$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa File: 3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa (raw, json) Hash identifier: +ocGlnLqkp/XnRot/uzJcKNbNmqSbYGQZ1N1YUHOuP0= Subject key identifier: 97:2F:E9:1D:38:20:D5:19:87:E2:DF:B1:8E:3B:17:1A:C9:6A:FD:EE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2BCD7A83FB63C640A5F217B4FCEADD8A16F54999 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa Signing time: Sat 09 Nov 2024 00:00:00 +0000 ROA not before: Sat 09 Nov 2024 00:00:00 +0000 ROA not after: Sat 14 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:cd:7a:83:fb:63:c6:40:a5:f2:17:b4:fc:ea:dd:8a:16:f5:49:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:00:00 2024 GMT Not After : Dec 14 23:59:59 2024 GMT Subject: serialNumber=1655676bbb49067344b5e21018d53ee50acf60fab13a6d48524e994ac1dfffc9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:37:9a:c3:96:19:18:3e:bb:40:f7:47:ac:db: e3:38:b8:55:c7:c7:34:3e:1d:fa:bd:87:ab:31:72: 7f:c3:2b:04:84:17:ea:5b:37:0d:8c:63:65:62:6c: 26:ec:b3:7d:44:70:8f:58:ad:51:da:3f:41:89:36: 8f:80:47:57:04:1b:6b:19:34:ac:63:47:9a:ae:b7: f3:48:ba:52:28:1b:0f:d5:ec:3f:99:26:30:f6:06: d2:f6:78:02:da:0e:4d:23:08:bd:93:ae:35:85:9d: 30:87:8d:4f:56:3c:e3:fc:d4:63:44:fd:1d:f2:5f: 67:bb:21:dc:a0:c5:7d:87:78:81:61:89:b4:93:80: 5f:89:cf:3d:1f:fa:80:40:39:6c:b3:08:40:88:42: 84:8b:77:19:66:5d:d1:77:c8:69:28:f1:f1:6a:b9: 98:80:70:b4:38:c8:32:69:f7:6b:93:16:66:f9:1c: 38:e6:02:15:0e:6e:88:51:65:60:3b:75:5c:d1:ba: 50:74:64:9f:8e:a8:d7:9e:49:dd:a6:17:36:e1:9e: 0a:61:8e:b4:41:cc:20:38:a0:08:1c:e9:05:6e:08: 68:c9:06:6c:58:5c:c5:03:2c:d5:09:21:21:96:f8: 7f:dc:f7:30:ca:b2:e4:54:c8:d2:25:30:9e:e6:3f: dd:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:2F:E9:1D:38:20:D5:19:87:E2:DF:B1:8E:3B:17:1A:C9:6A:FD:EE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:4000::/40 Signature Algorithm: sha256WithRSAEncryption 94:7f:aa:cb:d6:2e:9f:3f:a7:cd:41:00:45:c1:02:9f:02:9f: 7f:0d:32:6f:9f:ad:48:57:2c:fd:ea:ce:a2:6a:2d:09:b0:f7: 6c:98:07:98:c9:d4:17:87:8f:b4:24:d3:3b:59:89:a4:64:a6: a4:43:03:16:0b:c0:61:9e:21:0d:ab:8b:20:55:b6:c3:56:16: 27:dd:1d:f3:ba:53:7b:ae:62:aa:d2:29:f3:79:c7:47:f1:a7: 1c:c7:82:13:02:c7:d5:58:26:8c:03:ec:32:69:40:ef:04:69: d6:c8:f3:aa:39:02:11:f2:f7:2a:ec:e8:77:e3:0e:ee:37:c0: 09:e2:d0:e7:a7:dc:b9:46:25:2e:44:25:88:7f:7c:aa:10:08: 86:22:08:b5:02:2d:cf:dd:fa:95:ba:99:9d:db:ee:91:70:c3: 83:65:6a:aa:37:dd:4a:77:ca:a2:91:0b:3a:42:43:d2:7b:84: f3:7b:45:92:bf:b9:8e:a8:0c:b5:6d:d5:17:a3:d1:e9:8d:8d: 8c:2e:d9:76:39:34:2a:49:8f:ed:6d:68:ae:37:15:2a:af:9b: d3:66:12:52:c1:1a:24:d4:08:e7:a5:cb:72:6a:bc:2b:22:a7: 21:07:a6:15:d1:0c:ce:23:cb:8c:28:96:22:07:50:4e:61:53: 35:cf:e7:51 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUK816g/tjxkCl8he0/Ordihb1SZkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEwOTAwMDAwMFoX DTI0MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAMTY1NTY3NmJiYjQ5MDY3MzQ0YjVl MjEwMThkNTNlZTUwYWNmNjBmYWIxM2E2ZDQ4NTI0ZTk5NGFjMWRmZmZjOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9zeaw5YZGD67QPdHrNvjOLhVx8c0 Ph36vYerMXJ/wysEhBfqWzcNjGNlYmwm7LN9RHCPWK1R2j9BiTaPgEdXBBtrGTSs Y0earrfzSLpSKBsP1ew/mSYw9gbS9ngC2g5NIwi9k641hZ0wh41PVjzj/NRjRP0d 8l9nuyHcoMV9h3iBYYm0k4Bfic89H/qAQDlsswhAiEKEi3cZZl3Rd8hpKPHxarmY gHC0OMgyafdrkxZm+Rw45gIVDm6IUWVgO3Vc0bpQdGSfjqjXnkndphc24Z4KYY60 QcwgOKAIHOkFbghoyQZsWFzFAyzVCSEhlvh/3PcwyrLkVMjSJTCe5j/dbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJcv6R04INUZh+LfsY47FxrJav3uMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNmMzE5YmE0LTRmNzUtNDlmZC05YTNiLWE5MGM5MzhhMjRhZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMkAwDQYJKoZIhvcNAQELBQADggEBAJR/qsvWLp8/p81BAEXB Ap8Cn38NMm+frUhXLP3qzqJqLQmw92yYB5jJ1BeHj7Qk0ztZiaRkpqRDAxYLwGGe IQ2riyBVtsNWFifdHfO6U3uuYqrSKfN5x0fxpxzHghMCx9VYJowD7DJpQO8EadbI 86o5AhHy9yrs6HfjDu43wAni0Oen3LlGJS5EJYh/fKoQCIYiCLUCLc/d+pW6mZ3b 7pFww4Nlaqo33Up3yqKRCzpCQ9J7hPN7RZK/uY6oDLVt1Rej0emNjYwu2XY5NCpJ j+1taK43FSqvm9NmElLBGiTUCOely3JqvCsipyEHphXRDM4jy4woliIHUE5hUzXP 51E= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:34 2024 by rpki-client on console-fra.rpki-client.org