$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa File: 13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa (raw, json) Hash identifier: 1AltnEfzLO2ehRv4wXN3g8vyr23uRsGYJtZMcgwG31g= Subject key identifier: EF:43:C8:72:78:2D:C3:C4:99:1D:A0:B3:93:54:22:91:05:EE:F7:1D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3EF36D58405B17727E62EACF0BBB3752D8BBE833 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:f3:6d:58:40:5b:17:72:7e:62:ea:cf:0b:bb:37:52:d8:bb:e8:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=c86d3c3be8d5c26db666f3b6d9f4a8cfeeb7633bc7b7ab40ad937e3a3da8b0bf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:17:1e:28:50:a0:0c:8c:ea:7b:36:80:89:8d: c8:e1:3f:1f:56:eb:90:08:08:58:26:fa:bc:15:10: 2a:d8:3f:10:0d:79:65:ed:b1:60:7a:6f:b7:eb:4c: 9f:1b:76:d3:e1:94:3b:2c:bd:be:f3:b2:4f:16:56: a9:88:e9:66:8e:48:e7:83:e9:10:32:b9:83:b0:9e: 22:cf:6e:95:37:9b:e7:02:31:9d:26:08:d3:b3:fa: 9c:5d:6d:8f:a0:2d:84:6f:6b:b9:ec:c0:d5:60:25: 6e:3c:44:7e:db:02:55:67:92:95:42:f9:9f:a5:f7: 9d:47:a2:6b:56:9d:5d:32:0c:35:89:5f:58:3d:85: 14:fa:85:a9:74:f6:2f:19:9f:21:05:39:33:57:7b: c6:86:ee:c7:79:0e:24:fa:e2:01:e1:92:72:a5:7d: 77:16:a4:79:ce:5c:81:7e:dc:ec:96:16:6d:eb:44: fc:c8:a0:62:2e:45:12:eb:40:0f:3d:59:21:1d:a0: ff:50:43:3b:f2:bd:55:e2:fb:da:32:47:23:10:b2: 4f:7d:1f:11:4c:bf:f6:25:cc:61:a4:fa:b1:ea:97: dd:3c:97:10:1c:e9:6c:aa:ee:76:9f:4b:ef:10:dd: 54:6c:7b:34:40:68:c3:5c:4d:67:5a:a4:47:d7:b9: 56:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:43:C8:72:78:2D:C3:C4:99:1D:A0:B3:93:54:22:91:05:EE:F7:1D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:9000::/40 Signature Algorithm: sha256WithRSAEncryption 5b:ef:be:39:4e:7c:d6:5d:4d:1a:ff:51:15:53:e9:76:b7:51: 4a:45:f2:d0:37:00:02:a1:61:e6:ab:c2:d1:85:d7:13:3e:4a: 5f:e3:f2:54:a4:e2:74:18:02:7a:1b:6b:68:df:a6:5b:99:8c: 6d:26:42:a8:c0:e2:68:69:11:54:af:9d:d6:7b:63:1b:1a:5c: b9:36:20:91:1f:8c:54:7e:9f:31:e2:12:c2:97:9e:89:b6:79: a8:d6:1b:13:b3:ca:b7:b9:1f:8c:fe:e6:88:58:2d:15:0f:36: 3e:65:b3:86:f0:98:88:22:a0:19:8c:27:ec:64:c9:e4:a8:10: 1c:52:0c:93:7b:2c:5d:44:24:22:9a:ef:c3:b0:4e:1b:46:3f: 5e:96:59:d1:08:18:da:83:88:1e:cf:c3:47:f8:ad:90:56:75: 8e:ad:e0:54:ea:d1:01:11:c7:ac:80:54:cf:4f:77:72:7c:9e: df:88:2f:ef:80:e4:ca:43:e5:d1:70:73:d2:56:3a:81:a2:1d: 4c:11:32:6b:0e:9c:19:74:6b:71:0c:dd:b5:dc:14:5a:e1:23: 6f:5c:ba:63:1f:cb:53:bb:7c:85:e0:02:7c:5f:e9:8b:8e:46: ec:06:a3:84:76:52:6a:8d:ed:e1:bb:e7:c8:18:fd:6f:19:76: f6:d5:03:b2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPvNtWEBbF3J+YurPC7s3Uti76DMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAYzg2ZDNjM2JlOGQ1YzI2ZGI2NjZm M2I2ZDlmNGE4Y2ZlZWI3NjMzYmM3YjdhYjQwYWQ5MzdlM2EzZGE4YjBiZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xceKFCgDIzqezaAiY3I4T8fVuuQ CAhYJvq8FRAq2D8QDXll7bFgem+360yfG3bT4ZQ7LL2+87JPFlapiOlmjkjng+kQ MrmDsJ4iz26VN5vnAjGdJgjTs/qcXW2PoC2Eb2u57MDVYCVuPER+2wJVZ5KVQvmf pfedR6JrVp1dMgw1iV9YPYUU+oWpdPYvGZ8hBTkzV3vGhu7HeQ4k+uIB4ZJypX13 FqR5zlyBftzslhZt60T8yKBiLkUS60APPVkhHaD/UEM78r1V4vvaMkcjELJPfR8R TL/2JcxhpPqx6pfdPJcQHOlsqu52n0vvEN1UbHs0QGjDXE1nWqRH17lWaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFO9DyHJ4LcPEmR2gs5NUIpEF7vcdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEzZjVmMDFhLWFiOGYtNDc4OC1iYTkxLTZiYzg2ZGU0NGUxOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/pAwDQYJKoZIhvcNAQELBQADggEBAFvvvjlOfNZdTRr/URVT 6Xa3UUpF8tA3AAKhYearwtGF1xM+Sl/j8lSk4nQYAnoba2jfpluZjG0mQqjA4mhp EVSvndZ7YxsaXLk2IJEfjFR+nzHiEsKXnom2eajWGxOzyre5H4z+5ohYLRUPNj5l s4bwmIgioBmMJ+xkyeSoEBxSDJN7LF1EJCKa78OwThtGP16WWdEIGNqDiB7Pw0f4 rZBWdY6t4FTq0QERx6yAVM9Pd3J8nt+IL++A5MpD5dFwc9JWOoGiHUwRMmsOnBl0 a3EM3bXcFFrhI29cumMfy1O7fIXgAnxf6YuORuwGo4R2UmqN7eG758gY/W8ZdvbV A7I= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:34 2024 by rpki-client on console-fra.rpki-client.org