$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa File: 0ae05889-eb6d-414c-88e9-bc293171f532.roa (raw, json) Hash identifier: WIyYtAo/8cR79nfQwoD9q8Gq0IGEo4nqfaYt4n/o//k= Subject key identifier: 15:F4:54:30:2A:CF:8C:9A:49:1B:67:A1:8E:85:C3:40:78:99:E0:0D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0C42B9C0EFAA690089BA17A4DA143C386FAC3B0B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:42:b9:c0:ef:aa:69:00:89:ba:17:a4:da:14:3c:38:6f:ac:3b:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=93ed00c31dc30cb52dab56f72f9975c04d87cfbbc70e931313ac7a66487e7382, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:3c:a0:38:d5:69:83:33:b5:5b:68:e5:76:85: 10:4d:5b:9f:00:dd:02:1a:16:95:b9:06:b3:d1:e9: 17:1f:4b:1e:1d:ad:78:20:63:bd:af:98:9c:a3:01: 8d:0b:bb:90:2b:a4:28:b1:67:50:e4:35:9d:06:f2: 9b:82:a7:f4:bf:74:62:7c:1a:2a:6e:5e:3a:e5:eb: e8:dd:1f:df:92:5f:92:01:a0:e5:64:9d:b9:c0:d6: c4:cc:8b:c8:62:f8:9e:8e:0c:4f:e0:aa:4d:f5:0e: 1d:f0:d5:27:a9:98:22:82:48:8a:d7:03:dc:0f:d7: 4a:2a:54:00:d8:99:88:45:44:25:4b:3a:23:fd:da: 41:e4:45:44:72:1b:9e:02:ee:ed:02:7b:cd:ff:e9: 08:d1:17:e2:b8:5b:b4:46:c5:ec:bf:da:9b:94:4b: b1:1a:1f:c6:56:05:e0:dc:4b:95:f3:8e:a9:60:ec: d3:c6:46:0b:2b:84:65:ad:66:17:83:c4:61:65:07: 9d:19:19:37:6c:13:bf:52:db:02:62:49:3b:be:3d: a8:52:4a:c0:e1:81:b9:5c:94:65:d7:58:68:9c:cf: ba:08:3b:58:bf:43:16:79:fc:5b:b3:31:87:b1:aa: 7f:d2:6d:24:b7:3d:0a:8e:34:63:23:f4:94:bc:71: f4:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:F4:54:30:2A:CF:8C:9A:49:1B:67:A1:8E:85:C3:40:78:99:E0:0D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:4000::/40 Signature Algorithm: sha256WithRSAEncryption 88:95:11:43:aa:91:dc:c3:6d:5f:7a:19:86:de:cb:96:f3:1e: dd:0d:64:dd:e6:61:11:99:ab:46:10:f3:18:df:6b:fe:bb:b9: 5f:9b:5b:78:fb:b4:5f:79:a0:16:bd:1c:42:93:74:8e:16:62: af:96:86:c5:67:b4:3f:3f:94:66:4e:43:06:73:bf:54:c7:6b: a3:d2:7a:8e:ba:72:8f:22:c5:f5:8d:97:ef:44:d9:89:03:29: 1e:11:73:16:ff:05:8f:4f:8b:76:33:59:2d:41:04:e9:a2:d4: fe:1e:aa:76:14:05:3b:b2:f4:c3:bd:5d:0f:91:e3:cb:e9:f8: 2b:19:db:5a:77:68:a4:b4:64:80:39:88:2a:fe:81:15:39:cc: 21:9d:26:04:d5:be:5f:be:3b:f5:2e:0d:e6:1b:42:cc:f1:d6: b9:0d:ba:93:93:4d:64:aa:d5:d9:66:15:38:bb:b7:8a:80:93: 18:48:ad:7b:fa:71:43:5c:7a:db:19:ac:10:e3:8f:4b:98:62: 2d:6d:8d:9a:ea:24:d4:12:35:eb:2c:c1:87:e3:56:6d:44:1e: 2c:3a:6d:a4:e2:84:11:ad:0a:eb:72:b2:6e:bc:32:c1:b4:36: fe:c1:47:ed:71:e8:d8:23:8a:69:4b:b8:e2:9e:72:4a:be:77: 2f:93:5c:03 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDEK5wO+qaQCJuhek2hQ8OG+sOwswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAOTNlZDAwYzMxZGMzMGNiNTJkYWI1 NmY3MmY5OTc1YzA0ZDg3Y2ZiYmM3MGU5MzEzMTNhYzdhNjY0ODdlNzM4MjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDygONVpgzO1W2jldoUQTVufAN0C GhaVuQaz0ekXH0seHa14IGO9r5icowGNC7uQK6QosWdQ5DWdBvKbgqf0v3RifBoq bl465evo3R/fkl+SAaDlZJ25wNbEzIvIYviejgxP4KpN9Q4d8NUnqZgigkiK1wPc D9dKKlQA2JmIRUQlSzoj/dpB5EVEchueAu7tAnvN/+kI0RfiuFu0RsXsv9qblEux Gh/GVgXg3EuV846pYOzTxkYLK4RlrWYXg8RhZQedGRk3bBO/UtsCYkk7vj2oUkrA 4YG5XJRl11honM+6CDtYv0MWefxbszGHsap/0m0ktz0KjjRjI/SUvHH0SQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBX0VDAqz4yaSRtnoY6Fw0B4meANMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBhZTA1ODg5LWViNmQtNDE0Yy04OGU5LWJjMjkzMTcxZjUzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+UAwDQYJKoZIhvcNAQELBQADggEBAIiVEUOqkdzDbV96GYbe y5bzHt0NZN3mYRGZq0YQ8xjfa/67uV+bW3j7tF95oBa9HEKTdI4WYq+WhsVntD8/ lGZOQwZzv1THa6PSeo66co8ixfWNl+9E2YkDKR4Rcxb/BY9Pi3YzWS1BBOmi1P4e qnYUBTuy9MO9XQ+R48vp+CsZ21p3aKS0ZIA5iCr+gRU5zCGdJgTVvl++O/UuDeYb Qszx1rkNupOTTWSq1dlmFTi7t4qAkxhIrXv6cUNcetsZrBDjj0uYYi1tjZrqJNQS NesswYfjVm1EHiw6baTihBGtCutysm68MsG0Nv7BR+1x6NgjimlLuOKeckq+dy+T XAM= -----END CERTIFICATE-----Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org