$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3c76877a-5443-4688-b68c-42e8c8278190.roa File: 3c76877a-5443-4688-b68c-42e8c8278190.roa (raw, json) Hash identifier: 7jMKL3/ssN2VauG864+qfeeMC1VQA/0VV1BcilZAO0g= Subject key identifier: 94:7F:8F:5D:DB:4C:46:57:39:67:3E:8C:6C:6A:9A:DE:0A:85:96:17 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 70DA51462CE0B9F655F0AA2DA62F0951FD02904E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3c76877a-5443-4688-b68c-42e8c8278190.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:da:51:46:2c:e0:b9:f6:55:f0:aa:2d:a6:2f:09:51:fd:02:90:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=64331d1aecf9f887310e6df526969ee8e6241e134117cb92763bad083145f3d4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:af:87:e9:7d:50:a8:42:2b:9a:ec:a1:09:c4: 77:85:0d:cf:b5:9f:9f:cd:bf:9f:a2:1d:c8:fa:c6: 67:50:aa:ff:28:63:23:9f:36:85:49:96:55:fa:d3: 6a:f6:d4:92:c8:24:af:69:dd:28:16:b1:39:77:32: 7f:1f:bb:04:0f:c3:04:88:6a:f3:09:29:59:eb:a9: d4:8b:91:7a:1b:33:cc:94:d0:ed:5f:f0:36:33:f4: 20:53:bf:49:b7:fa:9b:4e:74:b7:1f:ae:bb:73:a0: ba:7d:c5:78:2f:a0:f3:5a:23:51:7d:c3:ca:33:ea: 53:03:0b:ce:5e:63:78:d2:62:9e:25:a9:9c:3d:23: 2c:20:64:af:0e:b7:32:3b:48:90:15:ac:02:19:79: 2b:c9:21:80:3c:35:e8:6c:07:76:77:b1:86:16:d6: 62:cb:cc:9b:4c:f1:d4:2d:19:48:13:26:68:5c:21: 69:e8:4e:7b:e2:50:93:57:11:c2:b5:dd:58:41:ff: 93:f0:97:6c:f0:17:44:de:a1:dd:35:f1:3a:e5:34: 29:01:d3:2e:f9:41:cd:46:28:b0:9d:25:d5:a1:d8: a6:5b:e8:db:b9:65:a7:eb:88:9c:0a:3b:1e:1c:81: b0:56:f9:3e:72:98:93:f1:d6:8b:fb:15:ee:97:cf: 47:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:7F:8F:5D:DB:4C:46:57:39:67:3E:8C:6C:6A:9A:DE:0A:85:96:17 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3c76877a-5443-4688-b68c-42e8c8278190.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:2800::/40 Signature Algorithm: sha256WithRSAEncryption 02:3a:16:15:e1:dd:1f:51:8d:cf:55:6b:85:e1:0d:97:15:61: 36:43:13:63:3c:56:bb:c3:d4:a1:68:b3:6b:59:b4:f7:a0:5f: 15:06:d3:1b:0e:1c:78:9b:3d:6f:e2:ed:04:f5:bb:ff:c8:12: f9:90:46:ef:f6:a2:06:02:b2:ee:45:dc:ad:de:fb:63:99:bf: 55:94:ac:77:6a:24:70:b6:02:23:7c:d8:72:d2:58:92:d8:f7: 45:8d:1d:ce:3a:be:94:ae:c2:56:b3:b6:c3:6b:b2:f3:85:b1: 58:e7:ae:f3:ef:69:32:e2:eb:e3:1e:59:e0:ac:15:8e:29:bd: 8e:eb:79:7b:84:cc:9f:da:20:a8:02:c8:54:6e:2d:fb:83:d3: 77:c1:df:a4:0f:fc:ab:bd:bf:75:ac:50:f6:3c:c5:b4:58:e7: aa:af:eb:c9:88:c4:d7:9d:8c:9b:56:b6:b8:c9:8d:54:4f:88: f4:2a:8c:d9:f8:e1:e1:61:72:7d:dd:d0:15:42:99:46:92:bb: 46:91:6d:10:a8:93:65:76:a5:0d:ad:6a:01:a9:19:28:1b:d8: 1c:5d:79:6e:4a:b7:77:51:54:9e:ac:bb:bf:f8:41:b3:7e:65: 95:95:1d:cf:95:34:51:c6:0f:5d:0f:0a:88:ab:d7:c1:b6:d1: a3:54:d3:a2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcNpRRizgufZV8Kotpi8JUf0CkE4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNANjQzMzFkMWFlY2Y5Zjg4NzMxMGU2 ZGY1MjY5NjllZThlNjI0MWUxMzQxMTdjYjkyNzYzYmFkMDgzMTQ1ZjNkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq+H6X1QqEIrmuyhCcR3hQ3PtZ+f zb+foh3I+sZnUKr/KGMjnzaFSZZV+tNq9tSSyCSvad0oFrE5dzJ/H7sED8MEiGrz CSlZ66nUi5F6GzPMlNDtX/A2M/QgU79Jt/qbTnS3H667c6C6fcV4L6DzWiNRfcPK M+pTAwvOXmN40mKeJamcPSMsIGSvDrcyO0iQFawCGXkrySGAPDXobAd2d7GGFtZi y8ybTPHULRlIEyZoXCFp6E574lCTVxHCtd1YQf+T8Jds8BdE3qHdNfE65TQpAdMu +UHNRiiwnSXVodimW+jbuWWn64icCjseHIGwVvk+cpiT8daL+xXul89HSQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJR/j13bTEZXOWc+jGxqmt4KhZYXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNjNzY4NzdhLTU0NDMtNDY4OC1iNjhjLTQyZThjODI3ODE5MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9ygwDQYJKoZIhvcNAQELBQADggEBAAI6FhXh3R9Rjc9Va4Xh DZcVYTZDE2M8VrvD1KFos2tZtPegXxUG0xsOHHibPW/i7QT1u//IEvmQRu/2ogYC su5F3K3e+2OZv1WUrHdqJHC2AiN82HLSWJLY90WNHc46vpSuwlaztsNrsvOFsVjn rvPvaTLi6+MeWeCsFY4pvY7reXuEzJ/aIKgCyFRuLfuD03fB36QP/Ku9v3WsUPY8 xbRY56qv68mIxNedjJtWtrjJjVRPiPQqjNn44eFhcn3d0BVCmUaSu0aRbRCok2V2 pQ2tagGpGSgb2BxdeW5Kt3dRVJ6su7/4QbN+ZZWVHc+VNFHGD10PCoir18G20aNU 06I= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:32 2024 by rpki-client on console-fra.rpki-client.org