$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa File: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (raw, json) Hash identifier: UbIODB0cDFxC51k9vnqW1HXpUB1gYzEEA1ISNd331ik= Subject key identifier: F7:6E:8F:35:35:4A:2C:F2:C4:72:AD:DF:81:42:AC:A5:03:C1:17:8D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 77B7F20F53AD6B038F4DFB6DA7E237CDFE931D9D Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa Signing time: Tue 12 Mar 2024 00:00:00 +0000 ROA not before: Tue 12 Mar 2024 00:00:00 +0000 ROA not after: Tue 16 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Mar 2024 03:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:b7:f2:0f:53:ad:6b:03:8f:4d:fb:6d:a7:e2:37:cd:fe:93:1d:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Mar 12 00:00:00 2024 GMT Not After : Apr 16 23:59:59 2024 GMT Subject: serialNumber=f728e3245f1e6210e41f7ebc8559546e48d3535874b4cab3e992175c2df7e4bb, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:42:11:ce:6b:0c:be:fd:9e:f7:ab:57:d3:7b: a0:be:04:03:27:14:85:7f:6f:10:24:a1:14:07:e3: b4:49:86:0f:8e:05:b0:37:00:49:e3:24:bc:f8:77: f2:56:68:5b:60:81:e2:76:16:4b:23:e9:e4:2d:9b: 70:6c:cc:f2:08:66:a6:3b:66:d5:65:45:96:14:ee: 92:5d:d7:3f:00:8d:e9:a1:7b:45:e7:bf:72:c5:24: bf:50:12:dd:e1:76:05:af:99:cc:2f:99:14:1f:a3: e5:40:72:8f:a0:0e:8a:6d:60:60:e7:52:26:4d:83: 85:c0:9c:41:08:4c:4c:36:20:54:dd:1a:8a:33:1f: 02:15:30:c9:13:0b:19:49:31:67:04:ee:83:33:18: 89:c2:df:2d:d0:cf:f2:3f:75:b6:ca:a4:be:2a:25: 11:51:cc:7a:31:13:87:2b:90:42:39:43:a3:7c:a0: ea:76:81:52:06:26:3b:51:80:c5:16:77:e7:af:aa: 2e:1d:c0:0c:8e:ef:ad:ed:b4:50:4b:1a:2b:4f:66: fa:28:e8:81:c1:9a:29:ef:45:a3:6d:94:3a:67:5c: b8:3a:94:cf:ba:80:e5:76:37:16:9f:a7:d0:8f:fd: 39:f3:38:78:6e:dd:d8:de:8d:a6:43:69:0c:e0:8f: 3b:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:6E:8F:35:35:4A:2C:F2:C4:72:AD:DF:81:42:AC:A5:03:C1:17:8D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 69:2c:af:29:20:fa:05:38:65:c3:04:55:92:8f:f7:da:88:0d: 84:88:e0:c5:54:f0:c0:c7:29:5a:9a:86:e9:67:76:1f:a8:7d: c3:bd:42:12:df:52:0e:91:b1:b7:c6:61:4b:75:e4:aa:c9:d5: ba:3b:a8:ca:03:93:97:cb:54:1b:82:fa:82:48:71:c9:03:d0: 0c:53:b7:3d:67:b1:ab:19:37:dd:c5:2f:81:c7:31:40:98:55: 65:e4:b2:ad:77:e1:a0:a0:40:17:d5:2f:f2:c7:59:ce:0d:78: 68:40:f0:d6:62:ac:57:f4:5d:d9:4f:91:ca:1c:bd:0f:74:31: 81:62:4c:c4:40:b0:6f:de:90:07:86:58:f5:90:cc:88:50:de: 91:a7:32:78:e0:54:26:76:e0:c6:f5:03:d8:db:db:f4:20:2a: 47:84:32:cd:6f:eb:68:25:52:e1:ae:50:46:ef:84:c0:60:1b: 58:e3:74:9a:15:eb:04:d9:ac:14:f4:ef:87:83:e8:4c:00:e1: 8a:5c:87:49:96:f8:64:85:c5:8c:2a:30:64:20:be:5e:22:a5: 9b:b3:d9:60:a0:33:22:82:a5:21:9f:ff:40:57:dc:1d:37:c9: a6:55:77:27:ed:ac:96:e8:db:ba:81:27:20:e4:6d:bd:1a:9f: ab:b0:37:64 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUd7fyD1OtawOPTfttp+I3zf6THZ0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDMxMjAwMDAwMFoX DTI0MDQxNjIzNTk1OVowejFJMEcGA1UEBRNAZjcyOGUzMjQ1ZjFlNjIxMGU0MWY3 ZWJjODU1OTU0NmU0OGQzNTM1ODc0YjRjYWIzZTk5MjE3NWMyZGY3ZTRiYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUIRzmsMvv2e96tX03ugvgQDJxSF f28QJKEUB+O0SYYPjgWwNwBJ4yS8+HfyVmhbYIHidhZLI+nkLZtwbMzyCGamO2bV ZUWWFO6SXdc/AI3poXtF579yxSS/UBLd4XYFr5nML5kUH6PlQHKPoA6KbWBg51Im TYOFwJxBCExMNiBU3RqKMx8CFTDJEwsZSTFnBO6DMxiJwt8t0M/yP3W2yqS+KiUR Ucx6MROHK5BCOUOjfKDqdoFSBiY7UYDFFnfnr6ouHcAMju+t7bRQSxorT2b6KOiB wZop70WjbZQ6Z1y4OpTPuoDldjcWn6fQj/058zh4bt3Y3o2mQ2kM4I878wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPdujzU1SizyxHKt34FCrKUDwReNMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjZjE3ZTYxLWIwNDktNDM4Yy04YWFmLTJkNDcxNGI1MTg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+kAwDQYJKoZIhvcNAQELBQADggEBAGksrykg+gU4ZcMEVZKP 99qIDYSI4MVU8MDHKVqahulndh+ofcO9QhLfUg6RsbfGYUt15KrJ1bo7qMoDk5fL VBuC+oJIcckD0AxTtz1nsasZN93FL4HHMUCYVWXksq134aCgQBfVL/LHWc4NeGhA 8NZirFf0XdlPkcocvQ90MYFiTMRAsG/ekAeGWPWQzIhQ3pGnMnjgVCZ24Mb1A9jb 2/QgKkeEMs1v62glUuGuUEbvhMBgG1jjdJoV6wTZrBT074eD6EwA4Ypch0mW+GSF xYwqMGQgvl4ipZuz2WCgMyKCpSGf/0BX3B03yaZVdyftrJbo27qBJyDkbb0an6uw N2Q= -----END CERTIFICATE-----Generated at Wed Mar 27 15:59:30 2024 by rpki-client on console-fra.rpki-client.org