$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa File: 2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa (raw, json) Hash identifier: EYfRku4wf2pkpFZG8IyyndTLfaq51GSuKg9KUCL6wZA= Subject key identifier: D0:8D:38:A6:76:62:D9:7E:31:AD:34:18:FE:58:EA:0E:1D:CF:C7:28 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3FAF577D780ACC9D1646386568DC15C4F39344F0 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:af:57:7d:78:0a:cc:9d:16:46:38:65:68:dc:15:c4:f3:93:44:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=6f8117441d3f2a5adebb766a892208d00e3afc20021a5072a619a113d9cd3c3e, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:f3:13:0c:97:1d:58:e6:cc:70:bc:d0:c8:49: ac:67:35:c4:a0:da:da:f7:25:4c:49:dc:98:b1:b8: a2:64:04:a4:34:db:a2:ff:11:85:4d:03:52:aa:d7: 45:5c:1e:c3:46:4c:37:b7:cd:ae:50:19:85:d1:ba: ef:0a:8a:3f:3a:88:fa:c6:00:ca:78:6d:43:84:cc: de:fa:d2:55:7f:8b:16:42:7b:48:ee:5c:7f:ca:fb: b6:5c:7d:12:36:ce:f9:fe:8e:cc:bc:48:8a:5c:a2: ce:28:93:21:46:74:25:0d:e0:30:85:d9:90:2f:18: ff:e5:33:1f:04:1f:25:b6:2b:52:11:d0:cb:09:1d: 8e:3c:7b:16:12:a5:da:21:ea:fc:7f:95:ff:52:d9: a5:6a:47:1f:83:a5:f0:22:24:eb:f4:0e:bf:3a:59: 7f:d3:4d:8b:18:f7:14:a6:6b:63:5f:af:fe:68:41: 9d:b7:c7:92:85:67:83:9b:a5:52:16:2a:04:14:46: b4:be:04:53:2e:1a:7c:22:d0:b4:3b:a0:70:d1:29: ec:32:3a:7c:f6:ae:63:48:4c:ec:f9:1e:6d:42:be: c0:aa:c1:c0:78:db:ba:02:40:eb:32:4e:60:17:3a: 06:46:ce:34:a3:c4:5d:41:3c:de:bd:1b:53:d3:f8: 11:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:8D:38:A6:76:62:D9:7E:31:AD:34:18:FE:58:EA:0E:1D:CF:C7:28 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:8000::/40 Signature Algorithm: sha256WithRSAEncryption 9b:c3:fd:d7:0f:fa:2c:8b:59:ff:20:00:53:a1:be:6f:db:5a: 65:35:65:1b:1c:45:a6:b3:f6:20:3b:2f:26:db:26:45:0d:db: 73:cb:0d:12:e5:bb:9f:1a:91:40:e5:d3:b4:6c:bc:e6:9d:5d: bb:a4:4f:e2:5c:3b:5a:6b:9b:03:e4:24:cc:0c:43:a8:ea:a3: f0:e1:75:0c:00:d2:3f:fe:a6:b1:ac:bd:84:07:e2:f6:aa:62: 0b:06:28:48:05:a7:20:a8:e0:d0:ee:b0:e1:9d:e7:81:ad:f4: d8:fc:8a:6f:dd:91:7b:10:6a:28:6f:9a:02:8e:33:ff:d8:6c: 3d:c2:40:60:0a:52:6c:f3:13:5a:ac:1c:25:2d:07:7e:55:b7: c3:84:d2:f5:27:0c:d6:85:02:35:18:33:76:db:f9:51:99:dd: 83:13:33:3b:af:db:cb:50:0a:82:5e:bb:34:dd:7e:8a:b9:92: fa:12:4e:ea:3e:82:64:52:b3:d5:f5:06:e7:57:68:51:2c:eb: 2e:bf:71:85:27:62:b7:cf:6d:50:16:c7:61:32:32:70:f4:17: 98:13:9f:89:e5:b2:af:e0:04:cc:88:07:86:97:d4:13:59:19: 22:64:33:be:15:f9:d1:0f:53:1b:d5:f4:6b:d7:05:ff:52:b0: 52:f4:14:03 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUP69XfXgKzJ0WRjhlaNwVxPOTRPAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNANmY4MTE3NDQxZDNmMmE1YWRlYmI3 NjZhODkyMjA4ZDAwZTNhZmMyMDAyMWE1MDcyYTYxOWExMTNkOWNkM2MzZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPMTDJcdWObMcLzQyEmsZzXEoNra 9yVMSdyYsbiiZASkNNui/xGFTQNSqtdFXB7DRkw3t82uUBmF0brvCoo/Ooj6xgDK eG1DhMze+tJVf4sWQntI7lx/yvu2XH0SNs75/o7MvEiKXKLOKJMhRnQlDeAwhdmQ Lxj/5TMfBB8ltitSEdDLCR2OPHsWEqXaIer8f5X/Utmlakcfg6XwIiTr9A6/Oll/ 002LGPcUpmtjX6/+aEGdt8eShWeDm6VSFioEFEa0vgRTLhp8ItC0O6Bw0SnsMjp8 9q5jSEzs+R5tQr7AqsHAeNu6AkDrMk5gFzoGRs40o8RdQTzevRtT0/gR+QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNCNOKZ2Ytl+Ma00GP5Y6g4dz8coMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIyNDdmMzRmLWU1YjEtNDIzYy1hYzBmLTcxNDJhZDg2YmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+YAwDQYJKoZIhvcNAQELBQADggEBAJvD/dcP+iyLWf8gAFOh vm/bWmU1ZRscRaaz9iA7LybbJkUN23PLDRLlu58akUDl07RsvOadXbukT+JcO1pr mwPkJMwMQ6jqo/DhdQwA0j/+prGsvYQH4vaqYgsGKEgFpyCo4NDusOGd54Gt9Nj8 im/dkXsQaihvmgKOM//YbD3CQGAKUmzzE1qsHCUtB35Vt8OE0vUnDNaFAjUYM3bb +VGZ3YMTMzuv28tQCoJeuzTdfoq5kvoSTuo+gmRSs9X1BudXaFEs6y6/cYUnYrfP bVAWx2EyMnD0F5gTn4nlsq/gBMyIB4aX1BNZGSJkM74V+dEPUxvV9GvXBf9SsFL0 FAM= -----END CERTIFICATE-----Generated at Sat Sep 16 00:16:47 2023 by rpki-client on console-fra.rpki-client.org