$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa File: 57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa (raw, json) Hash identifier: LMPhSXnnUn1MPw1jJqZbkP8462vI6GV+W41npl9bk0w= Subject key identifier: 1E:A8:A1:DD:A4:8D:C9:34:FF:81:14:8B:C5:1B:52:20:0D:8F:CA:71 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 456A0B720E831557D75B953979506A5EB7FDC8B5 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:6a:0b:72:0e:83:15:57:d7:5b:95:39:79:50:6a:5e:b7:fd:c8:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=91ddf1e35ab58db1af93a4514ee52e53e721fb775260862d1c29b5b30649807d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:7e:1b:58:2a:0e:94:de:81:a4:23:3a:4c:4f: 2e:0b:d5:23:86:4a:fb:09:0c:c0:25:67:f4:5e:7a: c1:c0:d0:f4:19:51:56:0a:c4:59:d9:2f:9b:4f:b3: 81:b7:97:c3:36:ca:85:22:84:1a:6e:61:bf:5b:53: ab:60:20:ba:58:ee:63:c5:96:67:6f:0f:9f:44:79: d5:7f:4e:3f:4c:d4:23:c9:70:67:77:b0:1a:15:07: 47:25:f0:de:6e:5e:1f:d8:2e:72:22:80:57:a8:2a: 81:e2:29:68:de:c3:37:21:39:cf:24:21:4a:8e:80: 90:99:91:5d:39:1c:ac:ac:c7:cd:c6:b1:e0:89:36: 0c:f7:81:73:44:a1:50:ce:4d:3d:be:a6:48:3c:3b: b8:1b:45:86:82:ab:2c:11:1c:41:8c:c9:87:52:78: d2:db:ac:6f:e1:79:a0:9f:af:de:1a:57:d9:d2:cc: ca:41:e4:1f:7d:01:06:e6:37:cd:fc:30:ce:39:78: b8:d7:6b:58:74:08:4b:d0:20:05:13:5a:00:ba:36: 6a:55:27:10:61:ed:da:2d:ca:e7:fc:3d:87:81:12: 94:38:cf:df:1f:4c:b3:0d:62:bc:49:9e:ea:c2:fa: 34:ee:a8:3d:71:da:1c:ae:59:57:2e:29:39:53:fe: 82:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:A8:A1:DD:A4:8D:C9:34:FF:81:14:8B:C5:1B:52:20:0D:8F:CA:71 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:8000::/40 Signature Algorithm: sha256WithRSAEncryption b6:d9:c7:38:56:0e:03:e1:7b:ad:7c:2a:88:0b:13:59:c1:ac: 0b:ff:08:eb:32:b9:f6:dd:05:1f:85:36:75:09:0e:50:c3:c1: 56:37:76:4d:bf:66:6d:e1:06:4a:49:c2:38:0f:7b:78:6a:a9: a5:a3:e6:9d:97:12:b1:43:99:5c:10:b0:a6:ce:4f:38:f0:d2: 0b:05:9d:a2:2b:e4:a1:41:6e:23:1e:56:3b:3e:b2:50:c8:70: 78:2f:df:05:a9:c3:17:70:17:69:a7:25:58:69:c8:02:61:72: 17:e5:fc:ab:34:b6:fe:ed:60:01:44:de:29:ce:83:37:89:1c: 51:45:52:32:f6:90:b4:02:af:b2:5f:41:bd:93:b8:fa:69:d8: 15:3d:19:43:aa:ad:0c:6a:b3:e2:32:04:5c:d2:2c:6c:d5:0f: 80:27:79:45:4d:ea:d9:01:84:b4:99:94:fc:54:65:c2:ce:36: 4e:bb:1e:aa:3f:2a:d4:cf:88:cd:08:f7:7e:99:03:20:23:73: 61:91:aa:80:ef:d1:04:5e:5c:7d:6b:3f:b2:ef:05:4e:72:d0: ce:97:a0:3c:1a:b1:61:ae:44:a7:f9:24:08:8a:05:76:41:63: 63:db:23:ff:9a:13:56:d0:86:34:89:c0:de:37:b2:ab:ab:cf: bf:86:36:81 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURWoLcg6DFVfXW5U5eVBqXrf9yLUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAOTFkZGYxZTM1YWI1OGRiMWFmOTNh NDUxNGVlNTJlNTNlNzIxZmI3NzUyNjA4NjJkMWMyOWI1YjMwNjQ5ODA3ZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX4bWCoOlN6BpCM6TE8uC9Ujhkr7 CQzAJWf0XnrBwND0GVFWCsRZ2S+bT7OBt5fDNsqFIoQabmG/W1OrYCC6WO5jxZZn bw+fRHnVf04/TNQjyXBnd7AaFQdHJfDebl4f2C5yIoBXqCqB4ilo3sM3ITnPJCFK joCQmZFdORysrMfNxrHgiTYM94FzRKFQzk09vqZIPDu4G0WGgqssERxBjMmHUnjS 26xv4Xmgn6/eGlfZ0szKQeQffQEG5jfN/DDOOXi412tYdAhL0CAFE1oAujZqVScQ Ye3aLcrn/D2HgRKUOM/fH0yzDWK8SZ7qwvo07qg9cdocrllXLik5U/6ClwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB6ood2kjck0/4EUi8UbUiANj8pxMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU3Zjg0MzNjLWYxNjItNGIxMC04NTI3LWZiZjdjZGJiNmFhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+IAwDQYJKoZIhvcNAQELBQADggEBALbZxzhWDgPhe618KogL E1nBrAv/COsyufbdBR+FNnUJDlDDwVY3dk2/Zm3hBkpJwjgPe3hqqaWj5p2XErFD mVwQsKbOTzjw0gsFnaIr5KFBbiMeVjs+slDIcHgv3wWpwxdwF2mnJVhpyAJhchfl /Ks0tv7tYAFE3inOgzeJHFFFUjL2kLQCr7JfQb2TuPpp2BU9GUOqrQxqs+IyBFzS LGzVD4AneUVN6tkBhLSZlPxUZcLONk67Hqo/KtTPiM0I936ZAyAjc2GRqoDv0QRe XH1rP7LvBU5y0M6XoDwasWGuRKf5JAiKBXZBY2PbI/+aE1bQhjSJwN43squrz7+G NoE= -----END CERTIFICATE-----Generated at Sat Sep 16 00:30:27 2023 by rpki-client on console-ams.rpki-client.org