$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa File: decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa (raw, json) Hash identifier: c0lbmkpHmG+VT2WHND7SInI0zexwSnofU5KwSDGKE2M= Subject key identifier: C9:AC:4F:B2:C2:CF:E1:AF:E2:3E:DE:CA:B0:B2:DA:EF:4E:39:E8:C9 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7E9359F8AA41BC58DBA1680F821CB6FE42FABAE5 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:93:59:f8:aa:41:bc:58:db:a1:68:0f:82:1c:b6:fe:42:fa:ba:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=0f84ca0ad8a78b48b1b1980aac8a6680b6101a0953daf587d97fd97e917139d4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:89:fc:74:f5:f0:ed:a1:5d:53:51:16:32:cc: bc:ac:f2:99:88:36:e3:77:44:5b:37:41:8a:19:18: e5:6a:47:aa:5e:ac:1b:72:64:69:d7:f0:f1:10:92: ef:b9:b0:4f:de:51:92:25:61:c1:f7:8c:a6:30:96: 6b:e3:b7:20:62:c7:34:d1:da:7d:d9:4d:96:81:3f: 4a:7a:15:ba:88:85:42:11:21:a2:f0:00:eb:a0:ce: ea:73:b1:38:b9:18:20:94:ee:ec:16:c8:4e:5c:5e: a0:0f:7c:57:37:0c:f8:da:ee:59:6a:b0:a7:07:09: 42:1a:64:88:28:39:c6:8c:b0:c9:79:ae:e5:b5:cc: 49:4e:15:15:8e:a5:45:21:58:5e:ba:83:d9:da:40: 43:32:f2:d1:c0:25:c9:04:e4:d7:e3:50:56:e3:93: 3b:6e:d9:71:c9:c1:88:19:53:32:e2:96:34:f6:94: 86:a3:b0:05:b4:bc:b5:79:ef:10:7b:b5:5c:98:ff: 72:c0:ee:3c:c9:46:bc:bc:5d:79:f5:76:e1:17:b0: 3b:1a:f3:8f:17:39:26:50:41:e5:af:bb:3f:b0:78: f6:df:b9:20:31:7a:c3:8f:e0:fc:24:75:d2:7e:f7: b9:df:0b:c5:43:83:c9:68:b9:d3:2c:02:3d:59:a3: 86:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:AC:4F:B2:C2:CF:E1:AF:E2:3E:DE:CA:B0:B2:DA:EF:4E:39:E8:C9 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4000::/40 Signature Algorithm: sha256WithRSAEncryption 53:bf:b1:19:cb:ae:85:07:2a:a5:a2:87:40:02:80:9d:f7:be: d1:be:0c:5a:89:d4:a7:5a:94:d7:68:5b:e4:07:5e:58:e8:ee: 8a:97:27:f8:f5:99:2c:27:dd:3c:cb:a9:80:30:8e:6c:86:9f: 8b:85:bf:3a:94:77:9e:3d:4f:f5:67:89:2c:63:f2:ad:ce:e4: 6f:41:1d:9f:c1:5b:95:95:b3:a5:dd:24:e1:9c:9c:30:6e:07: c3:8a:8e:20:fa:6f:db:0e:b4:ed:df:ca:08:c1:6d:5e:ff:30: 31:73:f7:52:9f:af:4c:8d:45:56:19:c1:5b:5f:b7:8e:42:f3: d2:0e:59:c3:b3:7d:23:6c:73:5d:fd:3b:99:98:41:99:24:84: b3:99:b2:9f:21:e4:ae:ee:96:22:86:f3:30:5c:44:9f:68:ec: 3e:3c:b9:e9:13:3d:e5:8a:0a:a8:87:42:91:b7:dc:db:88:5b: 74:78:cf:1d:0f:28:be:e8:8c:d3:1c:74:22:28:2c:16:00:03: ba:95:58:9e:28:ea:67:30:c1:5a:6b:e7:fc:9c:16:30:81:08: 7b:f4:cd:8e:c7:9c:d2:02:9d:6c:58:95:9b:63:44:d8:74:ff: 0b:fd:80:f2:17:e4:92:2d:bc:a8:32:23:b8:19:6f:21:67:d7: 1a:dd:6a:7e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfpNZ+KpBvFjboWgPghy2/kL6uuUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAMGY4NGNhMGFkOGE3OGI0OGIxYjE5 ODBhYWM4YTY2ODBiNjEwMWEwOTUzZGFmNTg3ZDk3ZmQ5N2U5MTcxMzlkNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYn8dPXw7aFdU1EWMsy8rPKZiDbj d0RbN0GKGRjlakeqXqwbcmRp1/DxEJLvubBP3lGSJWHB94ymMJZr47cgYsc00dp9 2U2WgT9KehW6iIVCESGi8ADroM7qc7E4uRgglO7sFshOXF6gD3xXNwz42u5ZarCn BwlCGmSIKDnGjLDJea7ltcxJThUVjqVFIVheuoPZ2kBDMvLRwCXJBOTX41BW45M7 btlxycGIGVMy4pY09pSGo7AFtLy1ee8Qe7VcmP9ywO48yUa8vF159XbhF7A7GvOP FzkmUEHlr7s/sHj237kgMXrDj+D8JHXSfve53wvFQ4PJaLnTLAI9WaOGGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMmsT7LCz+Gv4j7eyrCy2u9OOejJMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2RlY2MzY2VjLWMyZWYtNDYyMi04ZWMyLWU1M2JiN2EzZTI1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/0AwDQYJKoZIhvcNAQELBQADggEBAFO/sRnLroUHKqWih0AC gJ33vtG+DFqJ1KdalNdoW+QHXljo7oqXJ/j1mSwn3TzLqYAwjmyGn4uFvzqUd549 T/VniSxj8q3O5G9BHZ/BW5WVs6XdJOGcnDBuB8OKjiD6b9sOtO3fygjBbV7/MDFz 91Kfr0yNRVYZwVtft45C89IOWcOzfSNsc139O5mYQZkkhLOZsp8h5K7uliKG8zBc RJ9o7D48uekTPeWKCqiHQpG33NuIW3R4zx0PKL7ojNMcdCIoLBYAA7qVWJ4o6mcw wVpr5/ycFjCBCHv0zY7HnNICnWxYlZtjRNh0/wv9gPIX5JItvKgyI7gZbyFn1xrd an4= -----END CERTIFICATE-----Generated at Sat Sep 16 00:16:47 2023 by rpki-client on console-fra.rpki-client.org