$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dbf2a86-54aa-456e-9647-5bcff133ae51.roa File: 0dbf2a86-54aa-456e-9647-5bcff133ae51.roa (raw, json) Hash identifier: DEoW0xOcKscy0jUFSCbl5cSDKtMftF4+Bze+xx3CoXg= Subject key identifier: F7:EA:3F:19:20:CF:EF:A6:0D:3E:F0:E6:D0:E9:41:30:CB:58:4A:73 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56CE703D840F226BA5FA5BFBEC8FFC9532D7FDDB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dbf2a86-54aa-456e-9647-5bcff133ae51.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:ce:70:3d:84:0f:22:6b:a5:fa:5b:fb:ec:8f:fc:95:32:d7:fd:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=130584881b4f388b7d7f4fafb49a6ba65a88a235497e7046feaf0c6b5b3bc458, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:da:33:c6:cd:1b:9f:d2:8b:c5:e4:5e:cc:99: 7e:80:f7:cd:f5:7f:90:56:1f:fe:e4:1b:12:d9:29: bd:84:00:b4:e3:75:29:26:d7:0c:af:a1:02:87:a3: 2e:f7:21:83:79:e3:fb:d7:6f:c8:6c:62:df:87:75: 0b:ff:91:f9:66:c7:27:69:c7:4d:ae:0d:eb:bd:32: f9:1f:38:04:f5:c7:34:56:43:ea:e1:0d:1c:f6:a6: 8b:1b:b1:44:31:7d:8a:4e:63:8a:fc:1c:7f:63:75: 6d:82:e5:4f:59:4d:db:e2:b8:fe:e7:73:75:40:fc: c3:a6:a4:b0:40:ed:54:1f:38:4f:06:e8:3b:86:d3: d3:4b:0b:ac:1e:2d:d0:24:69:c3:bd:78:9e:c4:bb: 06:79:1b:3d:b7:32:78:e3:cc:e7:db:8d:47:7f:bc: 25:e4:17:ee:e2:0d:2c:ae:bc:29:55:82:98:0a:73: e8:37:cf:04:90:f7:cd:cb:09:8f:c6:85:e3:54:af: 70:4c:07:94:b2:4f:e1:95:9b:4d:8d:23:c5:9a:12: 60:f9:8b:e9:a3:7c:7b:37:0f:b6:93:a1:2d:52:99: 4c:f9:07:11:f5:ef:a5:a4:c4:91:fd:a1:2f:c6:e6: 0f:99:93:3c:eb:c8:03:dd:14:b8:32:4f:a0:4d:16: 93:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:EA:3F:19:20:CF:EF:A6:0D:3E:F0:E6:D0:E9:41:30:CB:58:4A:73 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dbf2a86-54aa-456e-9647-5bcff133ae51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:e000::/40 Signature Algorithm: sha256WithRSAEncryption 26:b6:41:a9:d2:e6:ef:58:69:7e:c1:93:c5:96:a8:4e:79:49: 0f:c7:18:3b:a7:8a:70:8d:5b:83:3d:19:10:de:1d:e2:0f:66: 12:f3:2b:e6:9e:db:79:e1:e0:ab:26:06:a9:c8:9c:6c:31:2f: f0:46:45:b3:38:e2:8b:43:05:14:d7:8f:bc:8b:be:a1:d0:e9: d1:44:f7:6f:e5:01:96:23:0f:83:bb:ec:d2:80:94:17:66:62: 4b:a5:91:97:2f:42:14:4d:0c:8a:03:8f:95:2c:52:15:16:0a: 03:1f:72:fd:66:1e:3b:38:85:43:5c:0d:6c:27:7f:5a:af:02: e6:c6:9f:6f:e8:ae:89:23:09:85:ad:ba:5a:c0:28:c5:92:c2: 32:4a:5f:63:9a:84:31:2f:06:1e:5e:ad:82:5d:4d:51:3c:33: 95:cd:22:f8:e1:c5:e3:0b:cc:ac:34:98:28:c6:77:90:a7:8b: 4a:32:2e:4e:43:1c:a9:ad:86:7b:86:0f:63:9d:00:a0:d2:b4: 3b:b3:13:a6:eb:5a:7d:5e:6c:b9:fc:dc:ff:96:98:51:87:46: 46:87:12:95:41:a4:39:96:2b:7e:42:14:8a:c3:bf:31:62:e6: 5c:80:a0:67:ed:79:19:a3:e3:07:b8:30:39:39:fc:e6:c7:22: 83:87:60:4a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVs5wPYQPImul+lv77I/8lTLX/dswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAMTMwNTg0ODgxYjRmMzg4YjdkN2Y0 ZmFmYjQ5YTZiYTY1YTg4YTIzNTQ5N2U3MDQ2ZmVhZjBjNmI1YjNiYzQ1ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdozxs0bn9KLxeRezJl+gPfN9X+Q Vh/+5BsS2Sm9hAC043UpJtcMr6ECh6Mu9yGDeeP712/IbGLfh3UL/5H5ZscnacdN rg3rvTL5HzgE9cc0VkPq4Q0c9qaLG7FEMX2KTmOK/Bx/Y3VtguVPWU3b4rj+53N1 QPzDpqSwQO1UHzhPBug7htPTSwusHi3QJGnDvXiexLsGeRs9tzJ448zn241Hf7wl 5Bfu4g0srrwpVYKYCnPoN88EkPfNywmPxoXjVK9wTAeUsk/hlZtNjSPFmhJg+Yvp o3x7Nw+2k6EtUplM+QcR9e+lpMSR/aEvxuYPmZM868gD3RS4Mk+gTRaTSwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPfqPxkgz++mDT7w5tDpQTDLWEpzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBkYmYyYTg2LTU0YWEtNDU2ZS05NjQ3LTViY2ZmMTMzYWU1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9OAwDQYJKoZIhvcNAQELBQADggEBACa2QanS5u9YaX7Bk8WW qE55SQ/HGDuninCNW4M9GRDeHeIPZhLzK+ae23nh4KsmBqnInGwxL/BGRbM44otD BRTXj7yLvqHQ6dFE92/lAZYjD4O77NKAlBdmYkulkZcvQhRNDIoDj5UsUhUWCgMf cv1mHjs4hUNcDWwnf1qvAubGn2/orokjCYWtulrAKMWSwjJKX2OahDEvBh5erYJd TVE8M5XNIvjhxeMLzKw0mCjGd5Cni0oyLk5DHKmthnuGD2OdAKDStDuzE6brWn1e bLn83P+WmFGHRkaHEpVBpDmWK35CFIrDvzFi5lyAoGfteRmj4we4MDk5/ObHIoOH YEo= -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:37 2024 by rpki-client on console-ams.rpki-client.org