$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa File: 7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa (raw, json) Hash identifier: DU7xB6ZkcR4YdKb5lpV4BbGKwKsrJxWelXTlfPi3550= Subject key identifier: 7C:E4:D4:A6:31:CE:71:59:CF:5D:69:4C:88:A7:54:52:7C:F1:9D:E9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 219283FD1CD24E490B1931791C1991351C6CE269 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:92:83:fd:1c:d2:4e:49:0b:19:31:79:1c:19:91:35:1c:6c:e2:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=9172e1ced2409554fb5cc1945b95946e373547724a9d9eb45811a2172fa3351c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b4:68:9c:ee:00:6a:a7:e1:1f:35:5f:c5:f8: 2a:d9:e1:46:3a:20:c2:67:5e:27:17:35:04:81:60: 7a:c9:a1:b7:f9:9a:da:5c:a8:5a:bf:f6:f9:60:0b: 57:95:ad:1d:aa:3c:08:41:4e:5d:d4:75:5e:07:3d: 30:9a:01:42:ac:5a:17:d9:9b:d3:5e:99:8c:57:04: 70:13:cd:ed:21:bc:95:dd:5d:98:b1:48:98:20:fd: e5:eb:38:61:aa:e7:df:0e:0d:4d:a5:34:d2:cf:e5: b4:dc:2b:34:b8:4b:fe:1c:2a:1d:fb:a4:9a:13:0c: d3:01:a5:71:c2:3e:35:da:16:ee:35:b1:0f:1c:cf: 0f:df:d7:9c:0f:78:71:54:50:b8:5e:31:c4:6b:ab: 54:b4:96:a8:82:8b:13:ef:fa:f1:92:05:29:4a:bc: 95:ab:43:83:ad:24:a6:4d:46:db:b2:48:bf:81:6a: 71:30:c1:95:57:23:5b:f1:bf:3b:31:c9:ee:a7:a0: 77:19:b0:bb:98:0b:81:db:b5:86:04:49:fd:45:74: 2f:dc:60:02:8d:a3:1a:56:4f:ba:6e:b9:56:40:57: 50:ad:1c:d5:7e:f0:98:f8:ec:a0:c3:2b:ab:72:6b: 56:26:2a:b7:0b:90:b8:39:21:7e:dc:01:de:b1:b4: 55:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:E4:D4:A6:31:CE:71:59:CF:5D:69:4C:88:A7:54:52:7C:F1:9D:E9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c800::/40 Signature Algorithm: sha256WithRSAEncryption 1a:fc:c3:38:31:2a:6e:ed:56:24:a1:f4:31:08:5f:cd:b4:fa: 5c:66:b6:e6:09:f7:b8:65:7c:03:1f:dd:80:5f:ad:d3:86:c1: 48:70:e9:91:7f:f7:3f:36:a0:4f:50:4c:62:21:d9:ba:dd:07: 0a:6b:e9:09:2b:6c:40:39:9a:2c:26:09:e5:f6:da:dc:1a:2d: e6:f5:8e:12:71:8a:2a:3e:31:1b:79:bd:47:89:b8:a1:35:e2: b6:7e:ff:58:11:cb:99:84:e3:d4:1e:72:ac:c7:44:a3:34:31: 1b:86:5d:b2:93:5b:68:76:81:83:d8:7d:84:35:e2:76:25:12: 88:99:10:43:cf:a3:57:1f:f0:04:04:77:20:ab:87:12:f6:60: ba:0f:98:68:a0:b3:7f:0d:36:c0:87:b3:83:af:34:34:cf:a0: 17:fd:6a:9b:fb:54:0a:f9:16:2b:88:7f:bc:fb:51:17:b2:98: f5:48:dd:e2:a1:1f:53:48:af:38:0c:78:53:17:6b:44:61:8d: bc:7a:91:33:12:47:0e:65:a1:d4:d1:2d:6b:6d:0a:80:93:59: ba:95:93:c1:fe:72:49:e2:37:fc:9a:77:c5:8b:d1:0f:d7:d8: 8d:ce:de:6c:35:4e:0e:00:4d:71:5b:ee:83:7b:33:9b:76:a3: d8:16:41:16 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIZKD/RzSTkkLGTF5HBmRNRxs4mkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAOTE3MmUxY2VkMjQwOTU1NGZiNWNj MTk0NWI5NTk0NmUzNzM1NDc3MjRhOWQ5ZWI0NTgxMWEyMTcyZmEzMzUxYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rRonO4AaqfhHzVfxfgq2eFGOiDC Z14nFzUEgWB6yaG3+ZraXKhav/b5YAtXla0dqjwIQU5d1HVeBz0wmgFCrFoX2ZvT XpmMVwRwE83tIbyV3V2YsUiYIP3l6zhhquffDg1NpTTSz+W03Cs0uEv+HCod+6Sa EwzTAaVxwj412hbuNbEPHM8P39ecD3hxVFC4XjHEa6tUtJaogosT7/rxkgUpSryV q0ODrSSmTUbbski/gWpxMMGVVyNb8b87Mcnup6B3GbC7mAuB27WGBEn9RXQv3GAC jaMaVk+6brlWQFdQrRzVfvCY+OygwyurcmtWJiq3C5C4OSF+3AHesbRVFwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHzk1KYxznFZz11pTIinVFJ88Z3pMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdhZjZkNWI2LWZhNmYtNGFiNy04MzE2LWM3M2FiYWMxOTM4OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOMgwDQYJKoZIhvcNAQELBQADggEBABr8wzgxKm7tViSh9DEI X820+lxmtuYJ97hlfAMf3YBfrdOGwUhw6ZF/9z82oE9QTGIh2brdBwpr6QkrbEA5 miwmCeX22twaLeb1jhJxiio+MRt5vUeJuKE14rZ+/1gRy5mE49QecqzHRKM0MRuG XbKTW2h2gYPYfYQ14nYlEoiZEEPPo1cf8AQEdyCrhxL2YLoPmGigs38NNsCHs4Ov NDTPoBf9apv7VAr5FiuIf7z7UReymPVI3eKhH1NIrzgMeFMXa0Rhjbx6kTMSRw5l odTRLWttCoCTWbqVk8H+ckniN/yad8WL0Q/X2I3O3mw1Tg4ATXFb7oN7M5t2o9gW QRY= -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:15 2024 by rpki-client on console-fra.rpki-client.org