$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: TOEckmDnoNYiWwWI6PuJC6redjdg+MxYNzLoZ/C0a4Y= Subject key identifier: 51:C7:40:CA:AC:64:26:47:F9:98:77:1D:D7:23:58:35:D1:6D:FB:6D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 31EF2815C7761763063D1E9FBE1A532EAFB6E4B8 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Tue 12 Mar 2024 00:00:00 +0000 ROA not before: Tue 12 Mar 2024 00:00:00 +0000 ROA not after: Tue 16 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Mar 2024 03:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:ef:28:15:c7:76:17:63:06:3d:1e:9f:be:1a:53:2e:af:b6:e4:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Mar 12 00:00:00 2024 GMT Not After : Apr 16 23:59:59 2024 GMT Subject: serialNumber=a02493fe74633c61358d3b70170875544c960a2781c772b96e6313715b61bb17, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:4d:1f:43:d3:fd:c0:7d:fa:50:93:31:ec:41: c8:6b:7a:0f:c0:1d:99:dd:3c:92:33:4e:f9:93:02: 72:2a:22:ee:b8:74:ec:46:7c:c6:91:53:f6:2a:38: bb:a8:3a:50:70:73:7a:1c:ad:2a:7b:6f:59:29:4a: 43:f0:15:4a:fd:35:4c:66:de:05:de:79:b0:30:8b: ae:1a:10:8e:dc:c0:c3:70:24:28:e9:c2:7d:3f:e0: fc:6b:e0:b6:5c:a7:b7:68:d0:e8:53:88:7c:c5:30: 39:53:8e:27:fc:fd:ac:d1:43:0d:f8:70:dc:c4:c5: bd:39:6d:f6:8e:f1:88:6a:90:e9:83:c3:fe:55:80: 7f:11:f6:c1:5c:e5:bf:b2:dc:f7:83:5f:5e:3a:8c: fd:c2:20:b2:ce:42:a0:d5:91:28:60:3f:c2:89:85: aa:b6:9f:20:08:cc:56:e2:e4:7e:d1:65:e4:4c:a6: e5:f3:62:ac:22:93:f1:2f:b7:01:fe:ed:2f:cc:70: 4a:41:17:af:b8:eb:c5:6d:76:e6:55:31:e9:72:d3: b8:e4:08:e6:08:a6:6d:f5:67:89:45:5c:1f:51:bc: 97:59:cf:d8:27:cc:0f:57:a0:dd:29:12:a2:43:06: 85:0b:9a:d4:df:a4:e3:57:bc:75:80:2f:06:ea:8a: 16:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:C7:40:CA:AC:64:26:47:F9:98:77:1D:D7:23:58:35:D1:6D:FB:6D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption 07:87:94:17:41:8b:36:ba:28:8a:6e:99:ec:aa:c6:60:ce:50: 30:22:73:29:9a:8f:1b:d4:0b:26:9b:63:9a:eb:c8:bf:c4:58: 13:80:1c:c2:29:aa:2b:d5:ac:7f:bc:e9:d8:5b:20:8d:bf:7f: 9e:a3:31:c3:41:78:07:ca:b3:ae:2b:c6:66:8b:00:93:2c:57: e1:b3:7d:9a:6b:0f:68:19:59:cc:75:d8:13:40:28:d8:93:3c: fc:62:81:4c:87:a5:64:04:85:c0:ac:4f:bb:25:cb:d8:c3:3e: ef:e4:be:36:13:43:e5:5b:d8:93:6b:a0:db:fc:8d:0e:f8:ef: 48:39:f6:d1:cb:6a:5c:61:8a:0f:9a:4c:c8:a2:78:ce:7c:50: 5f:1e:a9:a2:6a:98:4e:5c:7c:55:c4:95:6b:c4:ee:7d:42:2e: 1e:e9:7c:6c:36:9f:8c:88:ff:9c:b9:8d:4f:e5:57:82:2a:ae: ef:62:41:2c:06:70:6e:d0:ec:b1:70:86:16:7a:f9:70:80:12: 00:bd:cb:2d:5c:c7:ad:bd:40:4f:95:25:27:6c:3f:44:b7:85: 62:dd:bb:b7:d5:e7:82:45:66:c0:b5:a6:66:8f:b8:d0:f1:7a: bc:28:89:6e:6e:72:cc:e0:23:f7:7d:15:c0:a8:c5:66:89:6a: 36:fb:1f:28 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMe8oFcd2F2MGPR6fvhpTLq+25LgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDMxMjAwMDAwMFoX DTI0MDQxNjIzNTk1OVowejFJMEcGA1UEBRNAYTAyNDkzZmU3NDYzM2M2MTM1OGQz YjcwMTcwODc1NTQ0Yzk2MGEyNzgxYzc3MmI5NmU2MzEzNzE1YjYxYmIxNzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk0fQ9P9wH36UJMx7EHIa3oPwB2Z 3TySM075kwJyKiLuuHTsRnzGkVP2Kji7qDpQcHN6HK0qe29ZKUpD8BVK/TVMZt4F 3nmwMIuuGhCO3MDDcCQo6cJ9P+D8a+C2XKe3aNDoU4h8xTA5U44n/P2s0UMN+HDc xMW9OW32jvGIapDpg8P+VYB/EfbBXOW/stz3g19eOoz9wiCyzkKg1ZEoYD/CiYWq tp8gCMxW4uR+0WXkTKbl82KsIpPxL7cB/u0vzHBKQRevuOvFbXbmVTHpctO45Ajm CKZt9WeJRVwfUbyXWc/YJ8wPV6DdKRKiQwaFC5rU36TjV7x1gC8G6ooWjwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFHHQMqsZCZH+Zh3HdcjWDXRbfttMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBAAeHlBdBiza6KIpumeyq xmDOUDAicymajxvUCyabY5rryL/EWBOAHMIpqivVrH+86dhbII2/f56jMcNBeAfK s64rxmaLAJMsV+GzfZprD2gZWcx12BNAKNiTPPxigUyHpWQEhcCsT7sly9jDPu/k vjYTQ+Vb2JNroNv8jQ7470g59tHLalxhig+aTMiieM58UF8eqaJqmE5cfFXElWvE 7n1CLh7pfGw2n4yI/5y5jU/lV4Iqru9iQSwGcG7Q7LFwhhZ6+XCAEgC9yy1cx629 QE+VJSdsP0S3hWLdu7fV54JFZsC1pmaPuNDxerwoiW5ucszgI/d9FcCoxWaJajb7 Hyg= -----END CERTIFICATE-----Generated at Thu Mar 28 16:07:34 2024 by rpki-client on console-ams.rpki-client.org