$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/769845d8-20c6-4639-a605-e6db7bfa4f8f.roa File: 769845d8-20c6-4639-a605-e6db7bfa4f8f.roa (raw, json) Hash identifier: 9MsZCvfZc0VCVbyV9B6a4efKlEfoZao/Hr2F21H6J3Q= Subject key identifier: 70:2C:54:40:12:CC:EB:BA:0E:F7:43:3E:44:BF:B4:CC:D2:D6:CD:87 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4AB953D2172E2A0572FB20A0005F3243DC7896B0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/769845d8-20c6-4639-a605-e6db7bfa4f8f.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:b9:53:d2:17:2e:2a:05:72:fb:20:a0:00:5f:32:43:dc:78:96:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=68ca6c443766ae24e1c87db4f937a2d119129a9a12702806be5a7ff86918dc49, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:9f:88:a9:5f:40:50:3d:05:30:9d:b2:e2:36: 67:d2:18:45:35:80:f6:af:bf:73:cb:11:ee:81:4a: 21:e3:5c:7d:f5:3d:ec:d0:c8:da:1f:e2:be:07:c9: 9e:e6:28:a6:99:c6:06:63:fe:86:0e:2a:90:7e:09: 98:c1:d1:36:62:d4:a8:ab:e0:b6:73:d2:67:6d:d1: 8a:37:f9:07:23:41:c8:73:c8:fb:e0:a9:4a:01:91: 49:6a:0b:bb:c4:d9:4f:b2:78:a8:c8:ef:af:f0:38: 4b:10:5f:f1:5e:88:cd:a0:b7:e7:90:c4:88:fc:b5: 90:79:f5:f2:3f:e1:87:ef:47:66:ce:e4:40:c3:f0: 60:1e:f0:b5:8b:8d:21:a6:19:19:b0:59:c2:1b:02: a5:e5:c1:a8:31:46:b0:0d:94:29:fa:f2:06:83:6e: cf:a4:1f:a2:65:f6:62:d6:3e:19:5d:b0:13:18:5b: a3:4a:7b:78:d2:a9:9b:ee:13:80:f4:45:e5:3d:cb: c8:70:c8:48:c2:d1:39:4e:b0:05:5d:6f:b7:1a:3b: ef:5e:32:39:dd:63:34:ca:d0:67:49:2e:be:d0:95: 61:c8:62:45:6e:13:70:4b:87:d8:37:a4:ee:c9:cc: 36:1c:7e:a4:7b:6e:cc:bf:e0:62:2e:f5:5e:6e:f3: 6a:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:2C:54:40:12:CC:EB:BA:0E:F7:43:3E:44:BF:B4:CC:D2:D6:CD:87 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/769845d8-20c6-4639-a605-e6db7bfa4f8f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 39:dc:51:c0:e4:80:30:6b:04:61:27:5b:2f:e0:13:01:09:76: 51:a7:41:29:57:70:07:bd:59:87:9a:db:9b:ec:57:f6:f8:ad: 06:b3:23:6b:cf:8b:98:16:8d:f5:38:f6:82:c7:59:dd:68:a1: 28:46:4b:59:0b:92:17:c9:d7:3b:b0:26:d5:41:de:36:b5:4e: 35:5e:42:0e:ba:3c:0d:e8:81:df:e7:61:da:ff:6f:b5:9c:18: 2e:aa:a1:ea:35:7e:96:f4:84:67:05:d0:de:3c:9c:4b:70:e6: 7d:df:8e:e6:ec:3f:e2:71:e9:49:e4:2a:14:b2:e8:02:a0:ff: 35:f5:80:62:dd:6b:df:6c:5f:78:38:e9:31:64:48:75:5b:30: 10:1a:55:fe:20:2c:6b:66:ad:4d:0e:8b:77:ec:c7:90:26:45: f3:b4:3a:56:12:28:ac:a7:e1:cd:9d:b5:82:06:b3:c6:2f:95: 79:25:ba:b1:3a:fd:fa:bf:63:5e:bb:3c:2c:06:97:83:e7:50: ef:a4:fd:4b:03:1c:e7:39:93:c2:df:7d:ac:59:f5:d0:17:33: 7c:96:90:4d:fb:14:8a:c2:f4:6e:5e:a0:6e:be:93:56:76:74: fb:cc:cb:ac:80:a5:f4:b4:08:46:df:2a:74:ae:08:8a:a6:a3: 40:26:20:d9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSrlT0hcuKgVy+yCgAF8yQ9x4lrAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNANjhjYTZjNDQzNzY2YWUyNGUxYzg3 ZGI0ZjkzN2EyZDExOTEyOWE5YTEyNzAyODA2YmU1YTdmZjg2OTE4ZGM0OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5+IqV9AUD0FMJ2y4jZn0hhFNYD2 r79zyxHugUoh41x99T3s0MjaH+K+B8me5iimmcYGY/6GDiqQfgmYwdE2YtSoq+C2 c9JnbdGKN/kHI0HIc8j74KlKAZFJagu7xNlPsnioyO+v8DhLEF/xXojNoLfnkMSI /LWQefXyP+GH70dmzuRAw/BgHvC1i40hphkZsFnCGwKl5cGoMUawDZQp+vIGg27P pB+iZfZi1j4ZXbATGFujSnt40qmb7hOA9EXlPcvIcMhIwtE5TrAFXW+3GjvvXjI5 3WM0ytBnSS6+0JVhyGJFbhNwS4fYN6Tuycw2HH6ke27Mv+BiLvVebvNqFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHAsVEASzOu6DvdDPkS/tMzS1s2HMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc2OTg0NWQ4LTIwYzYtNDYzOS1hNjA1LWU2ZGI3YmZhNGY4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8EAwDQYJKoZIhvcNAQELBQADggEBADncUcDkgDBrBGEnWy/g EwEJdlGnQSlXcAe9WYea25vsV/b4rQazI2vPi5gWjfU49oLHWd1ooShGS1kLkhfJ 1zuwJtVB3ja1TjVeQg66PA3ogd/nYdr/b7WcGC6qoeo1fpb0hGcF0N48nEtw5n3f jubsP+Jx6UnkKhSy6AKg/zX1gGLda99sX3g46TFkSHVbMBAaVf4gLGtmrU0Oi3fs x5AmRfO0OlYSKKyn4c2dtYIGs8YvlXklurE6/fq/Y167PCwGl4PnUO+k/UsDHOc5 k8LffaxZ9dAXM3yWkE37FIrC9G5eoG6+k1Z2dPvMy6yApfS0CEbfKnSuCIqmo0Am INk= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:32 2024 by rpki-client on console-fra.rpki-client.org