$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7df6bca0-8cd5-4f91-9650-444a54f32a1e.roa File: 7df6bca0-8cd5-4f91-9650-444a54f32a1e.roa (raw, json) Hash identifier: FbxrGD+WWQTU0mNi7Qe3bJy4LKsvpdJqWw07awN4cd0= Subject key identifier: 26:0D:F0:B6:CB:A8:57:6A:FE:DA:69:6A:69:F1:EE:B2:05:AF:9A:2D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1FEE8FD6A4C4357AE3CCF79B4DD5A691CFE4D82B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7df6bca0-8cd5-4f91-9650-444a54f32a1e.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da30:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:ee:8f:d6:a4:c4:35:7a:e3:cc:f7:9b:4d:d5:a6:91:cf:e4:d8:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=101288f8bcab576e7b9de652421b91b3c9e42201a8713597bf788a0e5ac82ebd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:07:0e:a4:58:33:de:b2:98:95:f0:ae:9c:8c: 55:8b:01:c9:ad:de:f7:cf:c4:52:d0:b6:9d:39:0e: 82:cb:03:15:2d:8a:f5:1b:20:46:db:83:53:69:dd: 4a:c8:85:f0:9b:0f:20:90:79:ca:8d:5f:3f:d1:e0: d0:d8:16:94:96:a6:1d:72:41:38:39:b6:41:cc:26: 79:73:13:61:f8:0b:fb:a9:aa:2e:af:5b:81:cb:c9: e7:b8:22:cb:4d:16:3f:e9:1e:04:f3:ed:8f:90:2c: 3b:30:97:d1:c2:2e:ee:fa:ad:61:bc:c6:5b:6d:02: b2:34:4d:c1:3a:df:d9:56:f9:ef:42:23:16:b1:da: d1:49:d3:1f:0d:4f:4a:19:02:fd:e3:2a:c6:55:dc: a9:b0:45:5e:ae:e2:32:ff:03:79:fb:cb:7e:74:17: cc:0e:29:6c:a8:de:b3:a8:9b:f0:72:e4:35:1c:39: 11:42:9d:ea:8c:23:a8:e4:c7:8b:d0:6a:fd:1c:b1: 4b:1c:c8:40:c3:4a:c4:7d:30:bc:67:05:e3:c5:dd: 1e:77:0b:df:87:bb:48:a6:a2:84:05:02:94:c3:d5: e4:9e:c8:3f:28:bd:94:e4:04:85:d6:65:61:75:92: ba:bf:0c:2c:54:94:5a:e4:32:db:9f:8a:4d:43:05: 17:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:0D:F0:B6:CB:A8:57:6A:FE:DA:69:6A:69:F1:EE:B2:05:AF:9A:2D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7df6bca0-8cd5-4f91-9650-444a54f32a1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da30:6000::/40 Signature Algorithm: sha256WithRSAEncryption 61:c3:04:9c:4d:ca:06:cc:0a:1a:6c:a6:0a:41:db:7f:09:a6: 64:b0:dd:35:f5:c6:83:e2:2b:2e:84:aa:d4:26:40:e3:d9:7d: cd:13:ea:5c:8b:93:d6:23:d3:5a:cf:65:f3:b5:b9:e5:3c:61: a2:9f:c0:91:bc:03:d7:39:20:58:e0:cc:c6:be:89:d8:2b:cd: b4:97:48:07:e0:e2:7b:fe:a6:13:2b:cc:fa:1e:37:32:c3:b4: a6:b0:3e:b4:ac:8d:d1:75:02:df:97:a3:5a:bf:16:58:e6:7c: b6:15:44:c8:c0:d0:5d:fb:f4:55:5d:aa:60:8c:8f:4f:d0:f8: ad:3f:a5:72:20:df:f7:60:94:be:5a:60:e0:13:07:4b:27:4d: 84:bd:27:9f:40:87:ea:c4:0d:31:56:4b:1c:f1:03:28:3a:d8: 39:51:62:a2:c6:c5:e4:3f:20:85:9a:85:3d:a6:1e:36:31:ba: e1:e2:96:e2:a0:89:0a:88:70:04:e5:b4:a9:fc:2e:36:ac:7c: 3e:54:2f:93:21:bf:40:18:3d:2e:db:90:ed:38:a2:3e:4e:af: 88:34:89:be:e1:3d:c5:84:fd:3f:b7:46:86:40:88:5d:1c:9e: 7b:bf:56:ad:be:54:9e:c2:8d:82:71:f5:97:a6:34:5d:61:62: aa:99:6b:3b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUH+6P1qTENXrjzPebTdWmkc/k2CswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAMTAxMjg4ZjhiY2FiNTc2ZTdiOWRl NjUyNDIxYjkxYjNjOWU0MjIwMWE4NzEzNTk3YmY3ODhhMGU1YWM4MmViZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwcOpFgz3rKYlfCunIxViwHJrd73 z8RS0LadOQ6CywMVLYr1GyBG24NTad1KyIXwmw8gkHnKjV8/0eDQ2BaUlqYdckE4 ObZBzCZ5cxNh+Av7qaour1uBy8nnuCLLTRY/6R4E8+2PkCw7MJfRwi7u+q1hvMZb bQKyNE3BOt/ZVvnvQiMWsdrRSdMfDU9KGQL94yrGVdypsEVeruIy/wN5+8t+dBfM DilsqN6zqJvwcuQ1HDkRQp3qjCOo5MeL0Gr9HLFLHMhAw0rEfTC8ZwXjxd0edwvf h7tIpqKEBQKUw9Xknsg/KL2U5ASF1mVhdZK6vwwsVJRa5DLbn4pNQwUXhQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCYN8LbLqFdq/tppamnx7rIFr5otMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdkZjZiY2EwLThjZDUtNGY5MS05NjUwLTQ0NGE1NGYzMmExZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMGAwDQYJKoZIhvcNAQELBQADggEBAGHDBJxNygbMChpspgpB 238JpmSw3TX1xoPiKy6EqtQmQOPZfc0T6lyLk9Yj01rPZfO1ueU8YaKfwJG8A9c5 IFjgzMa+idgrzbSXSAfg4nv+phMrzPoeNzLDtKawPrSsjdF1At+Xo1q/FljmfLYV RMjA0F379FVdqmCMj0/Q+K0/pXIg3/dglL5aYOATB0snTYS9J59Ah+rEDTFWSxzx Ayg62DlRYqLGxeQ/IIWahT2mHjYxuuHiluKgiQqIcATltKn8LjasfD5UL5Mhv0AY PS7bkO04oj5Or4g0ib7hPcWE/T+3RoZAiF0cnnu/Vq2+VJ7CjYJx9ZemNF1hYqqZ azs= -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:15 2024 by rpki-client on console-fra.rpki-client.org