$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1df0543c-4352-44e4-aa97-4a21236b6215.roa File: 1df0543c-4352-44e4-aa97-4a21236b6215.roa (raw, json) Hash identifier: RQdrljtBecf9nXEK6eg489arnHw7gHzrKrEFx68CF8c= Subject key identifier: 98:53:01:B7:53:1D:45:74:CB:C6:13:C9:2C:33:44:97:95:4B:AB:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36BB46F1322D58FD86ECCCF378E761FB54FF21D9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1df0543c-4352-44e4-aa97-4a21236b6215.roa Signing time: Fri 04 Oct 2024 00:00:00 +0000 ROA not before: Fri 04 Oct 2024 00:00:00 +0000 ROA not after: Fri 08 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:bb:46:f1:32:2d:58:fd:86:ec:cc:f3:78:e7:61:fb:54:ff:21:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 4 00:00:00 2024 GMT Not After : Nov 8 23:59:59 2024 GMT Subject: serialNumber=9b2e5c552cc9607c78887cd360acffa433cca88cee5cf4441bec938bf7bcbbd0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:67:52:27:04:d2:6a:c4:0d:a9:ca:e3:76:f3: 06:d4:e4:ef:d4:46:27:f9:b3:f6:a4:c8:51:27:c4: 3e:4c:22:27:8c:02:84:e8:7f:89:2f:7c:04:48:bb: 24:70:c0:9f:6a:31:da:79:07:15:88:7a:ff:44:77: 0d:ab:9b:13:f1:a6:e1:29:bb:cd:5b:58:68:36:63: 00:4b:7a:16:55:7a:d5:97:4d:59:62:a3:62:3a:20: f8:02:c1:82:38:30:3f:c8:3a:e7:6c:d6:08:ef:bc: 91:76:45:7d:67:98:f9:f3:0d:5f:55:bd:e6:1c:59: f6:f1:24:37:89:f7:ee:85:2f:0a:a9:28:87:56:2f: 80:55:d1:7b:6f:e9:d5:3d:8f:03:eb:34:51:e2:c9: 95:cb:68:af:40:5e:52:19:ef:66:2e:fb:57:1c:6b: 27:30:f3:f8:3b:70:e6:b7:b7:37:33:3b:60:29:37: f5:d5:7c:2f:68:3a:06:11:e6:b7:9b:b7:28:c0:3e: 2e:6a:98:41:f1:a1:eb:ab:37:3a:ca:ad:57:72:d8: b8:9f:e2:71:db:97:92:8e:49:f8:2d:85:62:7b:3e: 7d:16:f4:ad:36:ac:74:c3:c2:62:cf:60:b4:14:06: 9d:64:bf:ea:0f:9a:c9:64:14:41:65:7b:c1:1a:0b: 82:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:53:01:B7:53:1D:45:74:CB:C6:13:C9:2C:33:44:97:95:4B:AB:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1df0543c-4352-44e4-aa97-4a21236b6215.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:8000::/40 Signature Algorithm: sha256WithRSAEncryption 23:75:99:e7:56:ee:91:3b:1b:bb:39:af:e1:92:86:63:9b:7c: 61:8e:15:71:6b:e9:49:89:a6:f3:c6:37:85:a5:e3:8f:f4:62: ae:d5:d9:8f:9f:83:89:d9:05:38:ae:ea:f6:2d:60:24:dd:0f: 89:fd:ec:fe:f0:18:d5:80:32:e9:40:99:00:ac:b9:ad:27:d6: 0e:42:8e:e6:23:69:47:e3:58:31:c6:d8:a9:18:04:a4:37:dc: e6:d9:09:9f:e2:44:fd:8b:44:4f:f9:bc:21:6b:d0:6e:62:10: c8:5a:96:2c:3a:d1:0c:90:18:d0:8f:1f:c5:a6:88:73:9b:65: 3c:cd:08:09:1a:76:ef:d3:3d:69:74:9f:2f:00:84:21:0f:49: 48:ad:29:2d:24:ac:f6:73:0b:92:4b:3b:ad:21:fc:6b:e3:b6: f7:48:8e:8c:eb:36:ae:12:b9:81:e5:41:ae:4c:ae:32:f7:52: 46:f8:17:ed:ee:7b:4d:3b:b4:0c:da:42:1a:d8:28:d8:5f:8a: 2a:c1:e1:08:90:16:ce:53:31:10:47:72:4c:c9:f1:81:6e:91: a8:15:1e:79:af:c1:cf:a3:48:33:c4:43:51:b5:08:d4:f1:fd: d4:14:97:47:68:b9:41:89:86:fd:cf:75:5f:e7:86:9f:94:43: c4:03:6e:17 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNrtG8TItWP2G7MzzeOdh+1T/IdkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwNDAwMDAwMFoX DTI0MTEwODIzNTk1OVowejFJMEcGA1UEBRNAOWIyZTVjNTUyY2M5NjA3Yzc4ODg3 Y2QzNjBhY2ZmYTQzM2NjYTg4Y2VlNWNmNDQ0MWJlYzkzOGJmN2JjYmJkMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWdSJwTSasQNqcrjdvMG1OTv1EYn +bP2pMhRJ8Q+TCInjAKE6H+JL3wESLskcMCfajHaeQcViHr/RHcNq5sT8abhKbvN W1hoNmMAS3oWVXrVl01ZYqNiOiD4AsGCODA/yDrnbNYI77yRdkV9Z5j58w1fVb3m HFn28SQ3iffuhS8KqSiHVi+AVdF7b+nVPY8D6zRR4smVy2ivQF5SGe9mLvtXHGsn MPP4O3Dmt7c3MztgKTf11XwvaDoGEea3m7cowD4uaphB8aHrqzc6yq1Xcti4n+Jx 25eSjkn4LYViez59FvStNqx0w8Jiz2C0FAadZL/qD5rJZBRBZXvBGguCNwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJhTAbdTHUV0y8YTySwzRJeVS6v3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFkZjA1NDNjLTQzNTItNDRlNC1hYTk3LTRhMjEyMzZiNjIxNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYIAwDQYJKoZIhvcNAQELBQADggEBACN1medW7pE7G7s5r+GS hmObfGGOFXFr6UmJpvPGN4Wl44/0Yq7V2Y+fg4nZBTiu6vYtYCTdD4n97P7wGNWA MulAmQCsua0n1g5CjuYjaUfjWDHG2KkYBKQ33ObZCZ/iRP2LRE/5vCFr0G5iEMha liw60QyQGNCPH8WmiHObZTzNCAkadu/TPWl0ny8AhCEPSUitKS0krPZzC5JLO60h /GvjtvdIjozrNq4SuYHlQa5MrjL3Ukb4F+3ue007tAzaQhrYKNhfiirB4QiQFs5T MRBHckzJ8YFukagVHnmvwc+jSDPEQ1G1CNTx/dQUl0douUGJhv3PdV/nhp+UQ8QD bhc= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:32 2024 by rpki-client on console-fra.rpki-client.org