$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa File: decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa (raw, json) Hash identifier: JQt3o77YMFdsDrnmwjxAIkrxLeLOtoBM9LqzdM4mgXg= Subject key identifier: CF:98:23:10:DE:66:32:76:72:57:3B:28:1C:95:10:0F:C0:73:99:43 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5EF57299E9610018DBF45B49E992B09C49A1C22B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa Signing time: Fri 05 Apr 2024 00:00:00 +0000 ROA not before: Fri 05 Apr 2024 00:00:00 +0000 ROA not after: Fri 10 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Apr 2024 00:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:f5:72:99:e9:61:00:18:db:f4:5b:49:e9:92:b0:9c:49:a1:c2:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 5 00:00:00 2024 GMT Not After : May 10 23:59:59 2024 GMT Subject: serialNumber=fd15681cb339cea859b03aa4b877fda649c68e6fa89220ff1a507b85a831ae81, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:e3:60:15:6d:55:53:9a:29:b0:01:49:55:1e: 9e:87:21:9f:ea:2b:9f:f9:8c:ef:b2:19:ee:9a:65: 2d:5c:a6:3b:0f:c5:a6:e5:b7:4c:e5:c5:4f:bc:5d: 65:d1:66:51:8d:63:53:2c:1d:9c:26:32:70:61:3f: 57:77:3c:bb:0a:1a:d2:a9:d6:00:71:1f:fc:56:61: f5:f6:87:43:37:2f:12:bc:46:ef:99:cd:2e:49:01: 2b:3c:4d:f4:2b:89:34:d7:d8:7c:bd:ed:53:4b:2d: 5e:12:cf:90:12:1b:bf:f2:52:d8:02:f2:c4:6e:7e: d7:0a:f0:fb:f8:6a:fb:e9:54:f9:73:c9:c4:1a:52: 0f:c2:3a:45:d1:00:09:b4:83:b5:21:be:03:2c:f8: f6:45:96:c3:b7:28:8a:2b:f5:34:22:fb:a8:2f:03: db:9e:fb:c6:c2:73:1e:75:ee:62:d5:ce:dc:2e:90: a3:08:1e:09:17:7e:66:1f:58:8e:6f:a8:05:94:bc: 01:3d:d0:01:e8:1b:d1:b8:06:b9:b2:1f:60:1b:57: 28:20:ad:25:6d:4d:6c:28:ae:2f:de:fd:62:8b:a8: 54:8f:3e:f3:17:0a:d7:5b:78:fb:3c:3e:e5:57:bf: 69:ee:42:46:9b:0c:e6:f3:34:99:53:3c:41:e0:a2: 9a:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:98:23:10:DE:66:32:76:72:57:3B:28:1C:95:10:0F:C0:73:99:43 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4000::/40 Signature Algorithm: sha256WithRSAEncryption 44:c5:fb:08:07:43:07:55:ed:14:78:ff:f8:e0:d5:a4:00:65: 9d:67:79:a3:17:16:6c:b3:07:06:62:32:80:bb:2b:bb:09:da: 0c:d4:70:51:0a:e0:65:0c:4e:f6:0a:76:49:2f:7d:b8:80:67: 52:82:2e:ac:58:9a:52:6a:58:75:02:39:98:14:08:0d:45:92: ae:2b:1c:c2:2e:c8:78:66:21:e6:c3:da:2c:46:01:93:6b:ae: 26:e2:f0:82:d4:0a:69:98:31:3a:bc:7f:fa:53:4e:04:a0:4e: ce:66:da:a4:06:59:61:db:2e:e3:8b:6c:b3:3c:fb:f7:8a:27: ae:ed:62:59:43:e0:0f:6b:08:34:fb:ee:19:51:29:7b:6f:55: 14:66:60:fd:5a:6d:92:9e:0f:dd:2a:73:64:ac:af:5e:6f:0b: 6a:5a:4f:66:ab:2b:92:e7:4a:2d:d3:d1:4d:0a:8d:11:e1:e9: 8e:4b:ef:10:6b:a9:4c:87:43:b9:a3:08:41:cc:91:34:96:8d: 9f:a0:ad:2d:77:78:78:d7:55:b8:a7:ca:c7:65:fb:d1:b7:f9: 82:67:cb:a5:08:21:6f:73:f7:90:05:1b:f5:3f:58:c5:59:7a: c7:6d:65:79:0c:40:b1:30:0e:c9:12:8e:12:0e:0f:e1:33:1d: b5:6f:07:94 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXvVymelhABjb9FtJ6ZKwnEmhwiswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQwNTAwMDAwMFoX DTI0MDUxMDIzNTk1OVowejFJMEcGA1UEBRNAZmQxNTY4MWNiMzM5Y2VhODU5YjAz YWE0Yjg3N2ZkYTY0OWM2OGU2ZmE4OTIyMGZmMWE1MDdiODVhODMxYWU4MTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+NgFW1VU5opsAFJVR6ehyGf6iuf +YzvshnummUtXKY7D8Wm5bdM5cVPvF1l0WZRjWNTLB2cJjJwYT9Xdzy7ChrSqdYA cR/8VmH19odDNy8SvEbvmc0uSQErPE30K4k019h8ve1TSy1eEs+QEhu/8lLYAvLE bn7XCvD7+Gr76VT5c8nEGlIPwjpF0QAJtIO1Ib4DLPj2RZbDtyiKK/U0IvuoLwPb nvvGwnMede5i1c7cLpCjCB4JF35mH1iOb6gFlLwBPdAB6BvRuAa5sh9gG1coIK0l bU1sKK4v3v1ii6hUjz7zFwrXW3j7PD7lV79p7kJGmwzm8zSZUzxB4KKaKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM+YIxDeZjJ2clc7KByVEA/Ac5lDMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2RlY2MzY2VjLWMyZWYtNDYyMi04ZWMyLWU1M2JiN2EzZTI1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/0AwDQYJKoZIhvcNAQELBQADggEBAETF+wgHQwdV7RR4//jg 1aQAZZ1neaMXFmyzBwZiMoC7K7sJ2gzUcFEK4GUMTvYKdkkvfbiAZ1KCLqxYmlJq WHUCOZgUCA1Fkq4rHMIuyHhmIebD2ixGAZNrribi8ILUCmmYMTq8f/pTTgSgTs5m 2qQGWWHbLuOLbLM8+/eKJ67tYllD4A9rCDT77hlRKXtvVRRmYP1abZKeD90qc2Ss r15vC2paT2arK5LnSi3T0U0KjRHh6Y5L7xBrqUyHQ7mjCEHMkTSWjZ+grS13eHjX Vbinysdl+9G3+YJny6UIIW9z95AFG/U/WMVZesdtZXkMQLEwDskSjhIOD+EzHbVv B5Q= -----END CERTIFICATE-----Generated at Sat Apr 20 01:09:32 2024 by rpki-client on console-ams.rpki-client.org