$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/41d48512-3b44-4b3e-ba21-6171938cc43c.roa File: 41d48512-3b44-4b3e-ba21-6171938cc43c.roa (raw, json) Hash identifier: FRJx7f20wwOdaR6aaodK17Z5S+USptAKoyhWw77dp30= Subject key identifier: 4F:D4:B0:09:F5:C4:37:D8:F6:5C:69:CB:A8:DB:91:E1:B6:83:F0:8D Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 03EE1094B319D39A1F3C32745B53B2B37C0ED6EF Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/41d48512-3b44-4b3e-ba21-6171938cc43c.roa Signing time: Fri 22 Mar 2024 00:00:00 +0000 ROA not before: Fri 22 Mar 2024 00:00:00 +0000 ROA not after: Fri 26 Apr 2024 23:59:59 +0000 asID: 14618 IP address blocks: 2400:6500::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Mar 2024 12:04:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:ee:10:94:b3:19:d3:9a:1f:3c:32:74:5b:53:b2:b3:7c:0e:d6:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Mar 22 00:00:00 2024 GMT Not After : Apr 26 23:59:59 2024 GMT Subject: serialNumber=53b3dfc1d3552b5ef0f83b951592e157fb5ff62f397b30634abaddc3ec7485ec, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:68:ba:c4:22:5b:f5:09:ab:79:90:59:89:40: f6:4b:ba:e3:77:bd:db:8f:04:5f:47:fa:18:df:15: 5e:c7:37:25:2f:38:6b:42:8c:4e:21:97:77:6b:55: 9e:27:77:ec:fc:e8:e0:4b:10:88:63:85:41:38:49: da:85:36:83:44:e2:7e:d1:30:98:10:3d:97:36:02: c8:13:d4:6e:8d:52:d9:91:62:46:6e:a2:7d:27:df: ed:2b:5e:45:7f:60:aa:9e:77:98:24:89:a8:fb:49: 17:e7:a4:c2:ec:b4:5a:80:f5:e2:52:ca:72:65:87: fa:7a:1e:68:ee:a0:ca:0c:7a:b5:25:b0:a9:5b:3b: 28:e6:aa:76:36:61:4d:57:28:4f:b6:b4:b7:c1:08: a4:cc:0b:ab:25:f8:b4:c4:16:64:29:67:22:75:6c: c4:b7:a8:cb:49:7f:73:2d:cb:db:24:b7:6a:4f:59: 18:38:6a:1b:8e:d4:4a:99:b9:ec:6a:73:3f:c1:80: e9:c9:5b:6f:31:f4:03:1b:df:5a:17:c4:56:e2:e0: 2d:1e:af:d0:5a:3c:8a:f2:81:10:1a:65:87:49:a9: 95:43:c4:b1:fc:22:f4:ef:f6:ef:61:b2:35:84:80: b1:58:ce:d7:d4:ca:98:24:ff:81:56:ab:e4:b2:a6: a7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:D4:B0:09:F5:C4:37:D8:F6:5C:69:CB:A8:DB:91:E1:B6:83:F0:8D X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/41d48512-3b44-4b3e-ba21-6171938cc43c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 37:56:74:1c:8e:da:a9:89:fc:83:c5:20:53:72:17:01:26:22: d7:ad:fd:7d:3e:5a:de:71:a4:a7:22:7e:67:2b:50:7c:91:7c: 88:f1:8f:f8:b9:b0:d8:d8:bf:a9:44:3a:27:c4:bf:14:53:61: 1a:97:6b:31:50:6e:1e:82:0e:34:3f:59:2e:62:3a:26:81:aa: e8:f2:40:91:30:57:6d:84:eb:01:8c:1f:c0:1a:4c:06:b1:fb: 0e:57:02:00:bf:98:f9:9b:26:58:b2:f6:ec:31:f4:c8:85:ca: 1e:23:d3:9c:50:4d:2e:14:05:d8:f1:fc:7b:d1:51:71:40:e1: 95:29:b6:4d:9a:0a:0a:4a:3f:07:6e:9c:7f:8b:e8:fd:ab:22: 93:d8:e3:c7:1b:fc:74:5b:5a:f1:92:b7:39:ca:a3:38:9a:9e: 55:c9:38:36:6c:de:b6:c4:a2:3b:7e:57:01:6f:0e:b7:2a:92: 03:8e:23:51:f4:ea:34:e3:6d:8e:5d:bd:93:55:b2:01:ca:30: a3:a4:49:47:2a:da:63:10:76:c1:79:30:9c:c1:b9:c3:15:82: e9:60:7e:cb:18:01:9d:d7:fa:c9:e0:b4:2a:7d:26:1b:23:3b: 56:17:e6:be:d5:ae:3f:0b:98:77:00:9a:18:b0:dc:80:d1:df: 74:63:fd:ba -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUA+4QlLMZ05ofPDJ0W1Oys3wO1u8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDMyMjAwMDAwMFoX DTI0MDQyNjIzNTk1OVowejFJMEcGA1UEBRNANTNiM2RmYzFkMzU1MmI1ZWYwZjgz Yjk1MTU5MmUxNTdmYjVmZjYyZjM5N2IzMDYzNGFiYWRkYzNlYzc0ODVlYzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2i6xCJb9QmreZBZiUD2S7rjd73b jwRfR/oY3xVexzclLzhrQoxOIZd3a1WeJ3fs/OjgSxCIY4VBOEnahTaDROJ+0TCY ED2XNgLIE9RujVLZkWJGbqJ9J9/tK15Ff2CqnneYJImo+0kX56TC7LRagPXiUspy ZYf6eh5o7qDKDHq1JbCpWzso5qp2NmFNVyhPtrS3wQikzAurJfi0xBZkKWcidWzE t6jLSX9zLcvbJLdqT1kYOGobjtRKmbnsanM/wYDpyVtvMfQDG99aF8RW4uAtHq/Q WjyK8oEQGmWHSamVQ8Sx/CL07/bvYbI1hICxWM7X1MqYJP+BVqvksqanzQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFE/UsAn1xDfY9lxpy6jbkeG2g/CNMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzQxZDQ4NTEyLTNiNDQtNGIzZS1iYTIxLTYxNzE5MzhjYzQzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAN1Z0HI7aqYn8g8UgU3IX ASYi1639fT5a3nGkpyJ+ZytQfJF8iPGP+Lmw2Ni/qUQ6J8S/FFNhGpdrMVBuHoIO ND9ZLmI6JoGq6PJAkTBXbYTrAYwfwBpMBrH7DlcCAL+Y+ZsmWLL27DH0yIXKHiPT nFBNLhQF2PH8e9FRcUDhlSm2TZoKCko/B26cf4vo/asik9jjxxv8dFta8ZK3Ocqj OJqeVck4NmzetsSiO35XAW8OtyqSA44jUfTqNONtjl29k1WyAcowo6RJRyraYxB2 wXkwnMG5wxWC6WB+yxgBndf6yeC0Kn0mGyM7VhfmvtWuPwuYdwCaGLDcgNHfdGP9 ug== -----END CERTIFICATE-----Generated at Fri Mar 29 02:38:21 2024 by rpki-client on console-fra.rpki-client.org