$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f8620d2a-ea0f-46ef-a270-0f639f977882.roa File: f8620d2a-ea0f-46ef-a270-0f639f977882.roa (raw, json) Hash identifier: rqyEbYP29ulz2IUIbZ+8y0LOUDlKS0tIhzb56QrgsXw= Subject key identifier: 33:DB:75:57:17:5D:72:D0:AC:D4:AB:0C:7E:6D:A3:47:6F:53:08:B9 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0F3F96A8610C654C2CFACE8FC9CF1D4FF38D3126 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f8620d2a-ea0f-46ef-a270-0f639f977882.roa Signing time: Fri 19 Apr 2024 00:00:00 +0000 ROA not before: Fri 19 Apr 2024 00:00:00 +0000 ROA not after: Fri 24 May 2024 23:59:59 +0000 asID: 8987 IP address blocks: 240f:8000::/24 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 15:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:3f:96:a8:61:0c:65:4c:2c:fa:ce:8f:c9:cf:1d:4f:f3:8d:31:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 19 00:00:00 2024 GMT Not After : May 24 23:59:59 2024 GMT Subject: serialNumber=555a6e748152bea46d5ae0e07822ba0caacfed982fef3890769a818fe1bbe179, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:87:78:d8:9d:ea:09:d4:57:60:aa:92:0f:6b: 3d:4b:cb:c3:4f:7a:5e:da:92:ff:e0:81:ca:2b:01: d0:77:73:10:50:63:e3:5d:5b:40:fc:86:1c:f6:a3: 0e:12:57:00:fc:bf:30:42:d1:de:26:a6:46:04:d6: 66:67:21:1b:df:98:d7:c9:5f:12:18:72:8a:7f:32: f5:cf:9a:82:1b:35:7c:f7:69:c6:bb:96:1e:47:d9: 4c:21:f7:9e:73:eb:9b:94:d8:21:44:32:5d:a5:c9: 44:a3:45:22:68:5b:7c:1e:d2:74:72:2b:08:76:7c: 57:6a:a3:cc:c4:54:65:f3:2a:1f:b7:b9:2a:7d:9e: 1e:12:cf:56:0d:08:4e:1b:47:44:bf:cd:00:4c:9a: 06:b8:22:4b:f5:92:38:a5:f1:a2:83:93:8e:2e:83: 51:57:9e:84:33:e0:96:9f:e0:80:b5:2e:9a:f0:08: 57:6d:69:d4:77:09:42:a9:0d:33:9f:b6:33:33:1a: f1:fd:a6:78:0a:91:60:1e:01:d6:8a:25:1a:b3:9b: c3:8f:2e:4a:79:87:c2:60:b4:fa:79:e0:7c:38:cd: f8:d5:64:31:8d:01:e5:65:c8:e3:56:7a:e1:bd:c5: 1e:9e:02:de:8e:ff:a0:b5:97:0a:fb:ef:8c:9b:1a: 29:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:DB:75:57:17:5D:72:D0:AC:D4:AB:0C:7E:6D:A3:47:6F:53:08:B9 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f8620d2a-ea0f-46ef-a270-0f639f977882.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000::/24 Signature Algorithm: sha256WithRSAEncryption 5f:f5:c6:c9:37:69:ba:e9:87:1e:5d:31:36:b5:00:00:0f:d2: 3d:d1:bc:9f:b1:38:d2:26:bf:4a:a2:04:9f:ea:bf:eb:dd:29: f4:57:30:4a:ce:67:7e:e5:cd:48:59:c6:f1:67:d5:c9:80:fe: 7e:60:3b:38:8f:98:1c:01:f9:00:20:ff:7f:86:aa:86:18:d5: 08:19:af:04:1e:38:1d:5a:e0:5d:ef:7e:5b:08:84:86:88:d2: 78:c4:77:46:1a:61:71:b5:88:90:9c:a5:45:17:de:90:63:bb: 20:0c:29:7b:15:3f:67:ad:18:45:85:fc:d9:10:d7:c5:d3:d5: be:91:d1:a9:ff:7f:d2:c5:40:1b:b0:d6:f2:a8:55:b4:a5:0a: 18:02:62:bd:c5:e3:8a:17:31:7b:eb:db:50:75:bf:21:a5:ad: 7b:48:f2:ee:0b:b9:33:36:f2:35:11:e9:bf:cf:46:2a:df:9d: 5d:b8:52:7a:b5:99:50:e6:d8:d7:81:7b:18:87:00:4c:a2:15: bc:4a:c5:c4:0e:11:31:c8:90:e4:d9:3e:99:c8:a7:60:da:3c: 7e:a3:72:ae:b7:ac:68:aa:d4:1b:9f:e1:fc:83:80:c0:ce:07: bd:29:82:30:14:05:0f:d2:bc:38:ae:f4:e5:5f:ac:16:f0:58: 94:bc:1b:27 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUDz+WqGEMZUws+s6Pyc8dT/ONMSYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQxOTAwMDAwMFoX DTI0MDUyNDIzNTk1OVowejFJMEcGA1UEBRNANTU1YTZlNzQ4MTUyYmVhNDZkNWFl MGUwNzgyMmJhMGNhYWNmZWQ5ODJmZWYzODkwNzY5YTgxOGZlMWJiZTE3OTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyod42J3qCdRXYKqSD2s9S8vDT3pe 2pL/4IHKKwHQd3MQUGPjXVtA/IYc9qMOElcA/L8wQtHeJqZGBNZmZyEb35jXyV8S GHKKfzL1z5qCGzV892nGu5YeR9lMIfeec+ublNghRDJdpclEo0UiaFt8HtJ0cisI dnxXaqPMxFRl8yoft7kqfZ4eEs9WDQhOG0dEv80ATJoGuCJL9ZI4pfGig5OOLoNR V56EM+CWn+CAtS6a8AhXbWnUdwlCqQ0zn7YzMxrx/aZ4CpFgHgHWiiUas5vDjy5K eYfCYLT6eeB8OM341WQxjQHlZcjjVnrhvcUengLejv+gtZcK+++MmxopwwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDPbdVcXXXLQrNSrDH5to0dvUwi5MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2Y4NjIwZDJhLWVhMGYtNDZlZi1hMjcwLTBmNjM5Zjk3Nzg4Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAAjAGAwQAJA+AMA0GCSqGSIb3DQEBCwUAA4IBAQBf9cbJN2m66YceXTE2tQAA D9I90byfsTjSJr9KogSf6r/r3Sn0VzBKzmd+5c1IWcbxZ9XJgP5+YDs4j5gcAfkA IP9/hqqGGNUIGa8EHjgdWuBd735bCISGiNJ4xHdGGmFxtYiQnKVFF96QY7sgDCl7 FT9nrRhFhfzZENfF09W+kdGp/3/SxUAbsNbyqFW0pQoYAmK9xeOKFzF769tQdb8h pa17SPLuC7kzNvI1Eem/z0Yq351duFJ6tZlQ5tjXgXsYhwBMohW8SsXEDhExyJDk 2T6ZyKdg2jx+o3Kut6xoqtQbn+H8g4DAzge9KYIwFAUP0rw4rvTlX6wW8FiUvBsn -----END CERTIFICATE-----Generated at Wed May 1 15:36:36 2024 by rpki-client on console-ams.rpki-client.org