$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa File: 4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa (raw, json) Hash identifier: eZLd21ojrc4/j8wd+nrJirYhjxdDXlk4L5DwWRCG13M= Subject key identifier: FE:E3:D2:9F:4F:15:81:6C:E6:54:68:76:24:F3:70:8C:8F:62:67:FA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 264452D21E720FC4F8424890DDCD98C1887FEAC7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa Signing time: Tue 29 Oct 2024 00:00:00 +0000 ROA not before: Tue 29 Oct 2024 00:00:00 +0000 ROA not after: Tue 03 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:44:52:d2:1e:72:0f:c4:f8:42:48:90:dd:cd:98:c1:88:7f:ea:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:00:00 2024 GMT Not After : Dec 3 23:59:59 2024 GMT Subject: serialNumber=959b1bde853736913d5e4c2be860133913a1987d4d637882534532a59773315a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:cc:ab:fa:77:19:72:c1:93:c6:e2:da:8c:2b: eb:4a:ce:23:10:45:40:98:c1:f6:2c:f0:31:13:f2: 47:ac:06:8e:c1:8c:a8:44:31:9a:5f:58:da:88:17: c3:13:dd:d4:40:b4:eb:22:3d:3e:37:2d:42:89:0c: e4:bd:21:c4:9d:4f:3c:e8:35:39:79:d7:c0:a5:10: 51:52:18:16:4c:bf:18:5e:ce:98:4e:68:3e:03:ea: f9:be:f4:ae:06:1f:96:ca:41:39:6d:29:9d:93:3b: 7a:a2:ca:e3:39:c2:b4:01:6c:ff:9c:fa:a8:ac:4d: 76:72:3e:81:47:bf:12:9a:fd:13:c3:d5:32:6d:be: 35:d5:46:34:f5:10:95:01:11:0a:d4:9c:71:2d:35: d2:09:de:d7:c0:2c:a9:1d:e6:f6:d7:cd:27:06:36: a3:18:0b:e2:b9:f2:c0:8f:a9:e1:de:aa:3c:80:4e: 45:71:b2:48:72:d8:71:3e:27:d9:98:65:66:c3:ac: 1d:7b:a6:42:99:cf:9b:20:82:73:a8:2f:2c:0f:12: d7:79:8a:d0:35:7c:08:2c:7f:63:e7:1d:fd:07:58: 1c:c5:fa:b7:f3:a9:02:74:f2:03:03:e1:0f:1c:b1: 7a:f5:9f:14:3e:b8:73:e7:42:02:56:66:a5:fa:26: c1:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:E3:D2:9F:4F:15:81:6C:E6:54:68:76:24:F3:70:8C:8F:62:67:FA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:c000::/40 Signature Algorithm: sha256WithRSAEncryption 10:e9:5b:33:ec:7c:13:aa:f2:5f:39:90:4e:bd:54:68:e2:37: bc:72:31:37:0e:d5:61:b9:89:d4:5f:a0:4f:8b:d4:d8:fd:f4: 94:f0:69:d0:a0:31:90:24:27:8e:40:b4:78:8a:c4:97:ba:8d: 98:1f:15:58:9d:47:d7:e9:da:40:13:76:9e:0b:6b:6f:f6:25: 74:47:23:da:17:0d:5f:7a:9e:c7:12:76:1d:c9:61:d9:af:ba: b4:c6:3c:7b:cf:f0:06:da:ed:c5:28:8c:70:53:8a:41:93:81: ca:ca:8f:be:11:17:f1:8d:0f:af:b2:f1:51:48:8c:a4:e8:49: db:6e:16:f5:6a:f4:58:3d:7f:3d:8a:38:f1:0e:0b:fa:e2:77: 14:36:41:a4:62:63:b1:cb:8a:17:cb:b7:c9:3e:ae:b5:92:a3: 92:cd:67:0e:ce:2d:aa:42:72:7f:fc:c1:b2:90:23:79:24:05: 85:4e:7f:3e:39:9d:2f:51:11:c6:16:ab:08:de:d4:fb:7a:ca: 38:d9:ba:ee:6d:9a:dd:90:3b:75:4b:80:cc:01:97:9a:7d:a9: a4:b4:1a:45:86:5b:15:4d:6a:bb:d7:91:08:a2:3a:71:42:77: a3:cc:ea:20:c6:6f:a5:62:33:5a:8e:fe:8d:46:c5:e3:ad:ad: 09:8b:d8:7c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJkRS0h5yD8T4QkiQ3c2YwYh/6scwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyOTAwMDAwMFoX DTI0MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAOTU5YjFiZGU4NTM3MzY5MTNkNWU0 YzJiZTg2MDEzMzkxM2ExOTg3ZDRkNjM3ODgyNTM0NTMyYTU5NzczMzE1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMyr+ncZcsGTxuLajCvrSs4jEEVA mMH2LPAxE/JHrAaOwYyoRDGaX1jaiBfDE93UQLTrIj0+Ny1CiQzkvSHEnU886DU5 edfApRBRUhgWTL8YXs6YTmg+A+r5vvSuBh+WykE5bSmdkzt6osrjOcK0AWz/nPqo rE12cj6BR78Smv0Tw9Uybb411UY09RCVAREK1JxxLTXSCd7XwCypHeb2180nBjaj GAviufLAj6nh3qo8gE5FcbJIcthxPifZmGVmw6wde6ZCmc+bIIJzqC8sDxLXeYrQ NXwILH9j5x39B1gcxfq386kCdPIDA+EPHLF69Z8UPrhz50ICVmal+ibBpQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP7j0p9PFYFs5lRodiTzcIyPYmf6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlOWJlZWMyLTRkYWItNGYzMS1iMGNiLWFkNmEzYTU3NjFiMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+sAwDQYJKoZIhvcNAQELBQADggEBABDpWzPsfBOq8l85kE69 VGjiN7xyMTcO1WG5idRfoE+L1Nj99JTwadCgMZAkJ45AtHiKxJe6jZgfFVidR9fp 2kATdp4La2/2JXRHI9oXDV96nscSdh3JYdmvurTGPHvP8Aba7cUojHBTikGTgcrK j74RF/GND6+y8VFIjKToSdtuFvVq9Fg9fz2KOPEOC/ridxQ2QaRiY7HLihfLt8k+ rrWSo5LNZw7OLapCcn/8wbKQI3kkBYVOfz45nS9REcYWqwje1Pt6yjjZuu5tmt2Q O3VLgMwBl5p9qaS0GkWGWxVNarvXkQiiOnFCd6PM6iDGb6ViM1qO/o1GxeOtrQmL 2Hw= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:35 2024 by rpki-client on console-fra.rpki-client.org