$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26852de8-0947-45cf-8a8d-dd2044b222d0.roa File: 26852de8-0947-45cf-8a8d-dd2044b222d0.roa (raw, json) Hash identifier: 5xpE6TK1PYiVN/r3WgFPIl4gh5a323NGf5asP+tVyJg= Subject key identifier: 03:A3:BA:46:FC:FD:7A:97:E1:41:35:B1:EF:FF:6E:3C:1F:47:1D:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 59A399372EEAE47FDA16335A78D971BB1DCBFE35 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26852de8-0947-45cf-8a8d-dd2044b222d0.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf0:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:a3:99:37:2e:ea:e4:7f:da:16:33:5a:78:d9:71:bb:1d:cb:fe:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=dc8e80d44ff54bb4edfbbb881d15842e7befc6728ae5a3e67b538bf2ba4e64fb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:6d:f4:42:4f:13:13:8a:0d:d8:a6:76:a3:8d: c5:d5:72:8b:9f:67:76:6d:0d:16:22:d5:67:d2:9c: 7b:97:50:c3:14:55:8f:97:ff:33:fd:56:e8:27:d8: 61:c3:94:53:19:6f:6c:4a:f2:77:86:9d:80:9c:53: bc:d3:6c:58:c0:9b:0a:ad:c2:29:be:80:e5:37:3e: b3:02:6d:5e:67:21:d2:3e:77:7f:3d:54:28:81:ca: 3a:46:a1:ee:35:dc:71:46:95:9b:36:3c:fb:3e:73: 8a:a0:69:2f:d0:6e:b8:36:9e:82:f9:04:de:9c:6a: c7:7e:48:13:f5:b9:4f:c0:c1:22:5b:f0:c4:c9:ef: 31:f9:df:1b:b3:a9:78:c2:8d:55:0b:23:88:d7:fc: d9:06:09:84:75:d6:e2:54:af:ab:56:a3:ef:a8:65: fc:d0:5e:20:7a:0e:08:a7:7d:09:1e:cb:c1:25:6d: 86:81:e0:dc:2c:93:2e:d0:30:c4:ea:5c:f3:40:3e: 8b:b7:38:87:ca:ae:04:5b:a4:98:17:02:cc:f1:b5: bc:a2:ee:3e:71:eb:32:d3:13:6c:c5:2d:6e:4b:96: 18:22:17:71:10:aa:c5:aa:eb:08:ef:54:8c:b0:36: ea:74:3e:ea:74:4f:3d:0e:f5:d3:95:75:1b:9f:3a: f2:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:A3:BA:46:FC:FD:7A:97:E1:41:35:B1:EF:FF:6E:3C:1F:47:1D:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26852de8-0947-45cf-8a8d-dd2044b222d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf0:b000::/40 Signature Algorithm: sha256WithRSAEncryption 95:b5:07:a2:c7:bf:f3:00:81:0c:67:54:55:21:b3:2b:8d:f9: 3b:e8:3e:42:92:8f:8b:3b:13:eb:7f:f4:b7:cf:67:83:1e:7c: 8e:9f:ff:07:d4:a8:ed:72:2c:c7:7e:fd:00:78:cd:f4:c4:0a: b5:70:96:9c:90:ff:b9:50:ab:81:8b:9b:ed:93:22:0c:7d:70: 4d:41:85:02:03:0e:50:f7:e3:5c:a2:d3:13:cc:90:51:55:54: e6:0a:c0:87:09:a2:99:ef:28:40:31:6e:f2:96:fb:e1:ab:44: 4d:eb:e6:48:78:80:3c:50:28:eb:3d:14:e2:75:14:47:07:a6: a3:95:17:fe:23:8d:9a:c3:90:b2:db:4a:c1:8e:50:5e:f2:a0: 9e:df:18:fd:5a:4e:64:3d:c2:3d:fe:27:86:99:d5:65:fc:e3: 45:2e:dc:7a:f1:3d:dd:92:df:57:31:49:17:b7:20:18:09:b0: e9:0d:4d:8d:f0:89:59:26:41:07:b2:71:77:82:9a:82:29:59: a1:49:28:8a:d7:9c:d0:00:2f:b8:4e:85:8d:88:6a:a7:ce:56: a1:db:ee:b2:2e:66:a3:fd:de:8e:b3:48:2a:28:c9:be:10:d8: 7c:c8:25:b7:ce:4d:5a:93:19:15:05:54:56:48:55:d6:e1:07: 8c:1d:b1:70 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWaOZNy7q5H/aFjNaeNlxux3L/jUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNAZGM4ZTgwZDQ0ZmY1NGJiNGVkZmJi Yjg4MWQxNTg0MmU3YmVmYzY3MjhhZTVhM2U2N2I1MzhiZjJiYTRlNjRmYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm230Qk8TE4oN2KZ2o43F1XKLn2d2 bQ0WItVn0px7l1DDFFWPl/8z/VboJ9hhw5RTGW9sSvJ3hp2AnFO802xYwJsKrcIp voDlNz6zAm1eZyHSPnd/PVQogco6RqHuNdxxRpWbNjz7PnOKoGkv0G64Np6C+QTe nGrHfkgT9blPwMEiW/DEye8x+d8bs6l4wo1VCyOI1/zZBgmEddbiVK+rVqPvqGX8 0F4geg4Ip30JHsvBJW2GgeDcLJMu0DDE6lzzQD6LtziHyq4EW6SYFwLM8bW8ou4+ cesy0xNsxS1uS5YYIhdxEKrFqusI71SMsDbqdD7qdE89DvXTlXUbnzry/wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAOjukb8/XqX4UE1se//bjwfRx3IMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI2ODUyZGU4LTA5NDctNDVjZi04YThkLWRkMjA0NGIyMjJkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8LAwDQYJKoZIhvcNAQELBQADggEBAJW1B6LHv/MAgQxnVFUh syuN+TvoPkKSj4s7E+t/9LfPZ4MefI6f/wfUqO1yLMd+/QB4zfTECrVwlpyQ/7lQ q4GLm+2TIgx9cE1BhQIDDlD341yi0xPMkFFVVOYKwIcJopnvKEAxbvKW++GrRE3r 5kh4gDxQKOs9FOJ1FEcHpqOVF/4jjZrDkLLbSsGOUF7yoJ7fGP1aTmQ9wj3+J4aZ 1WX840Uu3HrxPd2S31cxSRe3IBgJsOkNTY3wiVkmQQeycXeCmoIpWaFJKIrXnNAA L7hOhY2IaqfOVqHb7rIuZqP93o6zSCooyb4Q2HzIJbfOTVqTGRUFVFZIVdbhB4wd sXA= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:23 2024 by rpki-client on console-ams.rpki-client.org