$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa File: 4a75b2a7-15e5-4501-aaaf-4737a678d996.roa (raw, json) Hash identifier: G3DaAMA0vYblm/jnIIMzCqKV0sSE6M/bbHkLE7tUPOg= Subject key identifier: AE:23:5B:87:ED:E4:23:63:60:C0:98:27:11:FF:11:5F:4E:64:F8:64 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6541CF9DCA54AA5D980449BA5EA85B4F619EB14F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa Signing time: Tue 29 Oct 2024 00:00:00 +0000 ROA not before: Tue 29 Oct 2024 00:00:00 +0000 ROA not after: Tue 03 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:41:cf:9d:ca:54:aa:5d:98:04:49:ba:5e:a8:5b:4f:61:9e:b1:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:00:00 2024 GMT Not After : Dec 3 23:59:59 2024 GMT Subject: serialNumber=402185920ccd309f2988852fd44a2f9763ad8ee76b63f4d22101d262dde56991, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:df:44:37:21:e1:7d:85:2e:97:68:de:c9:87: d6:58:b5:14:b7:8e:11:58:b9:13:55:a1:6d:e5:4b: 09:69:2a:84:a0:47:1f:01:f6:9a:70:3e:50:da:72: 8d:8b:d2:38:1c:71:ee:45:79:27:39:74:ff:ad:93: c9:27:76:c9:2f:cc:fd:86:5b:4a:18:05:86:fb:a0: 05:aa:04:41:53:e3:32:c7:40:ed:ba:f3:30:27:7d: 1f:8c:4a:53:d5:3e:e1:bd:fa:c3:56:48:38:79:29: 9c:2e:ad:20:b7:50:2c:31:19:d5:f9:23:5a:09:a5: 58:b1:ce:70:7e:7e:e2:21:1e:7c:3c:89:7d:d4:76: 3b:81:e7:2d:11:6e:03:f2:1a:c0:9a:eb:f0:77:aa: 8f:25:03:4a:d1:8c:66:bd:1b:7b:05:c4:df:d1:25: 44:55:0f:b9:10:72:7e:bd:19:14:1d:a6:7d:98:11: 24:d8:18:ae:f1:81:30:d9:b7:06:aa:45:47:07:0a: 22:66:70:a1:66:a0:69:d0:48:26:d9:b2:a7:2f:c7: cb:af:3c:6f:af:37:d6:71:2b:fa:ec:29:7a:e2:1b: df:5e:f8:28:60:8f:91:0a:4a:34:75:78:24:46:5e: 5b:9b:64:14:6e:f7:f5:48:81:64:e6:e0:a9:10:4e: d7:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:23:5B:87:ED:E4:23:63:60:C0:98:27:11:FF:11:5F:4E:64:F8:64 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:7000::/40 Signature Algorithm: sha256WithRSAEncryption bb:a0:c6:f2:08:c1:46:19:02:2b:8d:fc:11:36:7f:b5:a9:20: 88:23:39:43:7e:20:99:27:bf:f0:41:da:3a:75:f7:d6:32:44: bb:2f:20:a0:ba:81:c8:ec:b2:4e:11:e2:77:bc:b7:ad:b9:e7: 21:65:6b:81:ad:03:3f:15:25:65:65:f5:de:56:d1:55:3c:89: d4:fe:93:06:95:a4:fe:2b:ce:b8:88:9b:f9:68:e7:61:5a:ce: f9:54:a2:0a:95:da:c1:18:7f:95:33:87:7c:2f:79:44:09:be: 29:3c:54:c4:be:0f:0f:96:db:e1:38:00:64:8f:3f:72:44:99: c0:b0:df:10:ad:93:11:e7:83:d4:9f:d2:e7:83:1a:be:a8:2a: f1:c0:1d:60:00:56:fe:14:89:e0:76:66:40:82:e7:9a:30:c0: 92:b2:81:94:e1:4f:34:23:cd:56:50:f7:a4:fa:38:30:13:44: 83:bb:0e:af:88:d5:de:bc:dc:59:60:3b:9f:c7:1e:28:be:ee: f8:b9:01:7f:9a:c7:29:fe:34:7f:02:19:b8:92:e0:e3:4c:a4: 4d:f4:10:a6:a7:d2:ee:74:d4:3c:18:b7:39:54:ea:82:88:ba: b7:cd:97:b5:bb:4d:c1:8d:1c:ba:e6:12:df:dc:07:bd:6c:e5: 98:b2:2e:2e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZUHPncpUql2YBEm6XqhbT2GesU8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyOTAwMDAwMFoX DTI0MTIwMzIzNTk1OVowejFJMEcGA1UEBRNANDAyMTg1OTIwY2NkMzA5ZjI5ODg4 NTJmZDQ0YTJmOTc2M2FkOGVlNzZiNjNmNGQyMjEwMWQyNjJkZGU1Njk5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN9ENyHhfYUul2jeyYfWWLUUt44R WLkTVaFt5UsJaSqEoEcfAfaacD5Q2nKNi9I4HHHuRXknOXT/rZPJJ3bJL8z9hltK GAWG+6AFqgRBU+Myx0DtuvMwJ30fjEpT1T7hvfrDVkg4eSmcLq0gt1AsMRnV+SNa CaVYsc5wfn7iIR58PIl91HY7gectEW4D8hrAmuvwd6qPJQNK0YxmvRt7BcTf0SVE VQ+5EHJ+vRkUHaZ9mBEk2Biu8YEw2bcGqkVHBwoiZnChZqBp0Egm2bKnL8fLrzxv rzfWcSv67Cl64hvfXvgoYI+RCko0dXgkRl5bm2QUbvf1SIFk5uCpEE7XjwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK4jW4ft5CNjYMCYJxH/EV9OZPhkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRhNzViMmE3LTE1ZTUtNDUwMS1hYWFmLTQ3MzdhNjc4ZDk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaHAwDQYJKoZIhvcNAQELBQADggEBALugxvIIwUYZAiuN/BE2 f7WpIIgjOUN+IJknv/BB2jp199YyRLsvIKC6gcjssk4R4ne8t6255yFla4GtAz8V JWVl9d5W0VU8idT+kwaVpP4rzriIm/lo52FazvlUogqV2sEYf5Uzh3wveUQJvik8 VMS+Dw+W2+E4AGSPP3JEmcCw3xCtkxHng9Sf0ueDGr6oKvHAHWAAVv4UieB2ZkCC 55owwJKygZThTzQjzVZQ96T6ODATRIO7Dq+I1d683FlgO5/HHii+7vi5AX+axyn+ NH8CGbiS4ONMpE30EKan0u501DwYtzlU6oKIurfNl7W7TcGNHLrmEt/cB71s5Ziy Li4= -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:38 2024 by rpki-client on console-ams.rpki-client.org