$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa File: 390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa (raw, json) Hash identifier: 4GA+J6QaVGcesyKofeIthPO0cYMjRcQyhPkWSu60TAU= Subject key identifier: 87:89:1A:9F:62:29:C5:59:4D:B8:65:BD:FD:19:6B:34:D9:15:1E:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 49242A78F99186DA5D45F192010C80470B6594FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:24:2a:78:f9:91:86:da:5d:45:f1:92:01:0c:80:47:0b:65:94:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=67d34e4a2966b9c28fc0a7ba7c0bfb9ed9a4990c2f523eab5d9ce5fc4e6bee66, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:34:9d:8d:1e:60:43:37:49:4d:79:11:a3:28: 61:6f:68:4a:51:ab:39:66:57:cb:68:2b:48:95:da: dc:23:66:6f:23:ee:dd:28:9d:aa:7d:c9:de:f8:01: e0:73:b1:db:c2:9f:20:54:9e:55:51:9a:83:01:c4: fe:80:a8:8b:8d:ca:ef:a9:b0:fe:40:e3:ea:00:20: b2:9c:3f:a4:b8:dc:5f:0a:26:ad:a5:b4:61:05:2a: 2d:91:b5:11:9f:aa:78:28:8d:d2:06:f3:6f:0e:ca: 10:73:d5:ca:2e:5c:c1:cc:9c:66:5b:a2:58:e3:1f: ca:d7:ae:02:74:fe:15:07:f5:13:84:cf:e2:17:c0: 84:e3:f8:85:ad:e5:6a:16:64:05:81:28:70:ae:de: 18:fd:34:7b:5e:00:e3:99:c2:e8:8e:78:f5:54:a7: 16:db:1a:61:d5:01:54:79:59:2d:a0:81:51:36:0e: 8b:42:4f:a7:83:a8:21:c2:03:e9:e1:72:f0:1a:e4: 11:0a:78:2a:98:24:9b:5b:ba:3d:f5:30:ba:0c:d8: 8f:68:fc:06:14:a6:cb:d5:f8:d4:72:6f:de:02:e9: 1a:99:5b:ef:0c:66:3f:42:1c:80:09:9e:f0:da:06: fe:10:f7:1b:c6:50:70:60:d5:47:9c:f7:04:c6:89: e5:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:89:1A:9F:62:29:C5:59:4D:B8:65:BD:FD:19:6B:34:D9:15:1E:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:2000::/40 Signature Algorithm: sha256WithRSAEncryption 63:63:9f:d7:57:97:b8:5b:79:fb:c6:51:4f:9b:51:c6:d5:f8: 8e:69:02:b8:54:03:e6:a2:3b:4f:7c:22:5b:81:51:6e:05:0e: 0b:79:0a:41:f8:0c:90:62:64:ff:3b:3f:68:95:b3:08:9b:57: 5e:8d:75:85:06:42:a0:53:ca:48:1d:15:f0:c8:a8:06:4a:f2: b0:f3:96:fc:6f:d3:63:13:3b:90:52:53:3b:d1:53:72:9d:1c: 7c:d3:0b:8b:4a:a7:a6:1e:8b:8d:a9:06:27:f8:c1:d4:de:27: 7a:88:6e:b2:87:d8:2d:38:69:3e:07:d2:fc:45:98:06:27:f6: 77:9a:be:fd:88:e0:ac:39:d2:e7:3a:38:e7:cb:e6:cd:f7:9a: 26:6f:88:a7:db:86:6b:3a:e3:d2:32:41:0b:32:41:60:d8:e5: fc:f1:a3:53:38:b3:35:e2:16:bd:b5:ca:bc:36:db:b3:ec:76: 0f:56:65:66:d4:d1:ec:4b:50:1a:8e:48:16:cd:fd:19:93:5b: 11:c1:86:8e:d3:f8:f5:0f:c1:ee:8e:a2:de:5e:08:a1:9f:c3: f2:05:3c:f3:15:2d:50:97:50:cf:25:78:a1:33:cc:f8:89:6d: fd:b0:e3:f0:60:55:6f:4b:db:18:86:11:b5:5f:a3:48:b8:88: 36:c2:24:67 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSSQqePmRhtpdRfGSAQyARwtllPowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNANjdkMzRlNGEyOTY2YjljMjhmYzBh N2JhN2MwYmZiOWVkOWE0OTkwYzJmNTIzZWFiNWQ5Y2U1ZmM0ZTZiZWU2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTSdjR5gQzdJTXkRoyhhb2hKUas5 ZlfLaCtIldrcI2ZvI+7dKJ2qfcne+AHgc7Hbwp8gVJ5VUZqDAcT+gKiLjcrvqbD+ QOPqACCynD+kuNxfCiatpbRhBSotkbURn6p4KI3SBvNvDsoQc9XKLlzBzJxmW6JY 4x/K164CdP4VB/UThM/iF8CE4/iFreVqFmQFgShwrt4Y/TR7XgDjmcLojnj1VKcW 2xph1QFUeVktoIFRNg6LQk+ng6ghwgPp4XLwGuQRCngqmCSbW7o99TC6DNiPaPwG FKbL1fjUcm/eAukamVvvDGY/QhyACZ7w2gb+EPcbxlBwYNVHnPcExonlaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIeJGp9iKcVZTbhlvf0ZazTZFR5ZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM5MGIwN2VjLTVkYmQtNGY4Ny04MWFlLTllZDg1YzdiZTI4MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+yAwDQYJKoZIhvcNAQELBQADggEBAGNjn9dXl7hbefvGUU+b UcbV+I5pArhUA+aiO098IluBUW4FDgt5CkH4DJBiZP87P2iVswibV16NdYUGQqBT ykgdFfDIqAZK8rDzlvxv02MTO5BSUzvRU3KdHHzTC4tKp6Yei42pBif4wdTeJ3qI brKH2C04aT4H0vxFmAYn9neavv2I4Kw50uc6OOfL5s33miZviKfbhms649IyQQsy QWDY5fzxo1M4szXiFr21yrw227Psdg9WZWbU0exLUBqOSBbN/RmTWxHBho7T+PUP we6Oot5eCKGfw/IFPPMVLVCXUM8leKEzzPiJbf2w4/BgVW9L2xiGEbVfo0i4iDbC JGc= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:32 2024 by rpki-client on console-fra.rpki-client.org