$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a0072df-b178-45d2-b20f-191c118650c6.roa File: 3a0072df-b178-45d2-b20f-191c118650c6.roa (raw, json) Hash identifier: /S+nLeKd+T8oV4FWO1a4IKs3OB9xvNwA67qU//pfLaY= Subject key identifier: B3:C6:8F:90:46:E3:CF:9A:8E:66:6A:25:3F:B3:6C:55:74:77:89:EE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56840A89CC6ABE6ECEDC85CFB5B8D16E4D69442A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a0072df-b178-45d2-b20f-191c118650c6.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da30:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:84:0a:89:cc:6a:be:6e:ce:dc:85:cf:b5:b8:d1:6e:4d:69:44:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=12dda556f6d5b699a8e723629b47d8e31a81ead17bb65f98801867cc35d05f93, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:48:51:2a:27:ec:63:8a:dc:cc:da:cc:2a:8c: 1d:90:36:10:96:7d:26:cb:17:98:c9:b3:e6:6a:8d: 76:fb:aa:39:bf:b0:8b:2f:5e:c9:1f:54:38:0a:af: e7:5a:6e:f0:56:23:f2:95:5c:1f:c6:57:03:79:fa: d4:0c:e9:c9:ed:61:94:7a:50:60:8e:cb:49:a9:ad: 45:91:2c:54:7a:0e:32:93:16:9a:e3:f4:ac:e2:d1: f3:86:12:34:df:0e:78:ea:21:7b:d7:00:1a:73:27: 80:17:ae:11:42:42:98:ac:31:bf:66:d7:f4:15:83: 73:d7:7c:6f:2e:01:34:f5:f8:8c:ae:31:1b:cb:c1: e3:6a:34:bc:08:2f:bf:44:6c:7f:cc:3c:f7:06:d0: 74:6c:77:42:4c:68:38:f1:78:84:d1:a9:62:f5:03: 4c:82:50:ce:0a:06:a9:8e:04:00:09:22:be:5e:c1: b6:31:52:0d:5d:40:4f:b7:50:45:2e:30:50:71:3f: 75:d3:bc:6e:1d:00:38:33:37:18:67:7a:3f:a2:6a: e3:a3:0b:09:50:94:76:39:80:44:31:49:5c:d8:99: 18:f9:82:7a:f1:64:a8:81:fc:53:32:00:3b:05:58: 90:d9:c6:2f:4a:69:87:e2:b1:ef:0a:bb:2c:e4:df: 38:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:C6:8F:90:46:E3:CF:9A:8E:66:6A:25:3F:B3:6C:55:74:77:89:EE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a0072df-b178-45d2-b20f-191c118650c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da30:f000::/40 Signature Algorithm: sha256WithRSAEncryption 26:40:13:8a:85:15:fb:0b:79:ae:35:b4:83:ed:ec:cd:42:64: c3:31:cb:86:af:e0:41:94:2e:0c:ed:5d:19:0e:34:45:7f:d6: a1:69:ed:8d:ab:ad:08:09:7b:58:0f:19:a9:98:42:cd:85:cb: f9:c0:af:af:81:42:c1:ff:34:25:8b:9d:8c:96:9a:8b:a0:95: 38:fd:56:5f:9b:44:6e:f6:a6:93:ac:98:89:34:5d:67:12:f3: 48:2f:83:e5:b8:09:bc:40:61:27:63:89:22:39:67:a1:29:0f: 04:cc:6f:da:23:4e:36:61:e7:c5:43:2f:fa:69:c7:bc:48:a0: f1:78:da:49:f5:6d:e9:ff:d1:a8:d4:32:15:ec:18:e6:f7:fb: fa:45:ae:ee:19:3e:6d:e6:1e:62:55:c0:7b:34:b7:e8:ae:22: bf:fc:e6:e9:b1:6f:57:c9:05:11:36:94:c4:f5:96:a3:b5:c2: fc:76:6c:f8:9b:fa:36:4d:d2:ca:03:12:80:00:be:91:b9:ea: 4d:7f:a0:2d:7f:5c:fc:ba:9b:fa:8f:c5:83:bc:a2:98:b2:ac: 31:fd:58:ff:8c:fd:d0:c4:e0:74:95:f5:0e:14:3e:41:23:c9: 48:ac:33:2d:87:a5:51:e7:d8:45:51:30:09:80:19:b7:58:f5: 0b:df:d9:43 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVoQKicxqvm7O3IXPtbjRbk1pRCowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAMTJkZGE1NTZmNmQ1YjY5OWE4ZTcy MzYyOWI0N2Q4ZTMxYTgxZWFkMTdiYjY1Zjk4ODAxODY3Y2MzNWQwNWY5MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEhRKifsY4rczNrMKowdkDYQln0m yxeYybPmao12+6o5v7CLL17JH1Q4Cq/nWm7wViPylVwfxlcDefrUDOnJ7WGUelBg jstJqa1FkSxUeg4ykxaa4/Ss4tHzhhI03w546iF71wAacyeAF64RQkKYrDG/Ztf0 FYNz13xvLgE09fiMrjEby8HjajS8CC+/RGx/zDz3BtB0bHdCTGg48XiE0ali9QNM glDOCgapjgQACSK+XsG2MVINXUBPt1BFLjBQcT9107xuHQA4MzcYZ3o/omrjowsJ UJR2OYBEMUlc2JkY+YJ68WSogfxTMgA7BViQ2cYvSmmH4rHvCrss5N845QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLPGj5BG48+ajmZqJT+zbFV0d4nuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhMDA3MmRmLWIxNzgtNDVkMi1iMjBmLTE5MWMxMTg2NTBjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMPAwDQYJKoZIhvcNAQELBQADggEBACZAE4qFFfsLea41tIPt 7M1CZMMxy4av4EGULgztXRkONEV/1qFp7Y2rrQgJe1gPGamYQs2Fy/nAr6+BQsH/ NCWLnYyWmouglTj9Vl+bRG72ppOsmIk0XWcS80gvg+W4CbxAYSdjiSI5Z6EpDwTM b9ojTjZh58VDL/ppx7xIoPF42kn1ben/0ajUMhXsGOb3+/pFru4ZPm3mHmJVwHs0 t+iuIr/85umxb1fJBRE2lMT1lqO1wvx2bPib+jZN0soDEoAAvpG56k1/oC1/XPy6 m/qPxYO8opiyrDH9WP+M/dDE4HSV9Q4UPkEjyUisMy2HpVHn2EVRMAmAGbdY9Qvf 2UM= -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:38 2024 by rpki-client on console-ams.rpki-client.org