$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35bca639-71e4-47d0-9dc9-56e49e20a899.roa File: 35bca639-71e4-47d0-9dc9-56e49e20a899.roa (raw, json) Hash identifier: XGjRmNPz9fSOlhrWUgkuRypmfZn5KR8C+dLF9qQipiM= Subject key identifier: FF:C1:44:88:82:14:17:5D:64:CF:5F:1B:89:14:20:EB:F6:83:83:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7AE27742ECC93879DC5B932F532D61C7D5DAF689 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35bca639-71e4-47d0-9dc9-56e49e20a899.roa Signing time: Wed 16 Oct 2024 00:00:00 +0000 ROA not before: Wed 16 Oct 2024 00:00:00 +0000 ROA not after: Wed 20 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:e2:77:42:ec:c9:38:79:dc:5b:93:2f:53:2d:61:c7:d5:da:f6:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 16 00:00:00 2024 GMT Not After : Nov 20 23:59:59 2024 GMT Subject: serialNumber=c62b448bfd8c9b32ca46a104de5ac77c5815713f68e12705a9172ca31fc38ef4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:3c:90:ec:f1:ef:1b:52:0f:aa:b8:85:c4:91: d7:5e:54:c0:73:86:bf:f5:da:50:dd:e6:46:fa:ac: 93:23:57:e0:82:50:f8:10:29:ae:4e:f4:72:a4:15: 6c:bb:92:85:2b:b8:0f:60:57:6a:5e:0e:cd:91:8e: 1c:39:d2:46:65:bd:83:c5:3e:7b:af:5e:58:ce:03: 69:7a:69:67:5e:f8:9d:b5:35:41:e5:de:0f:71:72: 5d:f4:8e:f5:ef:5b:53:a3:e9:5d:ad:58:33:ea:18: 30:d1:57:5b:31:c2:3c:87:c8:21:3d:80:3e:c3:7f: e0:33:33:cd:d0:c5:eb:c4:78:6d:00:8c:47:d6:28: 25:aa:1f:25:c1:67:1c:05:c3:58:44:3f:56:62:02: 05:f5:27:2d:1e:a1:19:57:82:ad:b4:4d:f8:d5:77: 24:69:3b:d0:cc:90:9d:82:9f:95:9b:7f:91:ee:a5: 1f:a0:c3:1b:eb:43:6b:eb:90:0d:b2:17:5e:09:6d: 4c:28:88:51:63:e7:d2:64:51:5f:10:1f:d2:42:d0: 0b:ab:45:57:2b:c7:83:40:c7:3a:21:c2:4e:7c:e3: a1:6e:3d:c9:98:78:ad:f4:e3:5a:a6:ed:c7:07:24: cc:58:31:51:cb:0e:31:14:bd:19:0c:2d:09:74:e6: cc:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:C1:44:88:82:14:17:5D:64:CF:5F:1B:89:14:20:EB:F6:83:83:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35bca639-71e4-47d0-9dc9-56e49e20a899.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:8800::/40 Signature Algorithm: sha256WithRSAEncryption 17:73:c0:7a:fc:fa:f2:a4:3d:56:f0:63:20:28:7b:cd:26:31: 97:39:d2:4f:20:34:3a:21:14:33:cc:4d:b5:bd:01:5b:d3:83: 23:b2:9f:11:a6:6a:32:88:b4:41:73:1c:98:30:e4:16:c8:0b: dc:f5:c5:18:2d:a5:35:57:55:ba:4a:77:62:06:04:3d:f5:3e: 37:a9:97:77:ff:42:56:c8:79:5b:57:63:39:f4:c7:51:eb:02: b4:6c:47:9b:c8:5d:a3:9f:2c:c5:ce:36:af:b6:94:9c:c5:66: 4b:d2:64:b4:50:fd:ce:87:5b:f5:c7:ca:e6:07:79:69:c2:7c: 0b:8b:39:cb:8d:37:ee:f4:c8:b0:69:62:6c:50:67:c6:67:e0: ec:1e:12:66:ee:70:99:07:b6:7d:77:52:c9:03:84:0b:cd:45: bf:d5:41:7f:ec:1a:31:50:48:b5:ca:7e:df:1a:92:9e:b7:59: cc:a4:04:47:09:87:87:55:cd:f0:9f:6e:4f:70:63:ea:01:a8: c5:10:21:fc:be:55:2a:89:77:53:5d:56:1a:8e:29:52:c2:b6: 10:b6:01:62:27:a6:01:04:a7:5f:6b:81:62:eb:08:8d:56:1c: fb:df:50:8f:3f:92:77:42:20:21:99:01:77:37:03:f0:d4:14: 58:54:e1:06 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeuJ3QuzJOHncW5MvUy1hx9Xa9okwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAxNjAwMDAwMFoX DTI0MTEyMDIzNTk1OVowejFJMEcGA1UEBRNAYzYyYjQ0OGJmZDhjOWIzMmNhNDZh MTA0ZGU1YWM3N2M1ODE1NzEzZjY4ZTEyNzA1YTkxNzJjYTMxZmMzOGVmNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDyQ7PHvG1IPqriFxJHXXlTAc4a/ 9dpQ3eZG+qyTI1fgglD4ECmuTvRypBVsu5KFK7gPYFdqXg7NkY4cOdJGZb2DxT57 r15YzgNpemlnXvidtTVB5d4PcXJd9I7171tTo+ldrVgz6hgw0VdbMcI8h8ghPYA+ w3/gMzPN0MXrxHhtAIxH1iglqh8lwWccBcNYRD9WYgIF9SctHqEZV4KttE341Xck aTvQzJCdgp+Vm3+R7qUfoMMb60Nr65ANshdeCW1MKIhRY+fSZFFfEB/SQtALq0VX K8eDQMc6IcJOfOOhbj3JmHit9ONapu3HByTMWDFRyw4xFL0ZDC0JdObMowIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP/BRIiCFBddZM9fG4kUIOv2g4NZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM1YmNhNjM5LTcxZTQtNDdkMC05ZGM5LTU2ZTQ5ZTIwYTg5OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauIgwDQYJKoZIhvcNAQELBQADggEBABdzwHr8+vKkPVbwYyAo e80mMZc50k8gNDohFDPMTbW9AVvTgyOynxGmajKItEFzHJgw5BbIC9z1xRgtpTVX VbpKd2IGBD31Pjepl3f/QlbIeVtXYzn0x1HrArRsR5vIXaOfLMXONq+2lJzFZkvS ZLRQ/c6HW/XHyuYHeWnCfAuLOcuNN+70yLBpYmxQZ8Zn4OweEmbucJkHtn13UskD hAvNRb/VQX/sGjFQSLXKft8akp63WcykBEcJh4dVzfCfbk9wY+oBqMUQIfy+VSqJ d1NdVhqOKVLCthC2AWInpgEEp19rgWLrCI1WHPvfUI8/kndCICGZAXc3A/DUFFhU 4QY= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:24 2024 by rpki-client on console-ams.rpki-client.org