$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60bdc157-596d-496e-bdbc-bada0f6826ad.roa File: 60bdc157-596d-496e-bdbc-bada0f6826ad.roa (raw, json) Hash identifier: gXHne/Qh+ySdwUt8eu0VhastXPDpIv2A/LvlK0oVjmk= Subject key identifier: 83:BE:98:8D:06:0C:52:8E:CF:8C:5C:6D:6B:89:22:E5:07:F5:1C:96 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0182B3C883AFF63ED3AA95705EDF621F4ED9ED7E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60bdc157-596d-496e-bdbc-bada0f6826ad.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Dec 2024 00:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:82:b3:c8:83:af:f6:3e:d3:aa:95:70:5e:df:62:1f:4e:d9:ed:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=e784d49721e553ffe24d2be941a7366ab3f1a1f1fafbde4c71d2f539fb2f5a49, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:87:64:04:2e:ca:07:1e:9e:c9:70:ff:55:76: 6a:3e:c4:ba:e0:f2:29:28:66:75:26:fa:ee:7c:6c: 7d:84:53:6d:a3:ae:19:ae:53:70:ee:ef:85:58:61: 3c:3b:0c:71:7f:ef:82:77:06:0e:16:95:04:c3:bc: 8b:f4:d0:d8:c0:03:da:64:25:d6:fb:4f:c3:f6:b4: 84:04:dc:56:00:85:8f:42:ae:fa:60:dc:4c:55:91: 4c:91:0d:ef:51:8f:3a:8d:80:3e:ef:80:71:1b:2b: 06:49:c7:b1:c7:b0:43:1d:c0:e8:64:7c:67:b6:0f: d8:b7:83:07:33:50:3a:a3:6c:f4:98:7d:c2:a7:92: 37:0c:e8:a1:1b:31:50:9f:c4:95:6c:55:37:4e:7a: 95:ed:83:15:aa:11:05:78:e0:a0:27:bb:c7:ba:09: 18:21:68:42:a4:12:fd:a9:2f:5a:a6:b5:5d:bd:88: 04:2a:94:0a:b6:6a:9a:88:ff:ac:41:4b:1d:6e:5b: 6d:aa:b3:62:53:8b:34:1b:50:be:fc:f7:41:4c:82: 8d:37:27:cb:19:0d:3a:1e:bc:78:13:91:b1:a1:d9: 33:21:ca:a8:4a:7c:ff:b2:6e:e8:1a:25:e0:17:f3: 41:97:6f:37:81:ba:01:0d:db:60:66:c0:9e:42:67: 69:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:BE:98:8D:06:0C:52:8E:CF:8C:5C:6D:6B:89:22:E5:07:F5:1C:96 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60bdc157-596d-496e-bdbc-bada0f6826ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:a000::/40 Signature Algorithm: sha256WithRSAEncryption 38:5b:d6:26:b2:31:84:39:48:52:95:3d:c5:92:48:6f:04:35: 09:8f:21:48:34:5a:c0:be:db:5a:95:ae:a0:17:e4:01:c4:26: 17:a1:db:82:26:17:d8:97:b8:75:c5:a0:47:b1:e7:ab:1b:79: 89:72:7c:84:a1:ab:b3:56:dd:40:3f:df:f2:a1:81:cd:7c:e0: b8:0d:f2:56:17:64:b0:d2:e2:a5:f6:17:1f:1c:15:99:89:52: 31:9c:52:16:82:76:19:04:fb:05:73:e9:2f:5d:3a:cc:d6:bc: 4b:67:2c:e9:80:63:c5:c0:1e:a6:9d:ea:af:de:1c:2a:13:d5: 31:0d:18:6f:bd:63:45:8b:22:b8:0a:3d:24:4b:a8:c3:86:49: 80:ca:b2:9a:de:76:e2:02:a0:b1:fb:c9:f8:58:f5:18:5c:7a: 00:e7:b0:04:6a:c0:a1:25:f2:20:95:5a:c3:d1:dc:99:eb:4a: 09:f6:c7:25:85:96:09:35:6e:ca:00:d2:b8:ff:4b:46:83:1e: ef:17:d0:15:14:e7:3d:00:09:11:de:7c:46:3c:33:90:11:d7: 0e:f2:8a:f8:50:ad:49:83:55:b7:61:a3:a9:cc:ea:6a:ef:77: 6e:41:29:b5:05:c6:00:04:5a:21:22:2e:b1:26:be:1c:04:e5: 20:dc:31:84 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAYKzyIOv9j7TqpVwXt9iH07Z7X4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAZTc4NGQ0OTcyMWU1NTNmZmUyNGQy YmU5NDFhNzM2NmFiM2YxYTFmMWZhZmJkZTRjNzFkMmY1MzlmYjJmNWE0OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIdkBC7KBx6eyXD/VXZqPsS64PIp KGZ1JvrufGx9hFNto64ZrlNw7u+FWGE8Owxxf++CdwYOFpUEw7yL9NDYwAPaZCXW +0/D9rSEBNxWAIWPQq76YNxMVZFMkQ3vUY86jYA+74BxGysGScexx7BDHcDoZHxn tg/Yt4MHM1A6o2z0mH3Cp5I3DOihGzFQn8SVbFU3TnqV7YMVqhEFeOCgJ7vHugkY IWhCpBL9qS9aprVdvYgEKpQKtmqaiP+sQUsdblttqrNiU4s0G1C+/PdBTIKNNyfL GQ06Hrx4E5GxodkzIcqoSnz/sm7oGiXgF/NBl283gboBDdtgZsCeQmdpaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIO+mI0GDFKOz4xcbWuJIuUH9RyWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYwYmRjMTU3LTU5NmQtNDk2ZS1iZGJjLWJhZGEwZjY4MjZhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/KAwDQYJKoZIhvcNAQELBQADggEBADhb1iayMYQ5SFKVPcWS SG8ENQmPIUg0WsC+21qVrqAX5AHEJheh24ImF9iXuHXFoEex56sbeYlyfIShq7NW 3UA/3/Khgc184LgN8lYXZLDS4qX2Fx8cFZmJUjGcUhaCdhkE+wVz6S9dOszWvEtn LOmAY8XAHqad6q/eHCoT1TENGG+9Y0WLIrgKPSRLqMOGSYDKspreduICoLH7yfhY 9RhcegDnsARqwKEl8iCVWsPR3JnrSgn2xyWFlgk1bsoA0rj/S0aDHu8X0BUU5z0A CRHefEY8M5AR1w7yivhQrUmDVbdho6nM6mrvd25BKbUFxgAEWiEiLrEmvhwE5SDc MYQ= -----END CERTIFICATE-----Generated at Wed Dec 4 01:20:53 2024 by rpki-client on console-ams.rpki-client.org