$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b46597ac-06b0-4ab7-aa80-8ed6514ffe89.roa File: b46597ac-06b0-4ab7-aa80-8ed6514ffe89.roa (raw, json) Hash identifier: Hck7lZKq3+QOfVcBiK/sG3VFPTG8k4/0U/GJUElx8TA= Subject key identifier: 8D:AC:3C:8E:94:47:53:AB:60:E4:92:3C:9C:25:9F:84:05:42:C4:67 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 17498D67B8C2806EEC5D70082CAB20F584B67481 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b46597ac-06b0-4ab7-aa80-8ed6514ffe89.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:49:8d:67:b8:c2:80:6e:ec:5d:70:08:2c:ab:20:f5:84:b6:74:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=4f11dab16b1b424d6e2ca3b53e3e5ffb3724467fa3140293cec945bc3dcd5791, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:d0:5c:b4:17:61:30:6b:ff:fb:f1:42:13:e8: 26:74:49:37:da:21:1a:96:eb:6d:08:39:dd:fd:cf: 85:b6:14:9d:56:ce:55:60:3f:2d:4d:60:4b:58:c6: 84:59:96:12:ab:4a:17:58:22:6f:2a:bb:af:4c:38: c9:28:37:fe:7f:f9:41:40:e0:79:62:ff:20:3c:c3: 90:82:1e:52:56:4b:8b:da:35:72:81:90:a5:ad:61: a7:a4:63:e5:dc:fb:73:0e:b1:48:cf:ab:6a:73:ce: 27:c5:65:63:99:6d:75:9e:68:02:45:33:0d:52:4f: 5f:08:0b:98:f9:bf:18:f2:ef:22:07:7f:f6:de:4b: 49:fa:af:73:cb:26:9c:3d:e7:93:e2:d5:16:05:84: 94:e7:92:e0:e8:3e:98:84:49:5a:39:28:a7:3a:7d: 6f:11:9d:ee:b4:d3:1d:a5:b7:b6:89:68:69:07:72: e3:20:c3:d2:2d:b4:ae:30:9d:d9:88:53:ca:85:d2: da:43:d6:27:10:4d:3d:7e:5c:ac:47:95:7e:b1:20: 3b:c0:00:02:15:07:5f:ed:30:97:fa:c9:d0:e3:12: dd:7e:5a:1b:1c:cd:19:fc:d2:08:b7:94:2d:e2:91: 4e:88:47:91:49:82:d1:55:66:7e:5c:e6:7a:9f:e3: 37:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:AC:3C:8E:94:47:53:AB:60:E4:92:3C:9C:25:9F:84:05:42:C4:67 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b46597ac-06b0-4ab7-aa80-8ed6514ffe89.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014::/36 Signature Algorithm: sha256WithRSAEncryption b9:91:52:eb:6f:2e:dd:ab:fb:48:98:f2:81:0b:8e:e2:85:b8: c6:76:17:29:08:88:ee:ea:21:61:20:e4:e9:51:2f:da:11:49: 0c:f1:2f:41:ab:52:88:6b:bd:10:4d:81:06:bd:e3:55:fc:e9: 20:d0:46:ae:b3:ff:0e:ab:02:b3:ec:c9:65:b6:77:6c:ff:a5: bd:02:32:f8:ae:52:cb:19:1a:03:18:f4:60:4a:02:ef:a3:4d: b6:73:26:05:86:82:56:8a:26:ab:a8:bc:25:66:a9:c9:47:10: 4d:79:d9:9e:b8:ef:be:70:c6:e1:b3:0d:8b:36:25:4a:c7:86: 32:52:e6:6a:ef:c0:04:aa:ee:26:7b:1d:ad:61:20:e7:b7:46: b9:10:b8:92:09:73:a4:a1:a3:10:fd:78:fe:22:26:88:9d:b3: 37:b9:84:65:99:1f:ee:f9:f2:f3:78:1f:91:bf:5c:8b:77:be: 79:a6:ab:2f:69:54:e7:d6:b2:df:0c:1f:69:09:f6:70:49:bc: 7d:59:83:bc:0a:a2:4b:ee:95:11:ba:c3:fb:5a:98:13:f6:e6: ae:0f:17:41:9c:90:03:46:98:1e:ab:85:0c:2c:e1:97:56:5f: 53:1b:1e:c4:23:77:48:3b:87:7f:29:a2:4f:72:dd:2f:97:c2: 8b:95:4a:1f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUF0mNZ7jCgG7sXXAILKsg9YS2dIEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNANGYxMWRhYjE2YjFiNDI0ZDZlMmNh M2I1M2UzZTVmZmIzNzI0NDY3ZmEzMTQwMjkzY2VjOTQ1YmMzZGNkNTc5MTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtBctBdhMGv/+/FCE+gmdEk32iEa luttCDnd/c+FthSdVs5VYD8tTWBLWMaEWZYSq0oXWCJvKruvTDjJKDf+f/lBQOB5 Yv8gPMOQgh5SVkuL2jVygZClrWGnpGPl3PtzDrFIz6tqc84nxWVjmW11nmgCRTMN Uk9fCAuY+b8Y8u8iB3/23ktJ+q9zyyacPeeT4tUWBYSU55Lg6D6YhElaOSinOn1v EZ3utNMdpbe2iWhpB3LjIMPSLbSuMJ3ZiFPKhdLaQ9YnEE09flysR5V+sSA7wAAC FQdf7TCX+snQ4xLdflobHM0Z/NIIt5Qt4pFOiEeRSYLRVWZ+XOZ6n+M3hwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI2sPI6UR1OrYOSSPJwln4QFQsRnMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2I0NjU5N2FjLTA2YjAtNGFiNy1hYTgwLThlZDY1MTRmZmU4OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AFAAwDQYJKoZIhvcNAQELBQADggEBALmRUutvLt2r+0iY8oEL juKFuMZ2FykIiO7qIWEg5OlRL9oRSQzxL0GrUohrvRBNgQa941X86SDQRq6z/w6r ArPsyWW2d2z/pb0CMviuUssZGgMY9GBKAu+jTbZzJgWGglaKJquovCVmqclHEE15 2Z64775wxuGzDYs2JUrHhjJS5mrvwASq7iZ7Ha1hIOe3RrkQuJIJc6ShoxD9eP4i Joidsze5hGWZH+758vN4H5G/XIt3vnmmqy9pVOfWst8MH2kJ9nBJvH1Zg7wKokvu lRG6w/tamBP25q4PF0GckANGmB6rhQws4ZdWX1MbHsQjd0g7h38pok9y3S+XwouV Sh8= -----END CERTIFICATE-----Generated at Sat Sep 16 00:16:47 2023 by rpki-client on console-fra.rpki-client.org