$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fc41a047-335b-4f07-bd4d-51cf61bfc33f.roa File: fc41a047-335b-4f07-bd4d-51cf61bfc33f.roa (raw, json) Hash identifier: 6enAUmV9nGd6gkUyeqCaIxYypwr9KSLbOwrkdjfTFmw= Subject key identifier: 50:AA:48:32:70:00:17:E1:46:E3:E8:FD:13:75:73:8D:19:AF:3B:9E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7883F7FB37BB778DF1AB76CC0A260AF8605A69F3 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fc41a047-335b-4f07-bd4d-51cf61bfc33f.roa Signing time: Sat 30 Sep 2023 00:00:00 +0000 ROA not before: Sat 30 Sep 2023 00:00:00 +0000 ROA not after: Sat 04 Nov 2023 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000::/24 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Oct 2023 12:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:83:f7:fb:37:bb:77:8d:f1:ab:76:cc:0a:26:0a:f8:60:5a:69:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 30 00:00:00 2023 GMT Not After : Nov 4 23:59:59 2023 GMT Subject: serialNumber=e4346eac04c99579b19001f22c8af6bc94ae61696efeb9f3f598022ab5bc203c, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:63:67:8b:67:59:87:2a:26:ff:86:d6:df:59: 2c:d7:cd:22:3c:15:d9:69:ad:30:64:81:1c:03:e9: d3:c6:47:10:a2:a3:2c:b5:89:d1:1f:77:ed:de:e7: ff:79:e2:26:84:e0:32:9e:3b:b4:0c:ec:b7:20:ac: d7:94:27:2f:ca:f4:23:9b:ce:b9:0d:ca:a7:3d:49: 8b:ed:d8:52:f9:04:a1:36:e7:5a:90:32:64:f7:66: 68:c2:9f:6b:75:d0:04:ad:f9:dd:f5:bc:6f:cc:cb: 9f:9b:48:01:81:7c:ed:eb:e8:31:6e:11:84:2a:5c: ac:6d:dc:c0:ac:19:4d:a4:9f:08:e1:76:32:d7:1b: d3:13:d3:d7:89:8f:c7:d8:ae:43:33:28:48:bd:cd: 56:af:ca:58:72:e2:96:75:67:46:86:44:14:05:67: ef:17:24:2f:04:51:1a:11:0f:7b:57:3d:fa:79:6a: 29:c9:28:b2:35:19:27:05:53:0c:9c:ff:e4:c9:ca: 43:3e:4a:c0:b8:30:9c:b9:79:61:30:9e:4b:7f:6f: 48:a7:74:f6:33:c5:4b:ff:85:9c:28:05:24:18:76: 68:97:c3:50:f6:99:ed:7a:ae:60:64:72:4e:d8:ac: 01:64:e4:01:b0:88:a7:c7:d8:59:3c:bc:46:13:bc: cb:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:AA:48:32:70:00:17:E1:46:E3:E8:FD:13:75:73:8D:19:AF:3B:9E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fc41a047-335b-4f07-bd4d-51cf61bfc33f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000::/24 Signature Algorithm: sha256WithRSAEncryption 5e:8c:f0:a1:1f:e8:db:aa:b3:ac:c7:2b:ee:8c:88:1b:ed:04: 70:0e:71:22:f2:0f:ae:0b:81:dc:d6:2c:01:6a:f2:58:45:97: 56:c5:55:2b:eb:51:58:67:29:d2:70:1c:ff:41:44:e0:a8:62: db:6e:5b:e1:b7:ae:3c:11:1c:f5:1c:2b:0a:24:43:2e:77:11: 6e:83:d9:75:89:1b:ac:3e:0a:cc:a7:2a:83:59:78:1a:e2:2b: 67:02:58:65:0b:c1:a4:0e:5c:22:3c:24:90:73:0a:a1:11:d4: fd:2a:9c:03:89:e3:b9:f9:bd:55:54:d7:d7:2f:ec:63:36:51: 6d:58:88:c8:cc:ad:6e:68:85:67:0c:1a:92:48:8a:85:99:d6: d8:5a:4f:9a:fc:0b:13:67:e8:9b:8d:05:52:12:fd:12:15:b4: 28:86:86:0f:45:4d:6b:eb:2a:76:81:52:b4:9a:4b:a9:5b:5f: 0c:72:c6:28:c3:b4:a0:61:d4:c2:05:64:0d:56:f7:6f:df:23: f3:d4:10:3e:9b:eb:76:f5:8f:f0:11:b0:4f:b1:79:a0:d7:9e: 0d:2d:28:81:e3:6d:53:52:07:47:73:3b:12:e6:0e:49:23:e8: fe:18:08:b5:e3:2d:0f:3f:fb:eb:fb:a8:59:38:58:ca:0d:8e: 33:c1:44:5d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUeIP3+ze7d43xq3bMCiYK+GBaafMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkzMDAwMDAwMFoX DTIzMTEwNDIzNTk1OVowejFJMEcGA1UEBRNAZTQzNDZlYWMwNGM5OTU3OWIxOTAw MWYyMmM4YWY2YmM5NGFlNjE2OTZlZmViOWYzZjU5ODAyMmFiNWJjMjAzYzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2Nni2dZhyom/4bW31ks180iPBXZ aa0wZIEcA+nTxkcQoqMstYnRH3ft3uf/eeImhOAynju0DOy3IKzXlCcvyvQjm865 DcqnPUmL7dhS+QShNudakDJk92Zowp9rddAErfnd9bxvzMufm0gBgXzt6+gxbhGE KlysbdzArBlNpJ8I4XYy1xvTE9PXiY/H2K5DMyhIvc1Wr8pYcuKWdWdGhkQUBWfv FyQvBFEaEQ97Vz36eWopySiyNRknBVMMnP/kycpDPkrAuDCcuXlhMJ5Lf29Ip3T2 M8VL/4WcKAUkGHZol8NQ9pnteq5gZHJO2KwBZOQBsIinx9hZPLxGE7zLkQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFCqSDJwABfhRuPo/RN1c40ZrzueMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2ZjNDFhMDQ3LTMzNWItNGYwNy1iZDRkLTUxY2Y2MWJmYzMzZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAAjAGAwQAJA+AMA0GCSqGSIb3DQEBCwUAA4IBAQBejPChH+jbqrOsxyvujIgb 7QRwDnEi8g+uC4Hc1iwBavJYRZdWxVUr61FYZynScBz/QUTgqGLbblvht648ERz1 HCsKJEMudxFug9l1iRusPgrMpyqDWXga4itnAlhlC8GkDlwiPCSQcwqhEdT9KpwD ieO5+b1VVNfXL+xjNlFtWIjIzK1uaIVnDBqSSIqFmdbYWk+a/AsTZ+ibjQVSEv0S FbQohoYPRU1r6yp2gVK0mkupW18McsYow7SgYdTCBWQNVvdv3yPz1BA+m+t29Y/w EbBPsXmg154NLSiB421TUgdHczsS5g5JI+j+GAi14y0PP/vr+6hZOFjKDY4zwURd -----END CERTIFICATE-----Generated at Sat Sep 30 00:43:03 2023 by rpki-client on console-ams.rpki-client.org