$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73a866d8-ff00-4acb-b036-c9dab4d498e7.roa File: 73a866d8-ff00-4acb-b036-c9dab4d498e7.roa (raw, json) Hash identifier: qDAc9J0O5RxnSCNbJ/rGcdnOQc3C+kTNBgGL2kkSOsc= Subject key identifier: DF:E7:C7:12:24:41:C0:FE:BF:53:D8:C8:4C:F9:AA:AC:2A:27:64:A9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6C46EFC120F8AD2155A60646866234C32EAD3EC9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73a866d8-ff00-4acb-b036-c9dab4d498e7.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:46:ef:c1:20:f8:ad:21:55:a6:06:46:86:62:34:c3:2e:ad:3e:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=e4cbd5148c8f007e0b20e829f5b75bcad0a9a4098b94eb45dadc059d18e762a3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:60:36:c4:31:d7:c1:0c:50:72:bc:23:3e:58: 0d:20:44:41:47:14:3c:c8:5e:be:56:44:eb:63:a2: 15:3a:ee:97:09:b6:5b:cf:f5:63:7c:d5:76:9b:44: 43:90:7f:d6:90:df:fb:22:c3:ae:14:d9:42:a0:31: 45:ac:d9:92:f8:68:1b:da:62:0c:c2:3a:93:1a:51: 4e:ab:b7:97:9d:f1:23:42:08:68:63:79:56:85:f2: 31:7f:6f:a7:d1:91:0d:61:c0:7c:ec:de:45:50:51: 4c:ba:ad:4b:30:ca:30:db:95:ae:a0:e6:01:3d:5e: c7:fe:2a:32:81:ce:21:f6:7a:98:eb:b8:e5:13:0e: f9:23:0b:08:46:8a:73:4b:03:a3:8f:a9:93:54:37: 88:b6:06:e1:18:91:8c:1a:f6:6f:b8:29:45:f2:3a: 7a:d7:fa:4c:4f:33:7c:a3:bb:f3:f5:bb:b8:3b:10: ce:86:f7:47:fe:4a:a0:a2:31:5f:92:67:cf:96:eb: f1:17:6c:04:5c:dc:30:6a:39:65:e2:a4:93:4c:22: dc:d0:31:ee:eb:00:7f:c6:68:40:21:1e:84:6b:69: a4:21:0c:1b:cd:e0:45:df:67:ae:e4:95:63:a2:08: 4f:2b:96:7f:b1:dc:ab:b2:68:54:13:b1:08:d1:8c: f2:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:E7:C7:12:24:41:C0:FE:BF:53:D8:C8:4C:F9:AA:AC:2A:27:64:A9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73a866d8-ff00-4acb-b036-c9dab4d498e7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:8800::/40 Signature Algorithm: sha256WithRSAEncryption 44:a5:0e:31:6d:1a:c9:60:3a:52:0b:ac:d2:28:a6:69:9d:8e: 5c:9d:0e:08:44:ab:76:ca:af:65:66:3a:a2:ec:48:7c:2e:2c: c7:b2:68:73:8a:d7:7e:69:3e:31:bf:44:04:4c:cd:d7:d0:5b: b3:01:3d:e4:02:5b:61:cc:39:c7:42:61:a7:5d:46:c6:4e:77: 29:8d:0b:eb:8c:81:fc:0a:e0:8e:dc:dd:a2:01:a5:7d:07:a3: 66:55:8e:60:fe:01:de:74:9e:ee:3a:e8:3c:d7:33:c1:4d:3e: 14:47:6e:ca:de:ca:06:70:6b:3e:72:84:5d:83:5d:ea:4d:c1: 9d:c1:b9:3b:74:e2:d7:ad:e9:c4:14:f9:7c:b4:d0:77:1b:09: 65:c0:fe:27:b8:8e:df:26:4f:ea:e5:75:f5:ee:cf:46:1a:af: 97:df:af:14:cb:bb:9b:79:3f:da:f4:58:0a:3f:a2:03:0a:d0: d5:6d:c4:63:4d:58:0d:f2:79:6e:cc:19:68:95:e4:d1:0b:ed: ee:e4:7c:3f:02:e8:80:78:42:b8:5b:c8:e5:0b:d0:6c:91:4d: 4c:d5:f5:c5:f1:36:9b:33:60:9d:cc:da:74:dd:bc:76:1e:5c: be:2b:9d:2c:27:5f:9d:21:c1:34:61:aa:1c:4f:ad:b9:3b:ea: 19:fc:ec:00 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbEbvwSD4rSFVpgZGhmI0wy6tPskwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNAZTRjYmQ1MTQ4YzhmMDA3ZTBiMjBl ODI5ZjViNzViY2FkMGE5YTQwOThiOTRlYjQ1ZGFkYzA1OWQxOGU3NjJhMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGA2xDHXwQxQcrwjPlgNIERBRxQ8 yF6+VkTrY6IVOu6XCbZbz/VjfNV2m0RDkH/WkN/7IsOuFNlCoDFFrNmS+Ggb2mIM wjqTGlFOq7eXnfEjQghoY3lWhfIxf2+n0ZENYcB87N5FUFFMuq1LMMow25WuoOYB PV7H/ioygc4h9nqY67jlEw75IwsIRopzSwOjj6mTVDeItgbhGJGMGvZvuClF8jp6 1/pMTzN8o7vz9bu4OxDOhvdH/kqgojFfkmfPluvxF2wEXNwwajll4qSTTCLc0DHu 6wB/xmhAIR6Ea2mkIQwbzeBF32eu5JVjoghPK5Z/sdyrsmhUE7EI0YzyHQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN/nxxIkQcD+v1PYyEz5qqwqJ2SpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzczYTg2NmQ4LWZmMDAtNGFjYi1iMDM2LWM5ZGFiNGQ0OThlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNogwDQYJKoZIhvcNAQELBQADggEBAESlDjFtGslgOlILrNIo pmmdjlydDghEq3bKr2VmOqLsSHwuLMeyaHOK135pPjG/RARMzdfQW7MBPeQCW2HM OcdCYaddRsZOdymNC+uMgfwK4I7c3aIBpX0Ho2ZVjmD+Ad50nu466DzXM8FNPhRH bsreygZwaz5yhF2DXepNwZ3BuTt04tet6cQU+Xy00HcbCWXA/ie4jt8mT+rldfXu z0Yar5ffrxTLu5t5P9r0WAo/ogMK0NVtxGNNWA3yeW7MGWiV5NEL7e7kfD8C6IB4 QrhbyOUL0GyRTUzV9cXxNpszYJ3M2nTdvHYeXL4rnSwnX50hwTRhqhxPrbk76hn8 7AA= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:32 2024 by rpki-client on console-fra.rpki-client.org