$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: z4sZPdJOohOa8VJGkvgSiEnpsQMEF2S9s24oI0OuyfY= Subject key identifier: A2:39:59:9F:95:76:E0:13:67:3A:46:D5:F0:4C:53:6F:A5:22:F4:DC Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0C67A584F9D7CAFFB582B90116CFBA9CA686844F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Fri 05 Apr 2024 00:00:00 +0000 ROA not before: Fri 05 Apr 2024 00:00:00 +0000 ROA not after: Fri 10 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:67:a5:84:f9:d7:ca:ff:b5:82:b9:01:16:cf:ba:9c:a6:86:84:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 5 00:00:00 2024 GMT Not After : May 10 23:59:59 2024 GMT Subject: serialNumber=9b45b783de26514ecdc843ae7ef2d0593dbf1a753afb1579f8f9b3c5fde5349b, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:28:18:a6:c6:8b:8c:fb:df:32:4a:75:50:f9: 27:ee:b9:84:1b:e0:cb:14:17:c5:58:e2:d1:0e:d1: fe:75:28:2a:9a:60:40:a7:ae:e4:47:4b:cb:33:e9: af:6f:a9:34:f5:9d:25:1a:d7:65:6f:cd:6e:60:9f: 4a:8d:9a:bf:6e:e2:a9:6f:ce:52:c1:5d:98:54:c1: 4e:b1:79:58:96:68:f9:f2:e7:8b:a8:f6:86:1f:fd: 0c:15:76:22:be:f3:6d:b6:a0:2f:67:4c:8d:5b:33: 18:2d:5a:09:2c:eb:61:bb:ba:8a:22:4c:a6:61:9a: 3d:6c:c7:e9:e1:3e:a9:3a:dd:7e:ea:57:da:0e:e0: 11:32:35:7d:77:8a:96:6a:f2:7a:de:d4:12:30:55: 87:e3:dc:76:7f:81:7a:6d:24:7d:47:bc:5a:50:a3: 26:e0:98:f1:0f:14:60:93:c2:36:dc:ed:78:68:20: bc:96:8e:25:32:be:37:2d:8d:ec:75:cf:b4:1b:70: 1f:6f:d1:db:6f:ad:83:ac:32:e8:4a:86:2c:fb:38: df:32:2e:31:3f:a5:e4:da:97:26:d7:96:99:96:59: e0:87:ae:c1:4a:16:6b:6d:b2:ac:4e:b2:45:53:86: df:85:4c:c3:c4:b9:d8:0c:b7:4f:f9:7c:a8:3e:d8: 96:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:39:59:9F:95:76:E0:13:67:3A:46:D5:F0:4C:53:6F:A5:22:F4:DC X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 00:b5:5f:82:c8:d9:ca:7d:ee:82:cc:14:de:22:5b:bf:25:92: b3:91:cc:66:8f:0d:e9:59:1c:14:5c:3d:b8:48:36:ba:b1:18: 11:fd:75:62:46:d4:37:3f:d9:07:b5:06:26:22:46:d7:43:f4: 15:c7:f4:f7:ea:8d:6b:e3:f6:01:4f:1b:bd:93:b4:e7:5a:c1: d3:99:fc:2a:da:94:c0:7a:a5:87:9a:d5:e1:50:9a:97:0a:a8: 13:7c:eb:04:77:7f:7d:7b:11:8d:2c:6a:9a:81:b1:17:c8:03: ff:be:ea:91:e6:e8:6c:cb:0e:21:c5:3b:92:79:7a:a3:df:53: ae:a8:dc:6e:d6:2f:d6:a8:29:30:11:e8:66:62:80:2f:03:d7: 8b:a4:94:69:61:13:58:0f:3f:b8:83:54:70:de:05:b0:83:34: 0f:71:cc:1d:85:19:fe:cb:a8:72:25:01:4a:68:dd:7f:77:5b: 47:e4:e5:04:6a:30:94:53:8f:42:ca:6b:4d:56:06:6f:6c:ba: 32:c8:2e:27:78:f3:e7:94:f5:b0:85:da:5f:73:1a:aa:0c:c1: b2:2d:1c:5e:fd:be:b4:ba:14:ec:c4:e9:d4:b8:e1:7c:b9:22: 0f:55:b2:09:e7:8a:a0:e1:9d:44:43:03:19:e3:37:1e:d5:2e: 9f:39:fd:ec -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDGelhPnXyv+1grkBFs+6nKaGhE8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQwNTAwMDAwMFoX DTI0MDUxMDIzNTk1OVowejFJMEcGA1UEBRNAOWI0NWI3ODNkZTI2NTE0ZWNkYzg0 M2FlN2VmMmQwNTkzZGJmMWE3NTNhZmIxNTc5ZjhmOWIzYzVmZGU1MzQ5YjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CgYpsaLjPvfMkp1UPkn7rmEG+DL FBfFWOLRDtH+dSgqmmBAp67kR0vLM+mvb6k09Z0lGtdlb81uYJ9KjZq/buKpb85S wV2YVMFOsXlYlmj58ueLqPaGH/0MFXYivvNttqAvZ0yNWzMYLVoJLOthu7qKIkym YZo9bMfp4T6pOt1+6lfaDuARMjV9d4qWavJ63tQSMFWH49x2f4F6bSR9R7xaUKMm 4JjxDxRgk8I23O14aCC8lo4lMr43LY3sdc+0G3Afb9Hbb62DrDLoSoYs+zjfMi4x P6Xk2pcm15aZllngh67BShZrbbKsTrJFU4bfhUzDxLnYDLdP+XyoPtiW/QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKI5WZ+VduATZzpG1fBMU2+lIvTcMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBAAC1X4LI2cp97oLMFN4i W78lkrORzGaPDelZHBRcPbhINrqxGBH9dWJG1Dc/2Qe1BiYiRtdD9BXH9PfqjWvj 9gFPG72TtOdawdOZ/CralMB6pYea1eFQmpcKqBN86wR3f317EY0sapqBsRfIA/++ 6pHm6GzLDiHFO5J5eqPfU66o3G7WL9aoKTAR6GZigC8D14uklGlhE1gPP7iDVHDe BbCDNA9xzB2FGf7LqHIlAUpo3X93W0fk5QRqMJRTj0LKa01WBm9sujLILid48+eU 9bCF2l9zGqoMwbItHF79vrS6FOzE6dS44Xy5Ig9VsgnniqDhnURDAxnjNx7VLp85 /ew= -----END CERTIFICATE-----Generated at Thu Apr 25 00:31:13 2024 by rpki-client on console-fra.rpki-client.org