$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa File: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (raw, json) Hash identifier: iqRwWdW/Sy5tZhms8Pffx+m+xOqX74gSN/+58xnhM5U= Subject key identifier: 48:7F:D8:4B:58:D6:3A:41:0F:ED:A9:F9:83:19:9A:5D:F5:E6:DF:D7 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 47CC6BDD45C8AC82D98716C81E9BC3353E644CE4 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa Signing time: Mon 04 Sep 2023 00:00:00 +0000 ROA not before: Mon 04 Sep 2023 00:00:00 +0000 ROA not after: Mon 09 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 Sep 2023 03:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:cc:6b:dd:45:c8:ac:82:d9:87:16:c8:1e:9b:c3:35:3e:64:4c:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Sep 4 00:00:00 2023 GMT Not After : Oct 9 23:59:59 2023 GMT Subject: serialNumber=b7f7ff2d2c80614e841a7c555e18b622fef9394e7cee359d0bacef315c9cd4b5, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:45:e8:3b:ca:0b:e9:78:f1:e3:94:73:26:64: 83:fe:f6:6e:bc:9a:3b:8a:49:d8:5c:0b:7e:bf:f8: 2d:53:10:1f:6e:38:2e:f0:be:11:04:8e:af:e9:62: ec:2e:7f:84:92:ef:f5:67:a3:ab:c6:d7:7e:ce:0b: 23:b0:ae:e1:4e:0b:12:25:a8:64:f9:f7:df:5e:bb: 4e:e6:63:38:e5:34:0a:a0:8c:38:71:fd:d2:9a:27: 0f:da:60:5c:3f:05:b6:c9:ca:6a:f4:57:a1:34:59: 12:21:37:a9:07:70:e5:2d:25:e3:4a:22:e9:21:e1: 34:9c:b8:4d:a6:4b:3e:ee:78:c6:75:be:43:e6:6b: 21:a3:77:97:4b:37:bf:22:4e:65:09:9b:11:31:e9: 56:06:ee:09:e5:c2:fb:1f:65:fe:07:9f:6a:6b:77: 8e:46:3d:f2:4e:16:a6:9b:ff:1f:b4:8b:f6:f0:b3: 0e:4e:70:72:43:1d:38:ea:4e:94:e3:f9:62:25:7c: 3a:56:51:33:cd:41:ea:cc:f7:e7:d5:8f:e4:3c:3f: 2f:03:bc:6f:68:2a:40:a8:86:5c:d2:61:35:1b:30: a5:2e:7d:3b:c4:b5:fe:df:30:41:68:e9:4e:63:29: 7b:a8:a7:9f:6c:e7:27:50:29:af:ee:1d:2d:3d:4e: 45:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:7F:D8:4B:58:D6:3A:41:0F:ED:A9:F9:83:19:9A:5D:F5:E6:DF:D7 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 29:e6:69:12:92:44:21:05:21:29:c9:dc:2e:86:1d:00:16:c3: ce:1a:4a:a1:c9:56:97:32:16:8d:89:47:0d:87:2b:a2:74:6a: 51:df:99:31:30:87:74:69:36:f4:17:66:d4:4b:d8:f4:4b:ff: 92:22:6a:72:93:02:30:5d:db:ff:22:51:49:40:f9:03:25:ed: 10:4d:fc:b6:7c:68:1c:39:1d:50:28:61:38:f8:03:d2:95:0c: c7:f5:18:25:a4:81:b3:38:1b:a7:25:5a:de:f9:4b:09:e4:1b: 92:35:dd:c9:2b:61:6e:dd:5b:ff:34:41:7e:2a:9f:b7:94:07: e2:95:d0:b9:3a:87:4a:17:3f:84:4d:d7:98:83:7d:10:2a:63: 1c:4f:c4:ff:fe:67:b9:ff:bc:66:64:b5:b3:f8:fb:a0:f7:9e: b7:e0:0d:9c:57:55:f7:56:2b:43:40:ef:0c:c8:51:06:94:42: 8a:82:d8:4f:d9:0c:05:f5:cd:ab:69:14:81:45:8b:02:52:6d: ee:28:4b:73:5b:22:f2:41:9e:ba:14:71:06:0d:c5:47:b4:cd: 91:12:16:d7:cb:ba:a4:f1:f9:58:5b:5d:01:20:9e:95:bf:a2: 24:c0:d2:0a:03:84:5f:85:e8:24:e5:00:dd:b9:a2:82:31:ba: 4b:8d:c7:06 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUR8xr3UXIrILZhxbIHpvDNT5kTOQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTIzMDkwNDAwMDAwMFoX DTIzMTAwOTIzNTk1OVowejFJMEcGA1UEBRNAYjdmN2ZmMmQyYzgwNjE0ZTg0MWE3 YzU1NWUxOGI2MjJmZWY5Mzk0ZTdjZWUzNTlkMGJhY2VmMzE1YzljZDRiNTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kXoO8oL6Xjx45RzJmSD/vZuvJo7 iknYXAt+v/gtUxAfbjgu8L4RBI6v6WLsLn+Eku/1Z6Orxtd+zgsjsK7hTgsSJahk +fffXrtO5mM45TQKoIw4cf3SmicP2mBcPwW2ycpq9FehNFkSITepB3DlLSXjSiLp IeE0nLhNpks+7njGdb5D5msho3eXSze/Ik5lCZsRMelWBu4J5cL7H2X+B59qa3eO Rj3yThamm/8ftIv28LMOTnByQx046k6U4/liJXw6VlEzzUHqzPfn1Y/kPD8vA7xv aCpAqIZc0mE1GzClLn07xLX+3zBBaOlOYyl7qKefbOcnUCmv7h0tPU5FLQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEh/2EtY1jpBD+2p+YMZml315t/XMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2ZjZDZhZGFiLTA2ZjAtNDY3Ni05NTY4LTZkNGQ0OGY3NjU4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAp5mkSkkQhBSEpydwu hh0AFsPOGkqhyVaXMhaNiUcNhyuidGpR35kxMId0aTb0F2bUS9j0S/+SImpykwIw Xdv/IlFJQPkDJe0QTfy2fGgcOR1QKGE4+APSlQzH9RglpIGzOBunJVre+UsJ5BuS Nd3JK2Fu3Vv/NEF+Kp+3lAfildC5OodKFz+ETdeYg30QKmMcT8T//me5/7xmZLWz +Pug95634A2cV1X3VitDQO8MyFEGlEKKgthP2QwF9c2raRSBRYsCUm3uKEtzWyLy QZ66FHEGDcVHtM2REhbXy7qk8flYW10BIJ6Vv6IkwNIKA4Rfhegk5QDduaKCMbpL jccG -----END CERTIFICATE-----Generated at Mon Sep 4 15:38:31 2023 by rpki-client on console-fra.rpki-client.org