$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: DsBJHTr918mrFCH5gSrWUzII7TIHrzWLfG+Y+d1cjko= Subject key identifier: E3:5F:30:DD:F4:C2:58:0E:C3:C2:00:5E:38:42:BD:A4:5E:CF:90:95 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1074A0A318F06A3EEAC82F70589DD4F09C39D381 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:74:a0:a3:18:f0:6a:3e:ea:c8:2f:70:58:9d:d4:f0:9c:39:d3:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=1f983b169c18028accfd43a65b1c1a50a24905af7801095fbbb41a5592679e6a, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:55:ea:d7:dd:6f:f6:91:48:1d:89:3b:c0:8f: 9a:98:ee:56:3f:9b:14:88:30:63:bd:f5:18:22:f5: 51:17:5c:9d:19:1d:73:87:5d:d4:5f:19:23:d1:88: 15:91:5e:d5:5a:25:35:5c:bc:f0:6a:4c:ca:3a:8c: 0a:2f:b7:44:1e:fc:94:fe:ac:60:dc:7d:e5:f8:44: 29:0e:79:7e:ac:fa:9a:5e:ce:36:9d:b9:cb:56:3d: 28:9a:ec:4b:56:e1:fb:db:df:26:e3:46:d3:b1:16: 66:b0:72:af:5b:4d:35:94:e8:24:2f:6b:2e:28:d6: ff:ea:ba:0c:76:63:42:22:b7:a6:fe:c9:e3:29:e3: 0d:9e:75:b2:52:75:f5:70:af:8f:37:ac:66:53:1f: 67:84:c2:b9:32:06:b0:5b:25:b0:35:e7:8e:a7:7e: b3:71:89:89:33:7e:eb:0c:b3:8d:5d:8d:c5:04:b3: 33:f6:75:25:db:73:9e:59:e4:88:e1:fc:30:23:ad: 1e:5e:e7:df:d8:93:e5:f7:da:3d:69:3e:37:cb:c6: c6:c3:da:61:8d:eb:b2:9a:7d:a8:5a:a7:8c:fc:9b: 31:62:6d:06:24:19:cb:ff:06:3e:a8:7e:a1:f2:5d: 9d:47:44:59:37:83:69:b0:5b:1d:ab:32:ca:2f:52: e9:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:5F:30:DD:F4:C2:58:0E:C3:C2:00:5E:38:42:BD:A4:5E:CF:90:95 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 86:e3:19:ee:7e:24:e0:f6:c2:d5:c9:96:e1:d1:db:d1:00:e7: 2b:c9:3d:e9:f2:20:e6:11:14:1a:a8:3c:08:b5:db:30:76:96: 69:f6:25:81:d6:cb:89:a2:14:fb:72:8f:47:10:7c:00:e7:e2: b1:0f:e9:0a:da:7a:5d:08:d0:eb:7e:1b:2a:8a:75:9c:d5:71: 5a:f3:11:aa:6f:44:dd:1b:ea:4d:0e:b7:8f:ba:8a:ff:c0:75: 60:75:16:c9:fb:12:41:5e:d6:40:19:fa:ad:66:e7:ff:94:5c: c6:7b:5f:5a:1c:ff:4c:fb:0b:f3:ad:bb:6b:de:bf:84:67:c2: 10:b0:70:eb:cf:77:72:39:a2:94:f2:b4:c0:06:a9:db:ac:f7: 82:98:d0:df:f7:3e:83:44:d2:47:72:44:2e:6c:b0:c6:c7:9b: 9a:87:0b:22:c3:de:dd:d0:e0:68:8d:cd:dc:c6:62:f3:69:b2: 7f:84:91:2a:17:98:7f:14:a7:e0:e9:01:09:7e:6a:6f:93:43: 1e:f9:d2:66:bf:85:b1:39:ef:b6:6c:9b:30:57:be:46:1d:d6: 4d:02:88:e3:28:ce:8f:d9:cc:fc:bc:41:2c:8c:61:1e:21:b1: 5c:69:c4:3b:ad:34:bc:74:dd:7e:80:4f:e8:e1:e0:38:3d:12: e7:eb:e5:46 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEHSgoxjwaj7qyC9wWJ3U8Jw504EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkxNjAwMDAwMFoX DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAMWY5ODNiMTY5YzE4MDI4YWNjZmQ0 M2E2NWIxYzFhNTBhMjQ5MDVhZjc4MDEwOTVmYmJiNDFhNTU5MjY3OWU2YTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFXq191v9pFIHYk7wI+amO5WP5sU iDBjvfUYIvVRF1ydGR1zh13UXxkj0YgVkV7VWiU1XLzwakzKOowKL7dEHvyU/qxg 3H3l+EQpDnl+rPqaXs42nbnLVj0omuxLVuH7298m40bTsRZmsHKvW001lOgkL2su KNb/6roMdmNCIrem/snjKeMNnnWyUnX1cK+PN6xmUx9nhMK5MgawWyWwNeeOp36z cYmJM37rDLONXY3FBLMz9nUl23OeWeSI4fwwI60eXuff2JPl99o9aT43y8bGw9ph jeuymn2oWqeM/JsxYm0GJBnL/wY+qH6h8l2dR0RZN4NpsFsdqzLKL1LpaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFONfMN30wlgOw8IAXjhCvaRez5CVMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBAIbjGe5+JOD2wtXJluHR 29EA5yvJPenyIOYRFBqoPAi12zB2lmn2JYHWy4miFPtyj0cQfADn4rEP6Qrael0I 0Ot+GyqKdZzVcVrzEapvRN0b6k0Ot4+6iv/AdWB1Fsn7EkFe1kAZ+q1m5/+UXMZ7 X1oc/0z7C/Otu2vev4RnwhCwcOvPd3I5opTytMAGqdus94KY0N/3PoNE0kdyRC5s sMbHm5qHCyLD3t3Q4GiNzdzGYvNpsn+EkSoXmH8Up+DpAQl+am+TQx750ma/hbE5 77ZsmzBXvkYd1k0CiOMozo/ZzPy8QSyMYR4hsVxpxDutNLx03X6AT+jh4Dg9Eufr 5UY= -----END CERTIFICATE-----Generated at Sat Sep 16 00:16:47 2023 by rpki-client on console-fra.rpki-client.org