$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa File: 0ae05889-eb6d-414c-88e9-bc293171f532.roa (raw, json) Hash identifier: 25WbOL6pSeiwZfsMEH4jJiQjth3pVuWf9P9QfR5C8fs= Subject key identifier: 89:E2:E8:34:10:86:29:40:9D:9F:3F:BA:3E:6E:D2:E0:E9:4A:20:C5 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 18D2D13701C90438DD8D3E90F7700317B2ECDD7E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Apr 2024 00:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:d2:d1:37:01:c9:04:38:dd:8d:3e:90:f7:70:03:17:b2:ec:dd:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=1813268797a1b470f676d34aa2c2b3a84e086d9204eb4675b2b0a7ac9782725c, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0f:72:86:e2:04:a4:20:97:8e:f2:c9:d7:83: b0:d0:93:2a:c7:f0:0e:88:f0:e1:d4:76:87:0a:51: af:85:e0:af:36:4c:e4:53:ce:5c:72:f1:e2:7c:3f: b8:e5:35:88:e1:31:8a:0c:29:13:c8:41:1e:60:e9: f5:97:74:7a:2e:9f:ed:fe:d7:25:c5:99:9e:02:54: 46:19:e0:6c:6e:f1:82:58:41:61:fb:fa:cf:89:52: 24:61:a8:0d:a5:1d:ca:50:dd:73:fa:ab:a5:9a:73: 37:52:bf:45:74:59:93:1d:45:0a:d4:b3:7b:16:9f: 68:85:13:46:14:4b:74:ff:0b:90:c9:34:9f:05:34: f2:ff:52:47:f1:c8:fd:a9:a3:e7:10:8a:a4:77:aa: c3:ef:51:2d:9f:ac:7f:ba:8b:d5:d2:a7:44:37:c7: 41:95:0c:e6:ba:4b:79:6f:6c:44:5e:80:bd:b0:07: 4d:fa:18:85:9f:8b:03:46:32:eb:ad:bd:de:f4:9b: f9:51:7d:6e:8d:90:d9:d8:ae:d9:4f:ac:68:6a:23: 4c:dd:4e:89:46:1a:5a:37:e5:08:94:2b:e0:bf:d6: 27:f2:bd:73:7e:ce:ec:68:37:a7:77:dc:b5:0a:fb: 94:7b:ed:f9:a5:7d:b5:fe:c8:3b:27:6a:e9:58:34: ce:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E2:E8:34:10:86:29:40:9D:9F:3F:BA:3E:6E:D2:E0:E9:4A:20:C5 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:4000::/40 Signature Algorithm: sha256WithRSAEncryption 6a:91:a1:1e:0a:92:70:63:e9:f4:df:2f:e8:44:7a:07:b4:b4: 6a:66:57:28:07:29:60:fa:f4:ca:94:b5:6d:1e:64:20:25:d0: 80:5f:04:c7:ee:40:4e:25:2e:c0:9a:c5:95:3e:e4:63:ef:5a: 41:6c:7a:b5:cb:14:4b:ce:c8:82:0d:75:c6:b4:de:91:38:cd: 7a:b0:a1:ee:0a:eb:ea:93:f7:59:9c:e3:70:ab:a5:a0:77:95: 5d:c6:9c:a0:60:38:c6:01:f3:14:ee:1a:27:bf:87:da:0a:b4: cf:62:a1:b7:8b:62:91:f9:55:f7:3a:52:ea:46:d9:5b:c3:c9: c2:d7:57:d0:7b:9f:84:a2:39:73:22:17:f7:c5:87:cc:87:46: 44:34:11:f1:d0:14:4b:76:a8:d8:af:c3:00:b6:58:f7:c0:91: 2b:a8:6a:8c:a4:3a:89:46:ff:44:10:30:e5:0b:54:7b:9e:c3: 39:fe:84:c8:57:ca:d0:95:0b:e8:29:6f:0d:92:37:bf:80:50: ca:ea:cd:bf:3a:31:47:25:3b:df:bb:92:f8:21:9a:db:ff:8a: bd:e1:09:4d:55:70:54:ec:df:46:66:b9:f7:4a:b6:a8:87:87: 6c:5a:f8:1f:97:03:11:fe:52:69:a9:b4:94:8b:f1:68:b2:7a: f1:2e:2f:e9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGNLRNwHJBDjdjT6Q93ADF7Ls3X4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMTgxMzI2ODc5N2ExYjQ3MGY2NzZk MzRhYTJjMmIzYTg0ZTA4NmQ5MjA0ZWI0Njc1YjJiMGE3YWM5NzgyNzI1YzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg9yhuIEpCCXjvLJ14Ow0JMqx/AO iPDh1HaHClGvheCvNkzkU85ccvHifD+45TWI4TGKDCkTyEEeYOn1l3R6Lp/t/tcl xZmeAlRGGeBsbvGCWEFh+/rPiVIkYagNpR3KUN1z+qulmnM3Ur9FdFmTHUUK1LN7 Fp9ohRNGFEt0/wuQyTSfBTTy/1JH8cj9qaPnEIqkd6rD71Etn6x/uovV0qdEN8dB lQzmukt5b2xEXoC9sAdN+hiFn4sDRjLrrb3e9Jv5UX1ujZDZ2K7ZT6xoaiNM3U6J RhpaN+UIlCvgv9Yn8r1zfs7saDend9y1CvuUe+35pX21/sg7J2rpWDTO5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIni6DQQhilAnZ8/uj5u0uDpSiDFMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBhZTA1ODg5LWViNmQtNDE0Yy04OGU5LWJjMjkzMTcxZjUzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+UAwDQYJKoZIhvcNAQELBQADggEBAGqRoR4KknBj6fTfL+hE ege0tGpmVygHKWD69MqUtW0eZCAl0IBfBMfuQE4lLsCaxZU+5GPvWkFserXLFEvO yIINdca03pE4zXqwoe4K6+qT91mc43CrpaB3lV3GnKBgOMYB8xTuGie/h9oKtM9i obeLYpH5Vfc6UupG2VvDycLXV9B7n4SiOXMiF/fFh8yHRkQ0EfHQFEt2qNivwwC2 WPfAkSuoaoykOolG/0QQMOULVHuewzn+hMhXytCVC+gpbw2SN7+AUMrqzb86MUcl O9+7kvghmtv/ir3hCU1VcFTs30ZmufdKtqiHh2xa+B+XAxH+UmmptJSL8WiyevEu L+k= -----END CERTIFICATE-----Generated at Thu Apr 18 00:59:33 2024 by rpki-client on console-ams.rpki-client.org