$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa File: 3537691c-1a10-4699-a8a0-4cec50a35534.roa (raw, json) Hash identifier: VvNZxaa+1dtp9DjU31252dtyoGibT9WcWo2R1chOTyM= Subject key identifier: 7A:A4:05:17:C5:58:12:23:86:E2:DC:27:BA:62:DF:A3:DF:86:20:33 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5A61539B18350172B62610257FF8903D70621FC3 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Apr 2024 00:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:61:53:9b:18:35:01:72:b6:26:10:25:7f:f8:90:3d:70:62:1f:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=df0f9ed7faaa14976482ba13a7bb24f404be9dcfc61bac94d308300346c883e0, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:b1:62:1b:88:bf:84:0f:03:3c:a8:64:78:32: c3:7b:be:4b:b7:84:0a:5f:cc:32:f4:e6:6a:41:5f: a5:8e:45:83:0d:6e:87:c0:96:d1:6e:86:cc:24:6e: 2f:aa:28:b7:72:02:cb:80:db:fd:4c:4b:0c:7d:75: 9f:39:e6:f9:33:a2:06:cd:37:3a:53:8f:2c:d2:74: 32:e2:9b:76:0a:d9:d6:f2:c2:29:63:f8:d4:5a:9b: 71:0d:6f:39:9b:12:80:b5:b5:33:de:fd:45:62:66: 51:6d:11:4a:9a:93:f0:b0:a2:dd:8b:18:8c:78:b7: 76:81:80:5c:ca:53:e4:8c:04:14:b5:68:ef:f4:38: a9:6c:dc:9f:bf:a2:88:e4:2d:23:f3:bd:58:04:07: 45:71:c4:a6:ed:e6:c2:cd:b2:8e:a5:a0:af:e3:84: 64:ce:02:75:3b:6f:c1:31:0f:5d:8a:59:00:68:54: 5f:bb:ce:5f:45:11:3a:4d:7c:8b:d8:1a:41:a5:be: 3b:f6:81:bd:af:de:a1:d2:20:09:fd:bc:65:d3:51: a6:cd:f2:0e:40:8f:63:a1:b8:c3:a3:ff:1c:5f:6b: 9c:bf:5b:f7:9e:aa:c8:8a:63:63:4c:48:56:e1:50: 6c:d9:5a:a3:75:2d:11:6c:b1:a7:95:3b:34:d3:32: 07:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:A4:05:17:C5:58:12:23:86:E2:DC:27:BA:62:DF:A3:DF:86:20:33 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:8000::/40 Signature Algorithm: sha256WithRSAEncryption 89:f8:17:d1:3d:e6:a2:e7:88:1a:11:47:de:cd:40:4e:86:22: 80:1f:dd:ec:b7:0d:4b:18:62:c4:34:05:f6:cd:03:9e:57:0a: 09:ae:90:bd:3e:c0:36:60:44:65:c0:58:f5:ec:fd:06:be:00: f2:9a:f5:7a:61:53:7c:07:b7:e8:54:5a:f7:10:18:e5:2d:12: ea:1e:35:6d:6d:ae:22:d0:5a:4f:41:25:c8:fc:fc:33:00:25: e7:28:a0:07:4d:a7:ec:99:37:fd:94:81:56:cf:b4:66:c4:03: cc:df:dd:57:75:e1:03:f7:e6:d8:5b:0d:f0:d1:b3:58:2a:43: 2d:c4:47:b9:d5:6f:b8:2e:81:f7:83:2a:6b:5e:a4:6f:9e:23: 97:fc:cf:fb:b1:96:cc:f4:58:d7:11:8e:b0:ea:a4:ab:55:2d: 5f:5a:de:b6:1a:ea:e9:57:d8:cf:cb:db:c5:00:ac:78:0f:d7: 00:c4:7c:64:78:52:36:84:9e:3b:d3:61:44:e1:82:14:88:5c: 68:ab:12:68:c4:df:04:2f:17:ac:8e:54:88:b1:40:8c:d7:5c: 85:7e:2c:0c:db:ae:e8:9e:3a:55:77:5c:6e:41:66:c5:cf:99: 93:84:12:74:81:ad:dc:81:68:e7:3d:a6:82:df:63:21:14:4a: f8:ec:74:06 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWmFTmxg1AXK2JhAlf/iQPXBiH8MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAZGYwZjllZDdmYWFhMTQ5NzY0ODJi YTEzYTdiYjI0ZjQwNGJlOWRjZmM2MWJhYzk0ZDMwODMwMDM0NmM4ODNlMDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7FiG4i/hA8DPKhkeDLDe75Lt4QK X8wy9OZqQV+ljkWDDW6HwJbRbobMJG4vqii3cgLLgNv9TEsMfXWfOeb5M6IGzTc6 U48s0nQy4pt2CtnW8sIpY/jUWptxDW85mxKAtbUz3v1FYmZRbRFKmpPwsKLdixiM eLd2gYBcylPkjAQUtWjv9DipbNyfv6KI5C0j871YBAdFccSm7ebCzbKOpaCv44Rk zgJ1O2/BMQ9dilkAaFRfu85fRRE6TXyL2BpBpb479oG9r96h0iAJ/bxl01GmzfIO QI9jobjDo/8cX2ucv1v3nqrIimNjTEhW4VBs2VqjdS0RbLGnlTs00zIHKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHqkBRfFWBIjhuLcJ7pi36PfhiAzMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1Mzc2OTFjLTFhMTAtNDY5OS1hOGEwLTRjZWM1MGEzNTUzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+oAwDQYJKoZIhvcNAQELBQADggEBAIn4F9E95qLniBoRR97N QE6GIoAf3ey3DUsYYsQ0BfbNA55XCgmukL0+wDZgRGXAWPXs/Qa+APKa9XphU3wH t+hUWvcQGOUtEuoeNW1triLQWk9BJcj8/DMAJecooAdNp+yZN/2UgVbPtGbEA8zf 3Vd14QP35thbDfDRs1gqQy3ER7nVb7gugfeDKmtepG+eI5f8z/uxlsz0WNcRjrDq pKtVLV9a3rYa6ulX2M/L28UArHgP1wDEfGR4UjaEnjvTYUThghSIXGirEmjE3wQv F6yOVIixQIzXXIV+LAzbruieOlV3XG5BZsXPmZOEEnSBrdyBaOc9poLfYyEUSvjs dAY= -----END CERTIFICATE-----Generated at Sat Apr 20 01:09:32 2024 by rpki-client on console-ams.rpki-client.org