$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/498f6dc3-db03-415e-b534-d74ca6f01901.roa File: 498f6dc3-db03-415e-b534-d74ca6f01901.roa (raw, json) Hash identifier: bCetZH+Bdyo8AvRi/DKAcup9BrLfICmDcc+n13GoeVs= Subject key identifier: 4B:B8:8B:8A:AC:CB:0C:54:E3:64:32:55:FF:32:BA:15:6F:C2:E1:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1F38D09063C7D7E5BDFEE5E548F2BDD8245B1969 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/498f6dc3-db03-415e-b534-d74ca6f01901.roa Signing time: Tue 15 Oct 2024 00:00:00 +0000 ROA not before: Tue 15 Oct 2024 00:00:00 +0000 ROA not after: Tue 19 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:38:d0:90:63:c7:d7:e5:bd:fe:e5:e5:48:f2:bd:d8:24:5b:19:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:00:00 2024 GMT Not After : Nov 19 23:59:59 2024 GMT Subject: serialNumber=34ae1ae087addf555e4a123e19e43d9b7eb61b4d21035b49a22b32876bdcdb70, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c1:65:42:9e:d4:49:d7:44:22:27:35:f8:3c: 7c:3a:9c:96:16:78:a9:49:25:95:f8:f1:57:59:66: ed:e7:1e:f8:f1:ad:d1:43:b4:20:89:a4:b6:32:2f: 1b:ed:30:9e:f1:0f:18:59:46:6d:a2:f4:c9:6b:ba: 06:28:ad:99:8d:f6:34:ce:cb:52:7b:7b:51:f3:15: fb:f1:66:10:fa:74:0c:03:9a:87:8a:d6:cb:da:63: e8:98:1b:d5:09:c1:5a:4b:20:63:03:37:ea:8c:08: cd:ac:81:c2:1d:64:72:51:6c:e0:a6:1f:ad:ab:51: 22:15:2f:6f:df:a5:6b:52:28:39:03:db:f0:37:40: e1:ca:28:77:22:3c:af:7d:55:f5:76:af:11:c7:53: 8e:65:ba:26:d5:1f:28:a2:11:f5:46:a6:0e:e9:36: 40:d1:d3:05:cd:0a:4d:91:c4:2e:15:f5:2e:6b:c1: bb:c4:2d:6b:37:e5:22:42:85:24:3d:1a:1a:87:26: 69:7f:fd:51:59:1b:f9:55:4b:7a:08:ac:3b:38:70: ff:b5:fc:d3:3b:11:7b:3e:a2:52:05:cb:19:fb:6e: 53:3d:d3:47:61:e7:40:e1:62:83:6b:ef:fc:ca:7e: 34:e0:a0:98:35:31:ab:62:49:c4:80:72:88:75:f6: 38:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:B8:8B:8A:AC:CB:0C:54:E3:64:32:55:FF:32:BA:15:6F:C2:E1:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/498f6dc3-db03-415e-b534-d74ca6f01901.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:2000::/40 Signature Algorithm: sha256WithRSAEncryption 0a:b2:80:be:d1:55:44:23:1b:f0:ce:d7:2f:3f:56:ac:cc:27: 26:46:d0:bf:8b:84:60:a1:cc:e2:eb:53:7b:1a:63:dd:20:c4: a5:20:3f:f7:3e:81:32:75:f2:32:bc:f3:e2:a6:1f:fc:21:63: 0f:f1:6b:29:c4:3e:3f:77:57:f9:aa:f6:1a:ab:d2:0b:cf:cb: 20:9d:ab:84:52:bc:e4:9c:ba:35:59:a9:b3:3b:ca:f0:e6:54: 82:9f:bc:89:4e:a9:57:46:f7:cf:b0:82:b4:89:ea:dd:42:ab: c0:eb:ed:1c:d8:81:89:52:bb:89:6d:c3:84:88:5a:9b:cb:24: 54:0c:e8:cd:05:91:56:72:5f:22:0e:4b:a7:4b:72:51:ec:3f: 87:47:e8:cb:ec:82:2f:ae:fd:83:86:a3:1a:6a:6e:27:c4:d5: f5:0c:0e:fd:40:86:4f:b3:17:d1:a6:6b:16:6d:5f:77:73:b1: 0d:2d:75:e2:4d:92:85:9f:90:c0:e9:e7:10:a8:55:0c:e0:18: 8e:5e:75:92:4a:a9:d3:f2:84:24:6d:2d:28:b5:15:eb:e2:e4: ee:8e:a5:99:f0:91:87:69:f4:69:15:32:65:a9:80:99:5a:80: aa:a9:e1:ce:df:f6:5d:f6:bc:02:88:84:52:4e:94:1d:dc:28: 8a:9e:54:c8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHzjQkGPH1+W9/uXlSPK92CRbGWkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAxNTAwMDAwMFoX DTI0MTExOTIzNTk1OVowejFJMEcGA1UEBRNAMzRhZTFhZTA4N2FkZGY1NTVlNGEx MjNlMTllNDNkOWI3ZWI2MWI0ZDIxMDM1YjQ5YTIyYjMyODc2YmRjZGI3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscFlQp7USddEIic1+Dx8OpyWFnip SSWV+PFXWWbt5x748a3RQ7QgiaS2Mi8b7TCe8Q8YWUZtovTJa7oGKK2ZjfY0zstS e3tR8xX78WYQ+nQMA5qHitbL2mPomBvVCcFaSyBjAzfqjAjNrIHCHWRyUWzgph+t q1EiFS9v36VrUig5A9vwN0Dhyih3IjyvfVX1dq8Rx1OOZbom1R8oohH1RqYO6TZA 0dMFzQpNkcQuFfUua8G7xC1rN+UiQoUkPRoahyZpf/1RWRv5VUt6CKw7OHD/tfzT OxF7PqJSBcsZ+25TPdNHYedA4WKDa+/8yn404KCYNTGrYknEgHKIdfY4MwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEu4i4qsywxU42QyVf8yuhVvwuHvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5OGY2ZGMzLWRiMDMtNDE1ZS1iNTM0LWQ3NGNhNmYwMTkwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMiAwDQYJKoZIhvcNAQELBQADggEBAAqygL7RVUQjG/DO1y8/ VqzMJyZG0L+LhGChzOLrU3saY90gxKUgP/c+gTJ18jK88+KmH/whYw/xaynEPj93 V/mq9hqr0gvPyyCdq4RSvOScujVZqbM7yvDmVIKfvIlOqVdG98+wgrSJ6t1Cq8Dr 7RzYgYlSu4ltw4SIWpvLJFQM6M0FkVZyXyIOS6dLclHsP4dH6Mvsgi+u/YOGoxpq bifE1fUMDv1Ahk+zF9GmaxZtX3dzsQ0tdeJNkoWfkMDp5xCoVQzgGI5edZJKqdPy hCRtLSi1Fevi5O6OpZnwkYdp9GkVMmWpgJlagKqp4c7f9l32vAKIhFJOlB3cKIqe VMg= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:32 2024 by rpki-client on console-fra.rpki-client.org