$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa File: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (raw, json) Hash identifier: 8XHAnQ7kt9wsqQT1SVx+5OewFGJn+0TrifQwUpn77Ls= Subject key identifier: 3C:37:CB:C9:5B:A9:C5:DB:E6:BE:AA:68:87:85:39:BB:C0:AE:6B:24 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4BE423712108ADEE5564A26CBF28E6FE4ABF9D04 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:e4:23:71:21:08:ad:ee:55:64:a2:6c:bf:28:e6:fe:4a:bf:9d:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=eb3b2562062b92638dd0d10bde4ab6d7e5fd0c24e62bd23e328e3c31c440fc04, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:5b:37:18:80:f6:5c:2b:12:b5:c8:65:33:06: 50:bd:46:c9:ed:62:4b:f1:3b:26:65:f6:58:4f:c5: 3b:3d:ea:20:81:ad:49:ab:ca:7d:90:82:39:b2:fe: 72:f5:ad:c3:51:96:59:9e:57:1a:d4:3c:ef:8e:be: 77:f5:53:65:b6:81:48:99:3f:86:bf:e1:ac:c3:b8: da:33:74:33:9f:55:aa:3d:fd:1c:e5:fb:57:03:6f: ca:1b:32:07:95:9d:44:fd:e0:73:b4:81:30:1d:99: 6d:ba:86:79:d6:ed:af:09:39:ae:d4:00:e3:18:e3: 96:9b:08:41:f4:5e:3d:e5:15:df:83:b8:b7:20:3c: 08:34:48:db:2c:a7:e8:77:00:17:35:a8:2f:1f:6b: be:91:cb:c7:d0:9e:39:1a:09:63:c0:6e:45:f4:4d: 1b:9d:ec:de:49:ea:0b:c4:c2:52:f7:89:a6:b6:79: 26:af:c5:ff:19:68:dc:f7:2d:90:21:1e:2d:93:a9: 70:36:19:74:fe:6e:b8:0a:3e:ab:a2:03:d2:de:4b: e9:22:11:fc:32:f2:99:a0:02:a9:61:19:3e:d7:db: 5d:3d:b7:16:8f:ec:63:ca:e5:c4:a1:62:d0:e2:52: 2d:78:59:90:30:ab:93:02:a0:61:b6:a0:a8:3b:d5: d7:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:37:CB:C9:5B:A9:C5:DB:E6:BE:AA:68:87:85:39:BB:C0:AE:6B:24 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 6d:11:04:2a:61:75:7a:0d:1a:29:17:d5:91:8e:b4:f7:7d:e5: 87:c0:84:14:49:f0:55:38:97:c8:d0:ed:bf:e9:3a:f8:33:22: d5:a3:28:0b:06:4f:49:2e:5b:92:2c:29:c7:c7:2c:a2:5f:53: 99:59:d7:d2:0d:ab:41:66:04:d2:42:76:22:18:36:c7:6f:f7: 2d:de:64:eb:ce:32:29:17:fa:e8:25:18:56:f9:ad:cc:6a:55: d3:fd:39:86:2d:d4:81:46:7f:55:df:01:67:7a:7e:36:07:32: 10:c9:97:9a:ca:5d:33:3d:a0:d3:28:60:c8:dc:00:b1:8c:37: 92:ad:95:94:49:9f:4d:5f:49:f5:36:25:19:92:15:e7:09:3d: 5b:38:ea:76:25:42:1a:82:6d:93:99:89:96:38:82:07:4c:6f: f1:71:82:5b:43:82:8c:08:fc:22:45:2f:87:9e:b5:20:55:92: 6a:d9:ab:67:8c:d8:c4:a2:b6:2e:c5:2c:b4:e3:85:f3:d8:19: fd:0d:6c:bf:1c:91:61:66:96:03:3f:62:86:f8:2f:f9:9d:1f: 25:ac:21:b6:17:6d:d3:24:d0:fe:ce:8d:42:1b:08:ab:1d:53: 80:1b:86:f1:ee:cc:ee:c7:45:5a:cb:62:aa:32:79:cb:d8:6d: a0:70:4b:87 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUS+QjcSEIre5VZKJsvyjm/kq/nQQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAZWIzYjI1NjIwNjJiOTI2MzhkZDBk MTBiZGU0YWI2ZDdlNWZkMGMyNGU2MmJkMjNlMzI4ZTNjMzFjNDQwZmMwNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Vs3GID2XCsStchlMwZQvUbJ7WJL 8TsmZfZYT8U7Peogga1Jq8p9kII5sv5y9a3DUZZZnlca1Dzvjr539VNltoFImT+G v+Gsw7jaM3Qzn1WqPf0c5ftXA2/KGzIHlZ1E/eBztIEwHZltuoZ51u2vCTmu1ADj GOOWmwhB9F495RXfg7i3IDwINEjbLKfodwAXNagvH2u+kcvH0J45GgljwG5F9E0b nezeSeoLxMJS94mmtnkmr8X/GWjc9y2QIR4tk6lwNhl0/m64Cj6rogPS3kvpIhH8 MvKZoAKpYRk+19tdPbcWj+xjyuXEoWLQ4lIteFmQMKuTAqBhtqCoO9XXxwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDw3y8lbqcXb5r6qaIeFObvArmskMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjZjE3ZTYxLWIwNDktNDM4Yy04YWFmLTJkNDcxNGI1MTg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+kAwDQYJKoZIhvcNAQELBQADggEBAG0RBCphdXoNGikX1ZGO tPd95YfAhBRJ8FU4l8jQ7b/pOvgzItWjKAsGT0kuW5IsKcfHLKJfU5lZ19INq0Fm BNJCdiIYNsdv9y3eZOvOMikX+uglGFb5rcxqVdP9OYYt1IFGf1XfAWd6fjYHMhDJ l5rKXTM9oNMoYMjcALGMN5KtlZRJn01fSfU2JRmSFecJPVs46nYlQhqCbZOZiZY4 ggdMb/FxgltDgowI/CJFL4eetSBVkmrZq2eM2MSiti7FLLTjhfPYGf0NbL8ckWFm lgM/Yob4L/mdHyWsIbYXbdMk0P7OjUIbCKsdU4AbhvHuzO7HRVrLYqoyecvYbaBw S4c= -----END CERTIFICATE-----Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org