$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d9c63de-e5b5-43d1-a1f9-ad5d3ec72b02.roa File: 4d9c63de-e5b5-43d1-a1f9-ad5d3ec72b02.roa (raw, json) Hash identifier: fgHVbt4IzOG1oYgW/n9BcQNMr7CxB+wpcU9iWcviSR0= Subject key identifier: 02:B2:D9:18:BB:9A:DB:52:A1:4C:87:23:59:75:F4:0D:E0:4E:4F:DB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1009A474A477AD1A670ADED5453AF8CD0FF4679E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d9c63de-e5b5-43d1-a1f9-ad5d3ec72b02.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:09:a4:74:a4:77:ad:1a:67:0a:de:d5:45:3a:f8:cd:0f:f4:67:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=6c3c37841c6fe0f160030ae2ccc290e404881b599bee15cc54752be990b26d3d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:32:72:94:53:ee:43:14:b3:90:50:2e:82:6a: 65:88:b7:52:b3:73:3b:eb:3e:05:bd:f7:a4:4f:4e: d2:37:cb:cb:40:9d:51:43:7a:cf:20:62:8c:d3:eb: c6:cc:6a:e2:8e:ba:50:3f:c6:fa:ad:7b:c4:94:f2: 01:de:27:ac:f6:86:3a:bf:96:a8:22:73:f6:31:98: 13:3c:6e:04:17:c3:92:2e:68:30:85:a2:00:3a:e5: 36:05:4e:dd:dd:fa:4e:23:f1:11:3f:ea:72:71:b7: de:9f:bb:9f:03:07:d3:f3:87:a5:76:e3:bc:37:af: 0b:b9:2b:71:fa:47:69:37:bc:5a:4f:b9:ac:ad:86: c6:48:d3:7b:ed:2f:45:ce:d6:a3:ba:07:d7:24:e7: b1:2c:05:03:dc:5b:fd:ed:42:2e:27:f1:83:d8:93: 06:76:e3:80:26:59:55:60:bc:7c:58:e1:a5:f4:77: e1:de:71:c7:d1:12:4d:91:55:cc:18:b8:cd:cf:9b: b1:59:84:ab:a6:04:11:44:75:64:03:76:27:d2:11: 7b:70:80:a5:98:61:c4:57:f6:85:41:47:43:79:f5: 4f:8a:3f:89:45:b6:eb:41:74:b9:60:23:13:13:d9: 29:42:85:7e:5a:42:82:1a:1f:c2:ad:b1:cf:bd:d9: da:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:B2:D9:18:BB:9A:DB:52:A1:4C:87:23:59:75:F4:0D:E0:4E:4F:DB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d9c63de-e5b5-43d1-a1f9-ad5d3ec72b02.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:f000::/40 Signature Algorithm: sha256WithRSAEncryption 9d:bb:5b:ee:e3:4e:0c:41:62:1a:01:ca:d8:b4:5e:1a:c7:01: d4:97:16:24:86:2e:08:cc:ce:a3:50:62:28:ef:e8:ca:30:86: a2:ae:e6:cf:11:39:8b:62:0b:d0:3e:34:56:39:aa:dc:73:0f: 55:aa:5c:97:7b:12:e6:3e:11:f6:66:24:69:76:87:02:68:6f: 5f:65:77:29:ca:a6:e3:78:8b:44:98:e2:24:81:97:b9:88:52: d3:4b:a6:37:78:b7:4a:97:db:10:37:dc:0b:db:2e:e4:86:f0: 38:4c:58:7f:b8:ef:cd:69:4d:68:1e:68:31:be:24:c9:49:6e: 98:96:6e:58:3c:a4:be:b5:84:cc:19:0e:4b:56:23:50:b5:c7: 77:f1:cb:eb:43:7e:a3:1d:e2:37:8e:25:c7:d7:83:48:3c:03: f3:c2:ec:8e:a1:ec:e4:20:da:7a:69:1b:73:a5:71:0a:19:18: dc:17:51:1d:b4:4a:52:91:db:0e:a0:8d:7a:aa:9c:db:62:35: 84:54:23:b7:e8:a2:a5:e4:ec:b8:5d:a2:ae:44:51:9f:48:d4: 26:ad:b0:36:25:0d:fa:c1:5b:69:fa:b2:e3:8c:b8:ee:76:54: 37:0e:aa:fd:d0:73:a2:f3:a5:5f:bd:7e:9f:96:df:bf:85:00: d2:6c:95:d9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEAmkdKR3rRpnCt7VRTr4zQ/0Z54wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNANmMzYzM3ODQxYzZmZTBmMTYwMDMw YWUyY2NjMjkwZTQwNDg4MWI1OTliZWUxNWNjNTQ3NTJiZTk5MGIyNmQzZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzJylFPuQxSzkFAugmpliLdSs3M7 6z4FvfekT07SN8vLQJ1RQ3rPIGKM0+vGzGrijrpQP8b6rXvElPIB3ies9oY6v5ao InP2MZgTPG4EF8OSLmgwhaIAOuU2BU7d3fpOI/ERP+pycbfen7ufAwfT84elduO8 N68LuStx+kdpN7xaT7msrYbGSNN77S9FztajugfXJOexLAUD3Fv97UIuJ/GD2JMG duOAJllVYLx8WOGl9Hfh3nHH0RJNkVXMGLjNz5uxWYSrpgQRRHVkA3Yn0hF7cICl mGHEV/aFQUdDefVPij+JRbbrQXS5YCMTE9kpQoV+WkKCGh/CrbHPvdnaxQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAKy2Ri7mttSoUyHI1l19A3gTk/bMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkOWM2M2RlLWU1YjUtNDNkMS1hMWY5LWFkNWQzZWM3MmIwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/PAwDQYJKoZIhvcNAQELBQADggEBAJ27W+7jTgxBYhoByti0 XhrHAdSXFiSGLgjMzqNQYijv6MowhqKu5s8ROYtiC9A+NFY5qtxzD1WqXJd7EuY+ EfZmJGl2hwJob19ldynKpuN4i0SY4iSBl7mIUtNLpjd4t0qX2xA33AvbLuSG8DhM WH+4781pTWgeaDG+JMlJbpiWblg8pL61hMwZDktWI1C1x3fxy+tDfqMd4jeOJcfX g0g8A/PC7I6h7OQg2nppG3OlcQoZGNwXUR20SlKR2w6gjXqqnNtiNYRUI7fooqXk 7Lhdoq5EUZ9I1CatsDYlDfrBW2n6suOMuO52VDcOqv3Qc6LzpV+9fp+W37+FANJs ldk= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:35 2024 by rpki-client on console-fra.rpki-client.org