$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0928ea81-291a-4314-85f0-1c171599b137.roa File: 0928ea81-291a-4314-85f0-1c171599b137.roa (raw, json) Hash identifier: DRwJ3XmArwVH3alkM+daOoJbm9llj8L+PEX7PdoQG7w= Subject key identifier: 46:11:27:B7:0D:36:AE:6C:82:A7:42:12:FC:20:5E:B3:70:C4:60:BD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6D92DC3578544DDDFA575D44E2BDD22BF76DAF55 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0928ea81-291a-4314-85f0-1c171599b137.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:92:dc:35:78:54:4d:dd:fa:57:5d:44:e2:bd:d2:2b:f7:6d:af:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=c694db22c336bf30842eeb3a70ee3770e7ad66c6cbddb3be6e16f11995648c42, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:15:45:42:e7:84:a6:55:65:4a:13:a3:06:96: ad:e9:a1:f5:e2:02:1f:3a:62:32:08:a4:ee:79:35: 4c:df:e0:9c:02:dc:a0:9e:6b:69:26:9b:16:51:4c: 0f:ea:89:01:44:ac:5a:38:54:13:a8:29:c0:57:43: 82:7b:d6:2e:45:4b:47:44:9e:0d:2e:94:d8:52:a4: 64:73:42:98:59:84:0d:52:03:22:ec:e5:d2:bb:56: 8e:08:cd:46:5c:aa:72:04:c7:90:c0:99:33:da:93: 72:f3:39:28:5c:b7:b1:0d:46:21:82:c8:14:2f:9b: 8d:1a:f2:92:fa:d6:52:c7:bb:13:7b:cc:bf:4d:a8: 69:80:4a:c0:c2:fb:4f:e7:d9:f8:f4:af:fc:17:23: 7b:b6:2f:9f:ea:56:ec:c1:5c:f0:da:f2:30:79:d4: d5:b3:b0:8c:1c:eb:c1:93:b1:df:54:73:d5:5e:8e: 09:30:90:05:b5:5b:87:36:13:9e:a5:e0:62:15:86: b0:f2:41:c4:61:7c:38:3b:ca:20:a0:e1:8a:d8:9b: ad:f6:5b:19:c2:14:fd:d3:bc:23:06:cc:7a:2c:bf: 08:36:1e:b6:0c:76:fb:06:00:d8:35:5b:cb:81:59: 2a:c9:9e:e2:92:9c:ce:90:d9:e2:43:7d:a7:bb:06: 51:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:11:27:B7:0D:36:AE:6C:82:A7:42:12:FC:20:5E:B3:70:C4:60:BD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0928ea81-291a-4314-85f0-1c171599b137.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4000::/40 Signature Algorithm: sha256WithRSAEncryption c0:16:53:68:6c:d3:32:2a:91:b0:ac:50:68:59:cc:fb:38:81: fd:81:76:eb:b7:12:b5:63:2b:0d:05:90:8d:7b:30:19:bc:0d: 7f:30:00:37:37:40:d0:77:58:8c:23:8d:5d:ef:ed:2e:fd:15: 33:d2:fd:18:13:f8:ee:2a:0c:75:32:09:cc:91:e6:ba:64:3f: ba:da:9a:5f:08:46:91:96:ed:f1:6e:17:74:35:1a:f7:b6:b7: ef:e9:ad:d4:c4:ef:ae:c4:fd:f5:7c:22:dd:71:62:61:8f:8b: 73:51:0d:f4:30:f0:da:26:f6:80:db:19:a1:04:e9:67:db:cf: 16:02:8e:da:b7:b4:b6:20:3b:a8:0b:c7:a6:1c:20:7a:47:1d: 64:b8:dd:fa:2e:a0:24:97:12:78:81:1c:9c:24:60:3d:9f:c3: 32:3e:f8:3b:9f:07:9c:06:05:85:d5:6e:d4:bb:3b:ef:69:e1: 2e:d8:cd:32:6c:66:22:9b:17:95:90:41:42:60:5f:b1:b0:dc: 46:69:a1:86:72:ca:77:9e:78:fd:bd:d3:40:3e:83:23:cd:3a: 13:b4:f2:6c:41:16:97:28:2c:79:9d:48:01:68:10:e9:b5:ab: d9:c5:e0:b7:40:9a:26:14:e5:71:bb:0a:27:fa:06:b2:34:e8: 27:d2:8c:f3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbZLcNXhUTd36V11E4r3SK/dtr1UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAYzY5NGRiMjJjMzM2YmYzMDg0MmVl YjNhNzBlZTM3NzBlN2FkNjZjNmNiZGRiM2JlNmUxNmYxMTk5NTY0OGM0MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxVFQueEplVlShOjBpat6aH14gIf OmIyCKTueTVM3+CcAtygnmtpJpsWUUwP6okBRKxaOFQTqCnAV0OCe9YuRUtHRJ4N LpTYUqRkc0KYWYQNUgMi7OXSu1aOCM1GXKpyBMeQwJkz2pNy8zkoXLexDUYhgsgU L5uNGvKS+tZSx7sTe8y/TahpgErAwvtP59n49K/8FyN7ti+f6lbswVzw2vIwedTV s7CMHOvBk7HfVHPVXo4JMJAFtVuHNhOepeBiFYaw8kHEYXw4O8ogoOGK2Jut9lsZ whT907wjBsx6LL8INh62DHb7BgDYNVvLgVkqyZ7ikpzOkNniQ32nuwZR+QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEYRJ7cNNq5sgqdCEvwgXrNwxGC9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA5MjhlYTgxLTI5MWEtNDMxNC04NWYwLTFjMTcxNTk5YjEzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAEAwDQYJKoZIhvcNAQELBQADggEBAMAWU2hs0zIqkbCsUGhZ zPs4gf2Bduu3ErVjKw0FkI17MBm8DX8wADc3QNB3WIwjjV3v7S79FTPS/RgT+O4q DHUyCcyR5rpkP7raml8IRpGW7fFuF3Q1Gve2t+/prdTE767E/fV8It1xYmGPi3NR DfQw8Nom9oDbGaEE6WfbzxYCjtq3tLYgO6gLx6YcIHpHHWS43fouoCSXEniBHJwk YD2fwzI++DufB5wGBYXVbtS7O+9p4S7YzTJsZiKbF5WQQUJgX7Gw3EZpoYZyynee eP2900A+gyPNOhO08mxBFpcoLHmdSAFoEOm1q9nF4LdAmiYU5XG7Cif6BrI06CfS jPM= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:34 2024 by rpki-client on console-fra.rpki-client.org