$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/54b92ba8-ed43-4a2c-99b4-5c5cf8c9408a.roa File: 54b92ba8-ed43-4a2c-99b4-5c5cf8c9408a.roa (raw, json) Hash identifier: VMAVcjKQVkSVVsX/pKfWP8SJ/JK253zMbJkkrU4iDZ0= Subject key identifier: 0C:68:29:18:B1:8B:CC:2F:F3:EC:3B:04:78:12:44:35:74:9A:70:34 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 033D1717ED532A64F116DE439EE11F294A75FBDA Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/54b92ba8-ed43-4a2c-99b4-5c5cf8c9408a.roa Signing time: Fri 29 Sep 2023 00:00:00 +0000 ROA not before: Fri 29 Sep 2023 00:00:00 +0000 ROA not after: Fri 03 Nov 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Sep 2023 12:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:3d:17:17:ed:53:2a:64:f1:16:de:43:9e:e1:1f:29:4a:75:fb:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Sep 29 00:00:00 2023 GMT Not After : Nov 3 23:59:59 2023 GMT Subject: serialNumber=87ad87343e961cd4ce842dcd2cc46aea347d2dee71a8d9a1002e3f8d1126970a, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:25:ae:a9:ce:52:45:f5:54:7e:79:a0:f7:c2: d1:82:11:db:bf:80:0a:a6:7d:aa:60:6c:46:a6:62: a8:51:82:5a:91:80:a0:fe:66:02:e8:5f:c6:cc:b6: 64:08:57:68:96:09:6b:89:8c:f5:9f:6b:bf:9f:ce: 54:97:13:db:8b:05:be:59:d1:34:82:9d:4f:cb:8e: 3f:4a:1e:64:ee:b6:0e:4f:7d:80:c0:65:a1:5d:09: f4:af:91:5e:83:36:6d:ec:a6:56:c8:0a:ea:8b:10: eb:94:20:0e:b4:49:84:f8:93:fa:49:71:56:f2:46: bc:34:f2:ca:9a:5d:d4:7f:60:a2:5e:60:d8:1d:d6: c3:df:24:68:22:1e:c0:5d:3d:32:55:69:50:01:d3: da:d4:39:a4:87:20:e4:59:54:8b:6f:2e:f8:ec:ca: 43:6f:a4:2e:56:2b:1c:57:90:df:9d:6a:8d:35:aa: 0f:96:d9:4a:67:e0:08:77:1e:4d:81:9f:ab:e2:7e: a4:9c:04:4f:cf:a1:ce:0b:26:14:f4:07:c0:64:0d: 73:90:11:f2:3d:68:00:d0:bd:4e:03:b7:b9:03:45: 5e:04:d5:58:5a:e1:18:61:ad:06:e0:d5:80:98:09: ef:ca:38:08:38:f5:f5:39:08:1a:da:69:6a:74:2d: 84:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:68:29:18:B1:8B:CC:2F:F3:EC:3B:04:78:12:44:35:74:9A:70:34 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/54b92ba8-ed43-4a2c-99b4-5c5cf8c9408a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 6a:88:3e:3e:86:cc:00:f4:8f:e3:c2:79:9b:88:da:d4:c1:8a: 6d:32:f7:3a:96:81:5c:f9:4b:d2:d6:f0:96:32:b4:27:8f:2c: 7d:7d:6b:33:fa:01:af:7f:9e:e4:5e:01:ee:7b:5d:40:a8:11: 9e:26:b2:05:de:47:1a:48:b9:7f:cb:35:b2:cc:63:a0:f1:a6: 03:88:e1:df:63:de:38:41:6a:ba:11:b8:ef:c2:54:8f:e0:43: a1:fd:23:3c:2b:97:7c:23:a4:b0:c0:41:13:f9:83:09:ec:bf: a2:f6:e6:fc:c6:52:d6:50:7d:97:88:7f:42:8d:5c:0a:4b:e9: ec:39:ea:c7:64:6f:93:bb:f8:00:07:3d:a4:ee:50:68:bb:c5: ba:31:66:73:09:88:46:5e:74:84:d1:83:ec:ac:af:7d:72:0d: 19:d0:28:2e:18:fc:b7:94:e7:ef:fa:93:01:70:80:72:cf:53: 69:f0:e7:46:25:41:ab:4d:33:5b:41:f7:40:4f:ff:5b:ec:cf: 9f:7f:3b:c1:97:7c:b2:3d:0d:92:48:56:bf:cc:e9:ad:42:69: f4:62:e7:15:7a:75:be:7f:aa:51:79:9b:48:26:8a:c2:94:e5: 8c:49:f2:97:91:30:02:53:d1:c1:92:79:b0:c7:60:a0:3c:1e: 74:2a:a3:b9 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUAz0XF+1TKmTxFt5DnuEfKUp1+9owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTIzMDkyOTAwMDAwMFoX DTIzMTEwMzIzNTk1OVowejFJMEcGA1UEBRNAODdhZDg3MzQzZTk2MWNkNGNlODQy ZGNkMmNjNDZhZWEzNDdkMmRlZTcxYThkOWExMDAyZTNmOGQxMTI2OTcwYTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSWuqc5SRfVUfnmg98LRghHbv4AK pn2qYGxGpmKoUYJakYCg/mYC6F/GzLZkCFdolglriYz1n2u/n85UlxPbiwW+WdE0 gp1Py44/Sh5k7rYOT32AwGWhXQn0r5FegzZt7KZWyArqixDrlCAOtEmE+JP6SXFW 8ka8NPLKml3Uf2CiXmDYHdbD3yRoIh7AXT0yVWlQAdPa1DmkhyDkWVSLby747MpD b6QuViscV5DfnWqNNaoPltlKZ+AIdx5NgZ+r4n6knARPz6HOCyYU9AfAZA1zkBHy PWgA0L1OA7e5A0VeBNVYWuEYYa0G4NWAmAnvyjgIOPX1OQga2mlqdC2EZwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFAxoKRixi8wv8+w7BHgSRDV0mnA0MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzU0YjkyYmE4LWVkNDMtNGEyYy05OWI0LTVjNWNmOGM5NDA4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAaog+PobMAPSP48J5m4ja 1MGKbTL3OpaBXPlL0tbwljK0J48sfX1rM/oBr3+e5F4B7ntdQKgRniayBd5HGki5 f8s1ssxjoPGmA4jh32PeOEFquhG478JUj+BDof0jPCuXfCOksMBBE/mDCey/ovbm /MZS1lB9l4h/Qo1cCkvp7Dnqx2Rvk7v4AAc9pO5QaLvFujFmcwmIRl50hNGD7Kyv fXINGdAoLhj8t5Tn7/qTAXCAcs9TafDnRiVBq00zW0H3QE//W+zPn387wZd8sj0N kkhWv8zprUJp9GLnFXp1vn+qUXmbSCaKwpTljEnyl5EwAlPRwZJ5sMdgoDwedCqj uQ== -----END CERTIFICATE-----Generated at Fri Sep 29 00:42:19 2023 by rpki-client on console-ams.rpki-client.org