$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa File: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (raw, json) Hash identifier: Oa/7S7lPglpBwqhW+DflNQzx5dF93vd2ZhUQ1XwwewU= Subject key identifier: 32:D0:1D:05:2F:01:5D:85:7F:DD:64:0A:23:5C:91:4C:AD:23:5F:27 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 393BE6FEF00733D3B3BDDC7931FDDF283EA52645 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Apr 2024 00:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:3b:e6:fe:f0:07:33:d3:b3:bd:dc:79:31:fd:df:28:3e:a5:26:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=a3bbe9f7bbdfbd7eae08544e322f4650f10ec2cad1eeae56ecdc1b13cd200794, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:62:28:15:20:89:eb:bc:98:90:75:83:c7:95: c5:11:b5:1c:e8:e8:f7:2e:2f:68:8d:cb:3e:3e:6f: ac:6d:d8:0f:73:8a:b1:07:c3:e8:55:53:f6:74:38: b3:dd:7a:ec:47:a8:59:ed:01:cc:be:ec:3d:9c:74: 84:04:6b:1c:80:79:eb:92:47:29:f5:de:af:b2:f7: 48:50:89:ed:db:63:bf:ac:82:f5:44:7d:ff:7e:e4: 78:4c:5d:7b:9b:d8:87:84:43:10:9b:14:ce:cf:6e: 26:ab:59:df:a4:26:2e:48:16:a0:ab:ae:de:13:18: 33:22:36:14:5e:af:13:3d:74:53:df:c9:94:d4:2c: 1f:a2:42:06:11:ee:9d:45:41:b3:16:20:11:d5:62: ae:0d:c1:0c:d6:45:b2:a1:49:54:87:d3:85:b8:13: 02:64:cb:5e:1d:19:c7:b7:49:3e:cb:f2:d6:75:f0: 5a:11:02:25:1a:fa:25:e3:14:06:9f:ce:ef:7c:5a: bb:97:4b:c7:20:9e:88:9f:0b:c6:82:81:26:56:f1: b9:a2:ca:81:ba:31:8f:c6:70:67:2c:1f:12:b5:8d: 1a:f1:05:05:7f:7a:03:7a:14:8d:8f:e4:65:0f:8a: c6:f0:d0:f0:e7:4a:0d:cf:e2:1f:8b:9a:d8:5e:15: 46:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:D0:1D:05:2F:01:5D:85:7F:DD:64:0A:23:5C:91:4C:AD:23:5F:27 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fe:4000::/40 Signature Algorithm: sha256WithRSAEncryption 04:ec:d9:d5:5e:63:10:d7:8a:83:e2:95:d3:23:d5:e7:80:a7: dc:8a:f7:0d:62:e2:d8:e1:bc:d1:a9:be:9e:b7:a4:91:9b:20: a9:ce:b9:79:5c:83:36:3c:11:4c:35:e8:17:50:95:a4:14:a3: b3:70:55:49:2d:ea:64:6d:3e:cc:6f:2d:7e:c4:26:42:9d:c0: 17:1c:24:50:1b:01:28:c7:e8:fa:d0:80:a2:f4:eb:5c:53:22: 7a:cf:57:5e:67:de:ac:d7:14:9f:af:d1:c3:1c:f9:e3:bf:21: 70:27:62:35:71:f5:80:0a:c5:0a:95:47:f2:18:70:25:ef:d8: ca:01:57:5d:73:4e:97:12:16:2e:2c:20:7c:16:88:9a:65:89: be:20:7a:44:84:35:4e:a3:ec:c3:76:03:3f:dd:6b:5e:22:84: b3:3f:1d:1a:8d:58:f7:af:1d:c3:50:98:4a:1f:04:09:d6:c5: be:f9:db:08:46:f8:5e:45:d0:53:22:cb:d1:d6:d3:c0:29:a5: eb:fa:fc:7c:c9:d1:dc:7a:64:bf:62:53:3a:fb:44:b2:a8:f3: ab:8b:e5:77:e9:57:7c:d5:4b:92:95:a6:f6:ca:1e:23:e2:90: cd:c6:71:42:38:e9:c3:68:b6:e3:97:86:8c:e4:cf:64:cb:96: d2:0a:67:80 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOTvm/vAHM9Ozvdx5Mf3fKD6lJkUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAYTNiYmU5ZjdiYmRmYmQ3ZWFlMDg1 NDRlMzIyZjQ2NTBmMTBlYzJjYWQxZWVhZTU2ZWNkYzFiMTNjZDIwMDc5NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmIoFSCJ67yYkHWDx5XFEbUc6Oj3 Li9ojcs+Pm+sbdgPc4qxB8PoVVP2dDiz3XrsR6hZ7QHMvuw9nHSEBGscgHnrkkcp 9d6vsvdIUInt22O/rIL1RH3/fuR4TF17m9iHhEMQmxTOz24mq1nfpCYuSBagq67e ExgzIjYUXq8TPXRT38mU1CwfokIGEe6dRUGzFiAR1WKuDcEM1kWyoUlUh9OFuBMC ZMteHRnHt0k+y/LWdfBaEQIlGvol4xQGn87vfFq7l0vHIJ6InwvGgoEmVvG5osqB ujGPxnBnLB8StY0a8QUFf3oDehSNj+RlD4rG8NDw50oNz+Ifi5rYXhVGMQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDLQHQUvAV2Ff91kCiNckUytI18nMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M4ODZmZGNjLWQ5YzQtNDg1YS1hOTQxLTdhYTJjN2QwOTNlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/kAwDQYJKoZIhvcNAQELBQADggEBAATs2dVeYxDXioPildMj 1eeAp9yK9w1i4tjhvNGpvp63pJGbIKnOuXlcgzY8EUw16BdQlaQUo7NwVUkt6mRt PsxvLX7EJkKdwBccJFAbASjH6PrQgKL061xTInrPV15n3qzXFJ+v0cMc+eO/IXAn YjVx9YAKxQqVR/IYcCXv2MoBV11zTpcSFi4sIHwWiJplib4gekSENU6j7MN2Az/d a14ihLM/HRqNWPevHcNQmEofBAnWxb752whG+F5F0FMiy9HW08Appev6/HzJ0dx6 ZL9iUzr7RLKo86uL5XfpV3zVS5KVpvbKHiPikM3GcUI46cNotuOXhozkz2TLltIK Z4A= -----END CERTIFICATE-----Generated at Sat Apr 20 01:09:32 2024 by rpki-client on console-ams.rpki-client.org