$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa File: 3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa (raw, json) Hash identifier: WXCzPxcrSFMmjK4WaYpi/z3TaoqSTQ5F5yZLIx1I08M= Subject key identifier: A3:22:29:CD:A8:A7:89:A6:AB:DA:12:38:66:F8:90:87:90:CE:58:70 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0679463838C72144EC33EAFC7FB278A7FF4644F4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:79:46:38:38:c7:21:44:ec:33:ea:fc:7f:b2:78:a7:ff:46:44:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=8b22e24d47ad4413a1140c24df8445597e1b3e2d5507582678267540716c4f0a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:95:f2:44:0e:aa:4a:18:8f:ac:b7:52:82:91: fc:ae:7c:64:0c:5c:e5:f3:14:14:9d:d6:36:c5:c4: 1b:e1:6e:51:ac:90:81:1f:ed:14:64:b4:0a:44:9d: 06:69:70:79:66:91:6b:44:ff:b9:11:1c:dc:e6:4f: ee:d5:00:fe:ed:53:8c:cb:43:1d:14:4c:bb:54:de: b9:6d:8a:45:e7:8d:73:aa:b4:08:32:d4:72:d0:0d: 5c:e5:5f:f6:ad:6c:61:ed:0b:7e:8e:af:23:00:8b: 00:ae:65:0c:71:76:14:23:29:37:ca:68:3d:49:4b: 16:e0:34:ce:c1:59:3c:3c:47:09:60:e7:93:e9:08: d6:75:06:a2:9c:fa:96:34:88:4b:97:e8:bc:37:53: f1:d4:23:b8:e0:72:f5:b3:06:9f:75:e1:8c:d2:ad: 55:32:3f:0b:e6:ea:14:34:2a:55:51:c6:05:b9:23: 8a:c9:4e:80:83:e1:97:be:78:84:5c:76:07:9c:45: a3:31:89:e1:64:f7:c0:d6:c7:dd:26:54:d7:47:36: 0a:e2:e8:5f:92:e6:4d:65:69:0d:9b:5c:1c:47:64: f3:c6:86:6e:1c:e0:d1:f1:b1:1a:ef:3f:68:e6:b4: b3:bf:3a:73:ae:da:58:2b:e0:06:7c:8e:ff:d2:79: 0c:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:22:29:CD:A8:A7:89:A6:AB:DA:12:38:66:F8:90:87:90:CE:58:70 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:4800::/40 Signature Algorithm: sha256WithRSAEncryption 36:8c:4c:59:fe:cd:47:df:9c:de:3f:f1:2d:93:88:8f:c1:bb: 41:2a:42:18:5e:ca:a9:06:e0:41:b3:68:82:27:a4:eb:f2:80: a5:08:de:14:4d:f6:d3:6a:a2:15:c6:16:b1:3d:31:1c:6b:03: 50:c2:f0:ef:e1:e3:81:99:88:90:f9:71:24:c8:da:e0:85:c5: ec:21:cf:b9:e1:eb:a5:6a:dc:4c:b8:30:91:50:d5:b0:75:b4: a6:ee:fa:86:35:ef:b9:14:2b:87:d1:06:ff:e0:64:2d:3f:ec: 47:85:05:32:df:8e:d3:61:26:84:0e:cb:6e:25:40:55:46:e6: 6d:b1:5a:71:96:67:bd:4e:33:3d:f7:75:f5:b6:ba:c4:b6:ea: 4e:47:7c:fb:64:41:5d:ea:d4:27:23:d4:15:af:00:26:64:b0: 48:c2:8a:7e:3b:fe:ac:0d:29:6d:25:27:ad:d4:75:2f:3a:8f: 1e:42:b3:36:35:bc:cc:09:e7:92:fa:0d:ec:55:80:bc:9a:a8: 7a:84:ba:83:ab:10:81:e5:c5:c9:4e:ce:9b:1c:c8:e3:76:27: 34:99:80:24:df:cc:de:2f:35:d1:e7:8b:05:1b:e8:c5:ba:a0: 8c:4e:23:98:42:62:07:2a:75:90:45:30:0c:31:7d:78:cf:b2: c5:87:d3:88 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBnlGODjHIUTsM+r8f7J4p/9GRPQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAOGIyMmUyNGQ0N2FkNDQxM2ExMTQw YzI0ZGY4NDQ1NTk3ZTFiM2UyZDU1MDc1ODI2NzgyNjc1NDA3MTZjNGYwYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpXyRA6qShiPrLdSgpH8rnxkDFzl 8xQUndY2xcQb4W5RrJCBH+0UZLQKRJ0GaXB5ZpFrRP+5ERzc5k/u1QD+7VOMy0Md FEy7VN65bYpF541zqrQIMtRy0A1c5V/2rWxh7Qt+jq8jAIsArmUMcXYUIyk3ymg9 SUsW4DTOwVk8PEcJYOeT6QjWdQainPqWNIhLl+i8N1Px1CO44HL1swafdeGM0q1V Mj8L5uoUNCpVUcYFuSOKyU6Ag+GXvniEXHYHnEWjMYnhZPfA1sfdJlTXRzYK4uhf kuZNZWkNm1wcR2TzxoZuHODR8bEa7z9o5rSzvzpzrtpYK+AGfI7/0nkMqwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKMiKc2op4mmq9oSOGb4kIeQzlhwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlOWNjNmFmLWJjMmMtNGRjYS04OTE1LTBjZGRmMjVjYzhkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaEgwDQYJKoZIhvcNAQELBQADggEBADaMTFn+zUffnN4/8S2T iI/Bu0EqQhheyqkG4EGzaIInpOvygKUI3hRN9tNqohXGFrE9MRxrA1DC8O/h44GZ iJD5cSTI2uCFxewhz7nh66Vq3Ey4MJFQ1bB1tKbu+oY177kUK4fRBv/gZC0/7EeF BTLfjtNhJoQOy24lQFVG5m2xWnGWZ71OMz33dfW2usS26k5HfPtkQV3q1Ccj1BWv ACZksEjCin47/qwNKW0lJ63UdS86jx5CszY1vMwJ55L6DexVgLyaqHqEuoOrEIHl xclOzpscyON2JzSZgCTfzN4vNdHniwUb6MW6oIxOI5hCYgcqdZBFMAwxfXjPssWH 04g= -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:38 2024 by rpki-client on console-ams.rpki-client.org