:a8:01:7d:d9:40:45:65:2c:41:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Mar 22 00:00:00 2024 GMT Not After : Apr 26 23:59:59 2024 GMT Subject: serialNumber=6ed4b637dbfff972eb0dfdb2f619c24744ab5dcf962e09df93666c2b8fdaa1ef, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:28:1c:36:3b:e2:91:9d:d6:49:72:88:45:6e: 41:40:94:77:07:45:0b:55:74:eb:9e:11:bc:f1:80: 36:cb:13:1e:e2:19:98:10:bc:16:2f:63:ea:8c:5e: a4:c2:c7:44:5c:02:1b:d7:34:a0:b3:9a:22:e8:3c: cb:51:7a:47:b7:1f:ee:1b:59:01:19:3d:03:6f:97: 19:27:ac:59:68:26:97:dd:61:02:de:a5:2c:74:a7: b0:3e:e6:8b:f1:a6:5a:31:be:9c:e3:be:32:86:f0: cf:65:fb:10:5d:4e:c6:eb:6b:21:8a:d6:64:36:a7: 20:dc:8d:90:a2:b7:92:0d:e1:da:d7:7c:3b:47:7e: 5d:c2:f8:3a:4b:68:0c:3b:93:7c:ef:7d:28:6c:71: 9d:91:67:80:8c:9e:31:0a:7a:89:b2:f8:5e:b6:6d: 8e:21:90:1c:52:8a:7c:21:9d:55:f8:62:08:b5:4d: 29:f1:d8:be:85:d8:77:a0:09:c4:38:06:f0:8b:e5: ec:99:b3:94:a2:64:c6:06:0b:14:bb:a9:ff:0d:01: 36:8a:78:03:07:da:c7:37:5d:76:f2:3c:d1:cb:f9: 67:89:f2:12:59:d0:28:d2:14:7c:3d:01:d7:5b:6f: 17:83:f3:48:86:29:d8:f3:99:55:1b:f5:4b:79:dd: 96:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:E8:5D:E5:04:96:AD:0C:B3:43:7A:6F:43:21:40:B6:DE:3B:B4:6D X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/28716f72-e93f-4c3d-a271-5f3613042c49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 81:b4:aa:5f:43:1f:a6:14:25:cd:e1:5e:b3:20:f0:8b:52:a9: 50:33:0b:aa:e3:25:80:17:a9:1d:ba:2c:fa:60:21:9c:71:40: db:33:7a:99:7b:e8:7c:f0:da:4d:0d:cc:82:c8:b3:f9:bd:cc: 04:54:a8:0c:3a:0c:8f:6f:0f:f1:63:a3:a6:60:75:4c:5c:46: 75:95:60:8a:5f:5d:5a:c8:f4:25:4b:ad:65:fe:60:f5:e6:df: df:a9:81:2f:ae:3f:95:8f:e7:39:b9:21:c8:f3:16:ab:5d:a9: 81:e5:bb:1a:bb:99:a2:bd:9b:50:7d:27:49:1c:8a:ff:13:a7: 29:be:19:31:fe:90:2e:0c:4c:67:da:5f:21:0e:2d:74:54:1e: 37:8b:81:b4:c6:ca:7a:3b:b6:cf:e4:a0:7b:eb:ea:07:11:e9: dd:8c:e0:ba:91:cf:ca:7b:68:3d:5c:d5:b7:c5:86:42:3b:3f: 7a:ab:49:86:2b:f1:99:8d:23:59:c4:73:0d:70:5e:2b:72:20: 72:d4:70:cd:bb:d7:46:ad:3b:d9:4c:63:b3:dd:93:f2:b8:e9: 77:88:ca:dd:44:5b:ee:8b:5c:f8:90:75:03:29:95:6a:7b:a1: c5:df:7a:f1:68:27:ba:57:a0:ff:55:5c:a2:f6:90:a8:55:89: dc:e6:34:86 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUMyAbN96HOLmDD6gBfdlARWUsQQQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDMyMjAwMDAwMFoX DTI0MDQyNjIzNTk1OVowejFJMEcGA1UEBRNANmVkNGI2MzdkYmZmZjk3MmViMGRm ZGIyZjYxOWMyNDc0NGFiNWRjZjk2MmUwOWRmOTM2NjZjMmI4ZmRhYTFlZjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxygcNjvikZ3WSXKIRW5BQJR3B0UL VXTrnhG88YA2yxMe4hmYELwWL2PqjF6kwsdEXAIb1zSgs5oi6DzLUXpHtx/uG1kB GT0Db5cZJ6xZaCaX3WEC3qUsdKewPuaL8aZaMb6c474yhvDPZfsQXU7G62shitZk Nqcg3I2QoreSDeHa13w7R35dwvg6S2gMO5N8730obHGdkWeAjJ4xCnqJsvhetm2O IZAcUop8IZ1V+GIItU0p8di+hdh3oAnEOAbwi+XsmbOUomTGBgsUu6n/DQE2ingD B9rHN1128jzRy/lnifISWdAo0hR8PQHXW28Xg/NIhinY85lVG/VLed2W3wIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFEXoXeUElq0Ms0N6b0MhQLbeO7RtMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzI4NzE2ZjcyLWU5M2YtNGMzZC1hMjcxLTVmMzYxMzA0MmM0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAgbSqX0MfphQlzeFesyDw i1KpUDMLquMlgBepHbos+mAhnHFA2zN6mXvofPDaTQ3Mgsiz+b3MBFSoDDoMj28P 8WOjpmB1TFxGdZVgil9dWsj0JUutZf5g9ebf36mBL64/lY/nObkhyPMWq12pgeW7 GruZor2bUH0nSRyK/xOnKb4ZMf6QLgxMZ9pfIQ4tdFQeN4uBtMbKeju2z+Sge+vq BxHp3YzgupHPyntoPVzVt8WGQjs/eqtJhivxmY0jWcRzDXBeK3IgctRwzbvXRq07 2Uxjs92T8rjpd4jK3URb7otc+JB1AymVanuhxd968Wgnuleg/1VcovaQqFWJ3OY0 hg== -----END CERTIFICATE-----Generated at Fri Mar 29 02:18:29 2024 by rpki-client on console-ams.rpki-client.org