$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa File: 3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa (raw, json) Hash identifier: k+ptHsVIJk743155GiSajXiJwAhKL/z8JfWgALb3wrA= Subject key identifier: C0:75:19:98:89:97:A9:52:BE:C9:5C:D2:E1:B8:7F:7C:3E:07:F7:07 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1DA36207BE4757CED80531DAF5E143E94AEAB21C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa Signing time: Tue 15 Oct 2024 00:00:00 +0000 ROA not before: Tue 15 Oct 2024 00:00:00 +0000 ROA not after: Tue 19 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:a3:62:07:be:47:57:ce:d8:05:31:da:f5:e1:43:e9:4a:ea:b2:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:00:00 2024 GMT Not After : Nov 19 23:59:59 2024 GMT Subject: serialNumber=6f02e7ab1d73c282e7e9ea67c4ab3ebcc67f48f9ff2446a1f36ee0a7ed3da912, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:d0:13:68:5d:92:f0:bc:0a:6d:df:84:02:d8: 08:c6:c2:20:aa:1c:c2:18:10:2b:52:f8:59:25:bb: 77:bc:9c:ab:7a:77:e9:c9:9d:ef:0a:45:c5:d3:09: b0:de:29:7d:0f:a7:d5:07:d3:e6:b0:e4:58:90:c3: 2c:2f:2d:52:65:19:fc:f0:48:82:4a:22:28:2e:95: ae:e1:34:8e:26:d9:75:4f:7b:12:e7:15:42:b7:8c: 8f:e9:63:08:b9:4f:39:0c:f7:f8:00:da:d6:7e:c2: 32:04:82:42:89:46:eb:e8:2d:d6:0a:af:87:fa:a6: 67:b8:99:31:26:76:87:7b:ff:00:fc:57:cf:f9:78: c8:4e:54:97:00:d6:29:da:1c:8e:b3:e2:a8:0c:44: 35:95:58:ff:06:5f:c0:5b:f3:e4:03:2b:f7:9a:35: 08:95:9d:e5:61:85:76:70:7f:72:c1:fc:1a:6c:f6: 38:00:d5:a1:8f:cf:f2:44:7a:b3:01:59:b9:94:a3: 3f:30:9a:42:97:1e:8b:ce:3d:e8:27:c3:8d:c7:f9: c5:85:36:de:bd:05:91:a2:54:e8:f9:d3:9b:d6:43: 15:26:cb:e8:df:7f:b3:f7:4f:36:99:52:7b:bb:55: e9:6b:07:c8:19:07:70:e2:9f:2d:1c:e7:af:aa:f1: c8:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:75:19:98:89:97:A9:52:BE:C9:5C:D2:E1:B8:7F:7C:3E:07:F7:07 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:4000::/40 Signature Algorithm: sha256WithRSAEncryption 46:09:89:cd:a8:80:14:3c:fd:61:71:7e:ea:74:c2:ee:f5:ae: 54:0b:91:a6:c9:08:59:79:8a:de:ee:ea:17:d5:fb:92:87:c1: 91:3d:d8:aa:53:0a:9c:5e:13:4e:6f:32:2f:10:d9:5f:7a:88: fe:11:b0:8e:90:e2:17:74:2c:9f:32:d3:49:a3:9a:e8:56:80: d3:1e:c9:3e:06:36:e1:24:7d:19:84:93:0f:38:17:59:22:e5: 88:68:d3:17:b5:5b:a7:9d:e2:5b:9c:8e:f5:8c:41:ed:ae:20: de:29:d0:33:79:62:72:5a:d4:5b:d6:d5:20:33:67:a5:76:05: a4:ea:69:38:9a:60:44:62:6b:78:7b:ad:b9:24:40:9c:f2:b6: e2:6d:10:4c:65:99:7f:7f:8e:08:55:b8:4a:5d:3c:81:b9:43: 56:da:96:61:4a:95:f5:7e:56:e8:6d:50:b1:95:63:2e:3e:38: c0:58:90:db:62:c5:de:3e:1d:7c:59:b1:67:c0:f6:6a:65:42: 6f:c4:8e:ad:26:16:44:32:e7:d8:3d:69:f0:64:c6:d7:57:5a: bd:0d:05:04:3a:14:23:e0:a2:6a:65:b0:e7:9e:f7:e7:35:ec: 9d:0f:4b:f7:da:83:35:f5:12:cd:d4:5b:59:f0:4f:9a:e0:c7: 64:ad:6c:80 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHaNiB75HV87YBTHa9eFD6UrqshwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAxNTAwMDAwMFoX DTI0MTExOTIzNTk1OVowejFJMEcGA1UEBRNANmYwMmU3YWIxZDczYzI4MmU3ZTll YTY3YzRhYjNlYmNjNjdmNDhmOWZmMjQ0NmExZjM2ZWUwYTdlZDNkYTkxMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9ATaF2S8LwKbd+EAtgIxsIgqhzC GBArUvhZJbt3vJyrenfpyZ3vCkXF0wmw3il9D6fVB9PmsORYkMMsLy1SZRn88EiC SiIoLpWu4TSOJtl1T3sS5xVCt4yP6WMIuU85DPf4ANrWfsIyBIJCiUbr6C3WCq+H +qZnuJkxJnaHe/8A/FfP+XjITlSXANYp2hyOs+KoDEQ1lVj/Bl/AW/PkAyv3mjUI lZ3lYYV2cH9ywfwabPY4ANWhj8/yRHqzAVm5lKM/MJpClx6Lzj3oJ8ONx/nFhTbe vQWRolTo+dOb1kMVJsvo33+z9082mVJ7u1XpawfIGQdw4p8tHOevqvHI5wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMB1GZiJl6lSvslc0uG4f3w+B/cHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNmMzE5YmE0LTRmNzUtNDlmZC05YTNiLWE5MGM5MzhhMjRhZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMkAwDQYJKoZIhvcNAQELBQADggEBAEYJic2ogBQ8/WFxfup0 wu71rlQLkabJCFl5it7u6hfV+5KHwZE92KpTCpxeE05vMi8Q2V96iP4RsI6Q4hd0 LJ8y00mjmuhWgNMeyT4GNuEkfRmEkw84F1ki5Yho0xe1W6ed4lucjvWMQe2uIN4p 0DN5YnJa1FvW1SAzZ6V2BaTqaTiaYERia3h7rbkkQJzytuJtEExlmX9/jghVuEpd PIG5Q1balmFKlfV+VuhtULGVYy4+OMBYkNtixd4+HXxZsWfA9mplQm/Ejq0mFkQy 59g9afBkxtdXWr0NBQQ6FCPgomplsOee9+c17J0PS/fagzX1Es3UW1nwT5rgx2St bIA= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:24 2024 by rpki-client on console-ams.rpki-client.org