$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0b1ab134-c36e-4ab4-bedf-6f27b7e69a1c.roa File: 0b1ab134-c36e-4ab4-bedf-6f27b7e69a1c.roa (raw, json) Hash identifier: N7yB6HItWpX8a2rn+ja9mByqdHAFkFp6REkv7G4SdrA= Subject key identifier: 36:DB:AF:89:62:88:DB:66:4A:D7:18:A4:C5:9E:A2:8C:9E:F5:8E:E2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 276A7C6E6C2CB8FDB90AE9CE2A152E558C06611C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0b1ab134-c36e-4ab4-bedf-6f27b7e69a1c.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:6a:7c:6e:6c:2c:b8:fd:b9:0a:e9:ce:2a:15:2e:55:8c:06:61:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=683c486f91e249084de6f02b64a15e3917d49f8d0eabb588e48c330c846813ba, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:21:cd:9f:8f:0f:3f:f1:b7:24:a0:47:ee:cb: 7b:e0:f8:98:6e:90:c5:25:63:8d:7e:d4:f6:c0:ac: 11:58:6b:6e:8b:7d:c4:3d:2d:d2:09:50:e3:c0:3d: cd:4a:0b:86:dc:54:c8:21:3d:ee:6f:43:b4:69:96: d1:18:ce:9b:30:2d:66:58:2e:8c:e4:ef:d7:7d:c0: 0a:4b:98:eb:f3:6f:cb:36:c6:1c:3b:1b:5e:24:3d: 5a:b4:b8:20:5a:fc:17:b2:0e:2b:b3:56:e1:a0:33: 03:5a:a9:3e:0a:55:c1:0c:3d:c6:d0:fc:f8:5f:00: 04:fc:29:29:ac:ab:a6:5c:a6:7a:15:bc:8d:09:18: 57:83:55:db:94:7e:a9:07:0c:a1:1b:46:49:1d:ca: e9:3c:05:b3:1d:52:7e:77:43:ce:b6:3f:15:03:48: db:cd:18:bb:49:89:e5:e1:c9:23:d5:87:ff:04:9b: 12:e4:cc:f2:dc:47:a7:93:3a:4e:dc:6e:88:a1:d8: 58:62:a1:36:0c:85:7b:0f:74:f9:36:6f:c8:ab:50: a3:52:42:7f:9f:ca:50:f0:80:55:0e:db:99:49:f8: f2:51:01:eb:9b:b6:ad:91:10:f6:c6:dd:5b:1c:12: 59:c1:46:df:78:df:f9:09:01:a3:20:7e:e6:86:f2: d8:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:DB:AF:89:62:88:DB:66:4A:D7:18:A4:C5:9E:A2:8C:9E:F5:8E:E2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0b1ab134-c36e-4ab4-bedf-6f27b7e69a1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:4000::/40 Signature Algorithm: sha256WithRSAEncryption 85:ad:8d:8f:5b:11:02:38:d1:31:bb:d5:8d:74:c2:be:7e:26: 26:16:28:82:4f:ee:72:cb:67:ef:91:80:e5:9a:f0:a0:59:63: 02:24:ce:34:6a:63:5a:cf:08:02:bb:ba:fd:d9:bb:36:2a:fd: c9:7d:da:e2:c8:77:7d:96:da:1f:51:f3:cc:b8:30:fc:f1:81: 7b:34:e6:a2:57:a4:72:13:cc:df:c4:8b:fd:9c:a7:1b:d2:86: 70:b8:fe:73:94:34:40:ff:a3:2f:e1:b2:32:b7:f7:7a:ed:ce: ef:28:37:b2:15:e0:73:16:f6:a0:6e:1d:e4:5a:59:7f:10:8a: a4:65:a2:24:73:01:52:ee:a1:cf:5a:9b:f7:c2:10:38:ef:3c: 46:36:ae:04:e7:d0:91:e9:f8:d2:00:db:43:c5:ff:54:7d:87: 61:63:d6:1a:3e:cd:31:65:61:80:4c:7b:bc:5e:19:41:6d:85: 2a:cf:d0:20:3e:8c:7d:e1:ce:b1:6a:b6:3c:42:1c:cd:25:42: 26:75:78:7b:9a:f9:b6:f2:23:30:27:ae:45:fc:ed:f8:f0:d2: 5b:08:28:d5:3b:e4:d2:a2:ab:16:ba:8f:cb:98:14:1c:70:51: 52:29:b9:c5:93:5c:3e:b7:bb:4b:6e:97:c2:b0:2b:7b:ca:b4: 55:22:0f:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ2p8bmwsuP25CunOKhUuVYwGYRwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNANjgzYzQ4NmY5MWUyNDkwODRkZTZm MDJiNjRhMTVlMzkxN2Q0OWY4ZDBlYWJiNTg4ZTQ4YzMzMGM4NDY4MTNiYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8SHNn48PP/G3JKBH7st74PiYbpDF JWONftT2wKwRWGtui33EPS3SCVDjwD3NSguG3FTIIT3ub0O0aZbRGM6bMC1mWC6M 5O/XfcAKS5jr82/LNsYcOxteJD1atLggWvwXsg4rs1bhoDMDWqk+ClXBDD3G0Pz4 XwAE/CkprKumXKZ6FbyNCRhXg1XblH6pBwyhG0ZJHcrpPAWzHVJ+d0POtj8VA0jb zRi7SYnl4ckj1Yf/BJsS5Mzy3EenkzpO3G6IodhYYqE2DIV7D3T5Nm/Iq1CjUkJ/ n8pQ8IBVDtuZSfjyUQHrm7atkRD2xt1bHBJZwUbfeN/5CQGjIH7mhvLY6wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDbbr4liiNtmStcYpMWeooye9Y7iMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiMWFiMTM0LWMzNmUtNGFiNC1iZWRmLTZmMjdiN2U2OWExYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNkAwDQYJKoZIhvcNAQELBQADggEBAIWtjY9bEQI40TG71Y10 wr5+JiYWKIJP7nLLZ++RgOWa8KBZYwIkzjRqY1rPCAK7uv3ZuzYq/cl92uLId32W 2h9R88y4MPzxgXs05qJXpHITzN/Ei/2cpxvShnC4/nOUNED/oy/hsjK393rtzu8o N7IV4HMW9qBuHeRaWX8QiqRloiRzAVLuoc9am/fCEDjvPEY2rgTn0JHp+NIA20PF /1R9h2Fj1ho+zTFlYYBMe7xeGUFthSrP0CA+jH3hzrFqtjxCHM0lQiZ1eHua+bby IzAnrkX87fjw0lsIKNU75NKiqxa6j8uYFBxwUVIpucWTXD63u0tul8KwK3vKtFUi D/U= -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:37 2024 by rpki-client on console-ams.rpki-client.org