$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6f721af0-1647-4840-9982-a0cc396f0f0a.roa File: 6f721af0-1647-4840-9982-a0cc396f0f0a.roa (raw, json) Hash identifier: +U+/rBCvmWv0Mv5NWdPTgOuS0batz2ZJrWvNmTo0aMg= Subject key identifier: 0F:E4:FC:EE:2B:DE:5C:0D:8C:00:34:E2:A5:60:08:96:DD:9E:67:05 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 240FE967A1C03CDD226A891614814680F4DF1BBF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6f721af0-1647-4840-9982-a0cc396f0f0a.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:0f:e9:67:a1:c0:3c:dd:22:6a:89:16:14:81:46:80:f4:df:1b:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=46bbc0deffb47fe66a3881c356923bf97a7ed6e0055a0b5f93cb50145d9c26db, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:ec:50:cf:90:03:42:81:86:20:62:3c:8a:50: b9:18:3e:e8:29:14:12:6c:87:f2:c3:c2:3d:d2:59: 1f:8f:f8:6d:05:0f:63:85:9b:ac:14:89:7b:2b:2a: 3a:4e:eb:67:5b:57:ab:6e:cf:16:cf:1e:d3:c9:ad: cf:0b:90:7c:50:4a:27:c6:51:14:7e:a7:76:80:17: 5e:2e:c7:2f:a5:bc:19:b8:61:b7:0a:41:67:75:b1: 8b:98:27:a0:ce:15:42:cd:81:09:1f:7e:f9:a4:7c: cd:ab:c3:a2:00:76:d0:ac:79:8d:f7:6e:ef:72:1e: ed:c8:59:64:e9:35:9e:b8:2a:c6:5f:c1:bc:9f:56: 7c:76:7e:2a:9f:cf:3c:18:dd:74:e8:05:ca:47:e6: a4:62:f0:05:a6:87:fb:26:f4:6b:71:59:8c:d2:fb: 62:f2:7f:35:1b:66:ad:50:7d:3a:9a:7f:4a:d7:8f: e4:c5:5e:ff:f5:68:7e:8a:02:bb:04:87:e0:54:4d: d1:03:01:94:22:c5:ac:a7:4c:41:ec:ee:ea:8b:83: 3c:4c:bc:5d:e6:d4:29:a2:b8:c8:1a:08:82:5a:11: 3f:9b:7f:81:54:f2:31:7c:01:ea:7f:db:a2:a7:37: 0d:23:ce:73:dc:ef:79:bb:0b:0d:c8:21:df:9e:f9: 47:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:E4:FC:EE:2B:DE:5C:0D:8C:00:34:E2:A5:60:08:96:DD:9E:67:05 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6f721af0-1647-4840-9982-a0cc396f0f0a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:2800::/40 Signature Algorithm: sha256WithRSAEncryption 1a:47:d9:88:9b:9d:1d:5d:d3:58:09:e4:6e:26:6d:53:b7:ab: 74:52:93:02:e4:33:e2:a6:e0:d0:74:00:57:9f:38:ff:8c:a6: e3:86:d7:bf:cd:41:29:f0:56:6a:47:91:ad:4d:10:96:d9:88: 81:f5:24:48:3f:da:09:7f:f9:ec:46:18:4c:55:7d:3b:a0:5e: e4:1c:b4:b4:c0:e5:56:4c:62:83:c7:7e:82:e1:19:47:6f:c1: 25:28:ab:65:44:fa:19:ca:57:20:3b:1d:b3:3e:06:85:e5:a1: c0:4e:d1:1a:94:51:34:56:cf:fa:38:70:c4:c6:77:95:6a:25: e6:26:76:d6:3c:0c:79:1e:eb:ad:70:7a:bf:31:fc:8b:a1:8e: be:eb:7f:09:44:5f:2c:62:a5:68:26:e1:cf:f4:3e:d1:f1:2f: 7f:4c:9a:e9:35:f1:c1:f3:35:7d:46:61:e0:a0:54:17:c1:cb: 32:69:7e:f9:07:a4:95:ef:d6:b7:99:0a:fb:19:1f:6b:74:f0: 97:39:f6:4b:85:79:7c:8d:91:68:13:5d:c4:82:cb:b9:de:64: d7:94:bf:4f:08:c9:c3:e0:52:d7:4d:56:2f:7f:73:6a:b6:ff: c5:10:90:36:fa:58:e7:57:ea:ed:fd:0c:0c:af:f9:d9:f2:32: 58:6c:94:8c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJA/pZ6HAPN0iaokWFIFGgPTfG78wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNANDZiYmMwZGVmZmI0N2ZlNjZhMzg4 MWMzNTY5MjNiZjk3YTdlZDZlMDA1NWEwYjVmOTNjYjUwMTQ1ZDljMjZkYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouxQz5ADQoGGIGI8ilC5GD7oKRQS bIfyw8I90lkfj/htBQ9jhZusFIl7Kyo6TutnW1erbs8Wzx7Tya3PC5B8UEonxlEU fqd2gBdeLscvpbwZuGG3CkFndbGLmCegzhVCzYEJH375pHzNq8OiAHbQrHmN927v ch7tyFlk6TWeuCrGX8G8n1Z8dn4qn888GN106AXKR+akYvAFpof7JvRrcVmM0vti 8n81G2atUH06mn9K14/kxV7/9Wh+igK7BIfgVE3RAwGUIsWsp0xB7O7qi4M8TLxd 5tQporjIGgiCWhE/m3+BVPIxfAHqf9uipzcNI85z3O95uwsNyCHfnvlHVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA/k/O4r3lwNjAA04qVgCJbdnmcFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZmNzIxYWYwLTE2NDctNDg0MC05OTgyLWEwY2MzOTZmMGYwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNigwDQYJKoZIhvcNAQELBQADggEBABpH2YibnR1d01gJ5G4m bVO3q3RSkwLkM+Km4NB0AFefOP+MpuOG17/NQSnwVmpHka1NEJbZiIH1JEg/2gl/ +exGGExVfTugXuQctLTA5VZMYoPHfoLhGUdvwSUoq2VE+hnKVyA7HbM+BoXlocBO 0RqUUTRWz/o4cMTGd5VqJeYmdtY8DHke661wer8x/Iuhjr7rfwlEXyxipWgm4c/0 PtHxL39Mmuk18cHzNX1GYeCgVBfByzJpfvkHpJXv1reZCvsZH2t08Jc59kuFeXyN kWgTXcSCy7neZNeUv08IycPgUtdNVi9/c2q2/8UQkDb6WOdX6u39DAyv+dnyMlhs lIw= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:32 2024 by rpki-client on console-fra.rpki-client.org