$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/befec666-436f-4e82-8b41-4bd8d82646ff.roa File: befec666-436f-4e82-8b41-4bd8d82646ff.roa (raw, json) Hash identifier: CF7CQPbe15nxJjd4PsL19NiOOpbiEtpcQPFul06bp6E= Subject key identifier: 73:67:99:61:B2:19:C9:F3:A0:23:1D:0E:F2:D7:D9:FE:6A:FF:5A:C3 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 5A1DEA32B0415AEB5CB7D290165B6A3404ED1591 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/befec666-436f-4e82-8b41-4bd8d82646ff.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 8987 IP address blocks: 2400:6700::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 00:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:1d:ea:32:b0:41:5a:eb:5c:b7:d2:90:16:5b:6a:34:04:ed:15:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=0967e6814f60e140b6fc0198cf5a752e84ce109d0d770d20e0c0ff46c45bff50, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:29:b9:7c:63:9f:aa:27:a1:cf:89:8e:5c:42: 44:41:86:2b:f5:46:60:17:7f:27:3d:29:bc:e3:2e: b4:b0:94:b9:c7:bc:95:8d:56:40:70:f0:c2:00:2c: e0:3c:75:97:7f:c0:84:d1:53:75:80:ef:6f:7e:a3: 24:60:17:9e:87:b6:96:78:c5:c9:94:3a:14:8b:b2: c6:40:27:6a:92:6a:98:12:48:c1:a7:a0:ef:d1:b1: 0e:26:3a:b8:a6:f5:5f:6d:d3:18:23:dc:ab:df:a7: e4:29:3f:c2:dc:16:12:09:ba:96:4e:60:1b:e0:83: 38:9d:65:b0:c1:03:8e:f1:10:a5:5c:a2:da:6a:86: c6:64:23:a9:20:72:12:a5:1f:5d:4c:ab:aa:69:a7: 88:b9:7a:1f:22:62:23:5f:11:64:9b:88:4c:72:03: fc:71:5e:c0:2d:11:3d:6f:d6:a8:3a:b2:0c:e4:a4: fc:37:83:3e:50:81:f4:d7:82:7b:ff:5a:40:bb:5a: e0:b3:bc:f2:e5:33:1d:6a:04:f3:7d:cf:f0:7c:c1: be:48:8f:39:c5:60:6e:30:7c:c2:2d:b0:ac:7e:08: 15:1d:dd:ea:de:7a:1f:71:4f:77:49:68:4a:17:81: d4:dd:ab:06:c6:16:25:dc:f0:d1:d1:be:ff:b0:54: 7b:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:67:99:61:B2:19:C9:F3:A0:23:1D:0E:F2:D7:D9:FE:6A:FF:5A:C3 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/befec666-436f-4e82-8b41-4bd8d82646ff.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 6f:4f:a4:a6:19:2d:53:55:f9:18:a1:02:47:4e:bf:d8:0a:1a: 1a:f8:67:18:52:7a:60:ab:b8:49:ef:d4:31:38:7a:a9:05:02: 9b:79:9c:d3:e2:57:fe:95:fb:8d:46:bc:bd:fe:80:39:af:f6: fd:37:ac:29:f6:48:48:d2:e2:36:43:96:08:03:96:3e:f7:8e: 36:55:3c:19:2f:bd:ac:a7:51:b4:7f:8f:d7:d6:12:21:1b:ae: 84:a4:f5:6e:14:e4:b0:9b:b9:7e:4e:29:c6:bf:e1:9a:fc:e1: 7b:60:5c:73:b5:79:90:7f:33:9e:e0:f9:a9:b0:c1:01:e3:d6: bf:94:ed:f9:af:6c:d6:f6:a6:e4:d4:f2:ca:e8:5e:5e:da:26: 95:3d:ce:39:f7:8a:9a:b6:03:e7:80:b2:00:6f:16:03:db:fa: 76:92:e0:94:e1:92:42:00:c6:4f:bc:9c:0a:07:c2:03:b7:89: 6f:b9:42:03:4e:90:51:5b:e6:93:8f:f4:ee:29:8a:8c:34:5a: e7:63:53:e9:39:cc:06:f3:ff:34:f7:86:93:46:f4:a1:ca:ec: 25:e5:4a:4d:db:d4:16:0d:b6:2e:9a:a5:9e:b8:d1:ba:07:90: 7a:36:b7:f3:74:64:0a:53:7f:03:5f:13:0a:79:15:bd:d6:f2: e1:b2:12:48 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUWh3qMrBBWutct9KQFltqNATtFZEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MDQxNzAwMDAwMFoX DTI0MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAMDk2N2U2ODE0ZjYwZTE0MGI2ZmMw MTk4Y2Y1YTc1MmU4NGNlMTA5ZDBkNzcwZDIwZTBjMGZmNDZjNDViZmY1MDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvym5fGOfqiehz4mOXEJEQYYr9UZg F38nPSm84y60sJS5x7yVjVZAcPDCACzgPHWXf8CE0VN1gO9vfqMkYBeeh7aWeMXJ lDoUi7LGQCdqkmqYEkjBp6Dv0bEOJjq4pvVfbdMYI9yr36fkKT/C3BYSCbqWTmAb 4IM4nWWwwQOO8RClXKLaaobGZCOpIHISpR9dTKuqaaeIuXofImIjXxFkm4hMcgP8 cV7ALRE9b9aoOrIM5KT8N4M+UIH014J7/1pAu1rgs7zy5TMdagTzfc/wfMG+SI85 xWBuMHzCLbCsfggVHd3q3nofcU93SWhKF4HU3asGxhYl3PDR0b7/sFR7PQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFHNnmWGyGcnzoCMdDvLX2f5q/1rDMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2JlZmVjNjY2LTQzNmYtNGU4Mi04YjQxLTRiZDhkODI2NDZmZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAb0+kphktU1X5GKECR06/ 2AoaGvhnGFJ6YKu4Se/UMTh6qQUCm3mc0+JX/pX7jUa8vf6AOa/2/TesKfZISNLi NkOWCAOWPveONlU8GS+9rKdRtH+P19YSIRuuhKT1bhTksJu5fk4pxr/hmvzhe2Bc c7V5kH8znuD5qbDBAePWv5Tt+a9s1vam5NTyyuheXtomlT3OOfeKmrYD54CyAG8W A9v6dpLglOGSQgDGT7ycCgfCA7eJb7lCA06QUVvmk4/07imKjDRa52NT6TnMBvP/ NPeGk0b0ocrsJeVKTdvUFg22LpqlnrjRugeQeja383RkClN/A18TCnkVvdby4bIS SA== -----END CERTIFICATE-----Generated at Thu May 9 00:30:03 2024 by rpki-client on console-ams.rpki-client.org