$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: JkiqsbiaWXIWor5LfSZG+xaFoN+wR397fOAUX0r8LxQ= Subject key identifier: FF:6D:8D:F3:59:D3:B9:24:D5:42:D6:FE:E2:93:08:7E:A3:D5:55:9C Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 461CA819F70CAD1B3CF20A9C253E4D1177EF3630 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:1c:a8:19:f7:0c:ad:1b:3c:f2:0a:9c:25:3e:4d:11:77:ef:36:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=989b3b35e7ca32b5e5c5fae872318f14e8e5a361a07d6270f1435e6f3aed080b, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:89:d2:fd:ee:71:90:d1:60:91:66:c1:ac:2c: 40:e1:f4:fe:40:14:67:1b:a7:03:8c:a3:85:d2:92: fe:b0:99:22:4b:e4:3b:bf:8c:20:ac:34:70:6b:32: 54:d6:95:cc:a6:3a:45:1a:84:a0:f7:7a:c4:1c:70: 5e:7d:db:37:e6:57:77:be:e4:6f:06:e3:3b:af:cb: 38:61:e6:0a:79:84:b0:d6:24:3e:b8:a7:7c:fb:8f: c2:c3:b2:25:5f:d8:4f:e8:02:06:ff:ce:4b:7f:6e: 82:df:68:6c:c9:69:a1:70:a8:c8:2f:74:6c:4e:d8: 58:7c:6a:7d:1f:49:4a:5d:7b:e1:e8:51:31:1e:d8: 0d:b1:ea:e8:3d:26:fb:ee:02:16:05:7d:4e:d8:6d: 51:b7:31:ca:66:e9:22:e6:64:92:c0:db:72:cf:73: a3:c4:76:fe:2a:01:a6:90:53:f0:18:ff:2b:54:19: f2:37:04:32:6f:0b:18:8d:bb:0a:58:d7:61:12:ed: 70:4b:1c:e5:a0:4c:b9:a3:9a:0e:49:8f:dd:7a:05: db:26:d3:03:b4:92:ed:d3:b9:14:e2:85:b7:d2:50: c8:6d:be:37:1d:be:a5:0a:d4:a6:a4:d6:90:48:a1: 35:85:b4:5e:32:6a:6a:8a:90:fd:e8:0b:86:9b:80: 74:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:6D:8D:F3:59:D3:B9:24:D5:42:D6:FE:E2:93:08:7E:A3:D5:55:9C X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption a3:eb:fa:ca:99:e4:83:51:c4:84:ad:cf:0e:dd:b8:65:3a:bc: 75:03:44:e3:7e:7f:6e:b9:08:a3:74:26:5d:de:8a:ba:7c:a7: f5:eb:11:b4:75:c7:4e:0c:e3:27:95:43:aa:6d:82:6d:9a:ea: 63:3e:49:55:67:43:78:56:88:6b:c0:7c:cc:fa:48:03:9d:6b: 30:7a:85:fb:df:a6:46:23:9e:ae:9e:e8:ab:86:84:be:01:0e: e0:e2:0f:0e:66:7b:54:ef:e5:67:04:cc:f9:70:ae:26:86:91: 58:9b:56:ef:f8:21:3c:a8:09:73:80:30:27:7a:8b:bb:40:27: b6:da:9d:c2:e8:8b:b5:30:f2:7b:19:69:29:3e:ab:0f:7e:8f: 84:b1:40:11:b0:ae:97:ad:ae:c1:ea:01:e0:31:e6:26:49:46: 3a:6a:93:ef:0b:f0:e5:c9:d0:f5:ed:de:11:72:07:e8:b4:96: 99:ac:cc:ff:ec:8e:94:8b:71:5e:ee:f2:7d:6d:e7:dc:d2:69: 29:19:33:78:86:54:36:ac:8a:1f:56:06:41:20:55:66:27:28: 06:89:48:ea:c7:7c:b4:7a:ac:70:fe:42:c4:54:56:dd:ca:a8: 45:3c:63:6c:92:bc:0d:e4:4b:a9:6d:f5:7e:c9:88:08:da:4b: e1:f2:18:f5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURhyoGfcMrRs88gqcJT5NEXfvNjAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MDQxNzAwMDAwMFoX DTI0MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAOTg5YjNiMzVlN2NhMzJiNWU1YzVm YWU4NzIzMThmMTRlOGU1YTM2MWEwN2Q2MjcwZjE0MzVlNmYzYWVkMDgwYjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24nS/e5xkNFgkWbBrCxA4fT+QBRn G6cDjKOF0pL+sJkiS+Q7v4wgrDRwazJU1pXMpjpFGoSg93rEHHBefds35ld3vuRv BuM7r8s4YeYKeYSw1iQ+uKd8+4/Cw7IlX9hP6AIG/85Lf26C32hsyWmhcKjIL3Rs TthYfGp9H0lKXXvh6FExHtgNseroPSb77gIWBX1O2G1RtzHKZuki5mSSwNtyz3Oj xHb+KgGmkFPwGP8rVBnyNwQybwsYjbsKWNdhEu1wSxzloEy5o5oOSY/degXbJtMD tJLt07kU4oW30lDIbb43Hb6lCtSmpNaQSKE1hbReMmpqipD96AuGm4B0zQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP9tjfNZ07kk1ULW/uKTCH6j1VWcMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQCj6/rKmeSDUcSErc8O 3bhlOrx1A0Tjfn9uuQijdCZd3oq6fKf16xG0dcdODOMnlUOqbYJtmupjPklVZ0N4 VohrwHzM+kgDnWsweoX736ZGI56unuirhoS+AQ7g4g8OZntU7+VnBMz5cK4mhpFY m1bv+CE8qAlzgDAneou7QCe22p3C6Iu1MPJ7GWkpPqsPfo+EsUARsK6Xra7B6gHg MeYmSUY6apPvC/DlydD17d4RcgfotJaZrMz/7I6Ui3Fe7vJ9befc0mkpGTN4hlQ2 rIofVgZBIFVmJygGiUjqx3y0eqxw/kLEVFbdyqhFPGNskrwN5EupbfV+yYgI2kvh 8hj1 -----END CERTIFICATE-----Generated at Fri Apr 19 00:52:17 2024 by rpki-client on console-ams.rpki-client.org