$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4446f271-be12-4319-a620-28e5c3c29271.roa File: 4446f271-be12-4319-a620-28e5c3c29271.roa (raw, json) Hash identifier: i4QkTuBU/UAl683EabWMvBlm1Z14y0v2Iq9Z5+u61FM= Subject key identifier: 72:D5:53:C1:B9:FB:38:86:27:A0:F0:84:C8:07:D3:9C:B6:C2:64:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6DDDAD7CC200B2C5C9A29D73EAEEFD83681EC9CF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4446f271-be12-4319-a620-28e5c3c29271.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:dd:ad:7c:c2:00:b2:c5:c9:a2:9d:73:ea:ee:fd:83:68:1e:c9:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=4e7323323fff294678d274c5a9243224242e3b71cd26fafd81b5744b1f7b5836, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:31:fe:c2:e7:12:f0:03:02:f6:40:a8:ec:95: 8d:79:49:95:e5:a8:8f:78:c0:3a:80:70:cd:2b:0f: 78:1f:ba:9b:64:64:c7:c4:37:0a:e5:35:56:51:d6: 24:9d:26:13:69:10:d3:a3:55:88:84:fb:cc:a2:7b: d0:91:0e:cb:b8:0a:a1:f1:db:02:54:79:d1:a7:71: ee:fa:f0:9e:16:a5:b4:68:c6:f7:8b:8a:66:6c:da: fc:1d:aa:f2:a1:df:16:51:94:42:1a:73:75:6b:a5: fe:c5:d0:0e:37:1e:74:83:4c:99:c6:bf:da:a5:cb: 98:dc:fb:b7:3a:47:8d:a7:b6:36:f7:3d:e0:59:2e: 62:1a:cb:4a:cd:d9:23:9c:fa:d7:f3:ee:8e:23:e9: 74:b1:b1:61:18:f1:e7:5a:d4:ea:7d:bd:1c:87:15: 7a:5a:f9:8b:b7:71:bf:ea:83:16:14:e2:0d:cc:fc: f3:a7:ba:a9:2c:af:ef:bf:be:81:3e:01:95:6a:38: 89:c0:a8:50:e6:72:9c:e2:ac:c5:d5:d4:95:41:31: 0f:1e:f9:c9:e1:6c:93:e7:ce:d5:1d:6e:62:5f:2f: ec:f7:1e:2a:d4:c6:6d:84:1c:18:78:3c:7c:19:e9: 8f:f5:c1:41:b6:62:69:30:4a:1d:90:0b:71:84:dd: 3a:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:D5:53:C1:B9:FB:38:86:27:A0:F0:84:C8:07:D3:9C:B6:C2:64:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4446f271-be12-4319-a620-28e5c3c29271.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:e000::/40 Signature Algorithm: sha256WithRSAEncryption 38:3c:c2:30:9b:4d:a6:12:1b:a1:b3:b2:4d:eb:e9:46:89:b8: f8:0a:31:c1:2c:45:85:84:c5:02:23:60:e7:49:99:99:5f:a0: 88:f7:ea:fb:64:9e:42:a0:58:2a:30:77:d9:05:41:76:20:61: 7c:88:5e:62:0c:95:aa:3e:40:09:f6:b0:d5:59:e8:25:a8:cc: a3:98:69:97:d5:67:d1:75:53:76:82:95:38:ab:b3:07:fa:7b: c8:93:12:30:4f:dd:73:ee:1a:65:0e:ca:66:0c:6b:27:bf:bc: 22:92:53:4b:9b:89:f0:e3:74:01:80:38:5c:7c:ed:a2:02:b5: c5:fd:f6:97:6c:be:40:d2:d4:6a:df:d9:13:ac:a8:ba:49:af: d6:c6:66:6f:9c:46:54:ab:7e:51:66:4d:66:e1:ed:ec:5c:d3: d2:c9:b6:59:d8:b2:a0:50:6b:46:e2:ac:84:83:44:ef:57:51: 17:c0:08:5d:0d:90:0c:31:0c:0b:1b:94:3e:82:69:25:3f:65: fc:94:88:b6:b5:18:f1:58:a3:da:26:e3:06:12:da:7b:75:32: d0:14:bf:6c:f1:28:54:d1:c0:bf:da:8f:c7:58:00:16:87:8c: 82:36:89:f5:27:b2:ec:a9:f1:26:70:9b:56:29:a2:dc:18:52: f2:1f:ed:8f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbd2tfMIAssXJop1z6u79g2geyc8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNANGU3MzIzMzIzZmZmMjk0Njc4ZDI3 NGM1YTkyNDMyMjQyNDJlM2I3MWNkMjZmYWZkODFiNTc0NGIxZjdiNTgzNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DH+wucS8AMC9kCo7JWNeUmV5aiP eMA6gHDNKw94H7qbZGTHxDcK5TVWUdYknSYTaRDTo1WIhPvMonvQkQ7LuAqh8dsC VHnRp3Hu+vCeFqW0aMb3i4pmbNr8Haryod8WUZRCGnN1a6X+xdAONx50g0yZxr/a pcuY3Pu3OkeNp7Y29z3gWS5iGstKzdkjnPrX8+6OI+l0sbFhGPHnWtTqfb0chxV6 WvmLt3G/6oMWFOINzPzzp7qpLK/vv76BPgGVajiJwKhQ5nKc4qzF1dSVQTEPHvnJ 4WyT587VHW5iXy/s9x4q1MZthBwYeDx8GemP9cFBtmJpMEodkAtxhN06lwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHLVU8G5+ziGJ6DwhMgH05y2wmTIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ0NDZmMjcxLWJlMTItNDMxOS1hNjIwLTI4ZTVjM2MyOTI3MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNuAwDQYJKoZIhvcNAQELBQADggEBADg8wjCbTaYSG6Gzsk3r 6UaJuPgKMcEsRYWExQIjYOdJmZlfoIj36vtknkKgWCowd9kFQXYgYXyIXmIMlao+ QAn2sNVZ6CWozKOYaZfVZ9F1U3aClTirswf6e8iTEjBP3XPuGmUOymYMaye/vCKS U0ubifDjdAGAOFx87aICtcX99pdsvkDS1Grf2ROsqLpJr9bGZm+cRlSrflFmTWbh 7exc09LJtlnYsqBQa0birISDRO9XURfACF0NkAwxDAsblD6CaSU/ZfyUiLa1GPFY o9om4wYS2nt1MtAUv2zxKFTRwL/aj8dYABaHjII2ifUnsuyp8SZwm1YpotwYUvIf 7Y8= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:24 2024 by rpki-client on console-ams.rpki-client.org