$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa File: 49a679dd-b6ba-4b54-beeb-b3e83302b998.roa (raw, json) Hash identifier: FCv0k1O2WkAuBq2rULtToaE67O6q+z3x80+E5ZOGvn8= Subject key identifier: 57:7D:59:BF:ED:78:83:EF:35:5E:4B:09:3A:FB:7C:3C:89:D6:7A:B4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7CAE2EEEB12A29CF841D87D9BCC60DE6900359E1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa Signing time: Sat 23 Nov 2024 00:00:00 +0000 ROA not before: Sat 23 Nov 2024 00:00:00 +0000 ROA not after: Sat 28 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 00:35:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:ae:2e:ee:b1:2a:29:cf:84:1d:87:d9:bc:c6:0d:e6:90:03:59:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 23 00:00:00 2024 GMT Not After : Dec 28 23:59:59 2024 GMT Subject: serialNumber=40e7241f8c85a83c6a0517bb211bccd0aaf3e81dca65806fd15f4c201792b183, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f5:f5:d0:9e:69:1f:5a:05:90:1a:69:dc:f0: 8f:41:6e:e3:79:60:6c:3d:4e:a3:90:13:aa:6a:56: 63:49:60:3c:15:d6:5f:5b:98:1a:b7:55:38:84:67: d8:97:1d:a5:61:a2:1e:31:9c:34:22:b4:5a:e3:26: 09:35:fd:ae:e1:c0:a3:26:83:9f:91:1a:4b:db:ce: 40:4c:23:7c:c7:cc:0b:24:73:77:f5:0a:7c:bd:8a: f6:85:89:94:36:46:95:a3:33:50:f5:be:28:b8:b1: 08:a6:c8:17:89:dc:c3:46:9a:26:1f:62:33:ea:15: ff:d3:79:bb:c9:92:ca:fb:da:44:17:b7:66:4e:f7: 04:0b:09:85:96:a5:52:8f:0c:17:97:6f:c6:ca:31: 4a:f5:35:29:db:f5:85:3e:a5:9b:47:4d:5b:d9:65: 61:ab:bb:9c:51:63:15:5f:40:8e:95:3b:45:b4:81: 64:38:80:00:04:81:94:4c:70:97:a3:71:a3:f7:8b: b0:d7:c6:96:91:7e:12:4f:81:d6:ca:1a:5f:24:c8: 2a:bc:a0:31:06:54:6d:e6:13:ac:ea:2a:4f:2e:07: 53:7c:51:1f:63:2b:49:0b:1c:6f:0d:df:f1:e3:15: 96:70:56:3a:9e:84:a8:7d:1c:15:70:0f:b5:aa:d5: 63:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:7D:59:BF:ED:78:83:EF:35:5E:4B:09:3A:FB:7C:3C:89:D6:7A:B4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:800::/40 Signature Algorithm: sha256WithRSAEncryption 8d:4e:15:80:cb:c3:14:9f:05:c8:71:e4:ce:78:c9:58:84:68: 8d:ff:83:43:7f:5d:2f:a3:11:62:90:72:26:22:91:59:db:9b: 20:b9:70:8a:f1:75:88:36:00:49:21:1d:c8:2d:87:8c:ad:5e: 7f:27:5f:66:88:75:63:95:bc:19:cc:1d:7e:8d:a0:78:56:ba: b9:55:ac:90:b5:9e:1f:c8:39:e3:e4:83:fc:c3:4e:b1:8c:e3: d6:34:c3:dc:80:9a:fa:7e:f3:13:50:33:02:3a:4a:a2:80:35: b8:54:16:eb:03:4c:82:d1:56:79:75:82:da:44:8d:f1:98:9a: 99:af:06:64:f2:24:03:10:37:fe:99:31:73:95:4a:35:4d:f2: 19:f2:38:5f:b3:df:b3:26:57:4c:d6:01:5c:cc:e1:71:6f:ee: bd:d3:65:62:b5:d5:95:f8:21:ec:f8:9c:90:e0:4e:94:0a:47: 90:24:4a:3b:26:e6:bb:0f:fa:af:f6:e5:61:40:bf:9a:60:01: 80:c8:e7:31:5a:96:f5:c7:25:ba:e5:fd:7f:1e:91:54:5f:63: 15:df:05:91:0a:85:8f:9d:80:48:62:0c:fd:83:4b:4b:dc:0f: 70:5b:15:f8:90:5f:dc:b3:48:39:30:fe:0b:6b:ef:e4:84:e4: 86:20:fa:4e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfK4u7rEqKc+EHYfZvMYN5pADWeEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMzAwMDAwMFoX DTI0MTIyODIzNTk1OVowejFJMEcGA1UEBRNANDBlNzI0MWY4Yzg1YTgzYzZhMDUx N2JiMjExYmNjZDBhYWYzZTgxZGNhNjU4MDZmZDE1ZjRjMjAxNzkyYjE4MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vX10J5pH1oFkBpp3PCPQW7jeWBs PU6jkBOqalZjSWA8FdZfW5gat1U4hGfYlx2lYaIeMZw0IrRa4yYJNf2u4cCjJoOf kRpL285ATCN8x8wLJHN39Qp8vYr2hYmUNkaVozNQ9b4ouLEIpsgXidzDRpomH2Iz 6hX/03m7yZLK+9pEF7dmTvcECwmFlqVSjwwXl2/GyjFK9TUp2/WFPqWbR01b2WVh q7ucUWMVX0COlTtFtIFkOIAABIGUTHCXo3Gj94uw18aWkX4ST4HWyhpfJMgqvKAx BlRt5hOs6ipPLgdTfFEfYytJCxxvDd/x4xWWcFY6noSofRwVcA+1qtVjuwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFd9Wb/teIPvNV5LCTr7fDyJ1nq0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YTY3OWRkLWI2YmEtNGI1NC1iZWViLWIzZTgzMzAyYjk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8QgwDQYJKoZIhvcNAQELBQADggEBAI1OFYDLwxSfBchx5M54 yViEaI3/g0N/XS+jEWKQciYikVnbmyC5cIrxdYg2AEkhHcgth4ytXn8nX2aIdWOV vBnMHX6NoHhWurlVrJC1nh/IOePkg/zDTrGM49Y0w9yAmvp+8xNQMwI6SqKANbhU FusDTILRVnl1gtpEjfGYmpmvBmTyJAMQN/6ZMXOVSjVN8hnyOF+z37MmV0zWAVzM 4XFv7r3TZWK11ZX4Iez4nJDgTpQKR5AkSjsm5rsP+q/25WFAv5pgAYDI5zFalvXH Jbrl/X8ekVRfYxXfBZEKhY+dgEhiDP2DS0vcD3BbFfiQX9yzSDkw/gtr7+SE5IYg +k4= -----END CERTIFICATE-----Generated at Mon Nov 25 01:01:12 2024 by rpki-client on console-ams.rpki-client.org