$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa File: 813fd8db-c853-44b7-bd55-127e1e4f5d24.roa (raw, json) Hash identifier: Ed0lstU1VMMHPNnID57e0Z4OXJPg1d6qLNLVyeLYGd4= Subject key identifier: 6F:33:63:9D:21:01:E4:A6:C0:6E:9E:90:F1:9F:ED:1B:8D:55:DD:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1BCEAA38B35B97A34F0D94113F3B8D7C4502BE91 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf0:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:ce:aa:38:b3:5b:97:a3:4f:0d:94:11:3f:3b:8d:7c:45:02:be:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=e1ae83caac364ef3919d52fbc5535e4f0562eb1fbfa62b3fc669fbd6f3235722, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:cb:75:a2:ef:fc:2c:8d:d0:a8:a8:36:07:a6: 9e:be:f3:cf:3a:22:cb:d1:ec:b2:3f:a3:df:dd:be: 91:10:47:89:9e:bb:08:06:0c:b6:f3:bb:14:3b:9b: 26:de:3d:06:29:3f:2b:9d:e9:59:49:a0:d7:d5:c9: 7b:21:81:6b:47:35:d5:ae:2b:af:81:ab:1f:ae:68: e4:96:6c:78:60:f5:d8:f9:22:f5:90:7b:27:4a:44: ab:ea:79:e7:c2:27:e2:d4:83:8a:8f:cc:98:15:a6: 83:2e:bc:66:26:aa:0a:62:1a:1b:31:07:f1:f6:1d: b5:4c:a0:c6:76:5a:1c:e7:af:0c:36:50:e5:79:ce: e4:a9:53:4f:ce:f5:68:0f:68:1d:ce:3b:73:61:6d: cb:08:e7:48:e2:61:a3:fd:07:de:9c:15:34:ff:6d: 3b:b5:ef:bc:47:9c:e0:96:17:c1:00:60:73:af:ac: 27:14:67:4d:f1:98:f7:b1:77:cd:4e:b2:57:ef:d6: 0f:d8:8b:52:4e:95:70:7b:5e:45:70:53:2e:dc:a0: c9:90:99:c9:9f:61:e2:4c:a7:80:75:92:4d:9e:02: 6c:7e:be:2b:44:3f:ae:75:b5:19:2f:da:cd:aa:39: ac:e6:fa:92:22:f8:fe:1c:9d:9c:4c:24:1c:5e:48: d6:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:33:63:9D:21:01:E4:A6:C0:6E:9E:90:F1:9F:ED:1B:8D:55:DD:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf0:9000::/40 Signature Algorithm: sha256WithRSAEncryption 7e:5c:2e:9d:68:0c:d8:de:ef:a2:34:b8:a4:9f:22:3e:7f:48: 67:5d:14:c3:dc:9f:51:3d:51:7d:11:3f:32:c4:34:b5:49:c5: e4:88:b5:4e:9e:20:af:16:9f:4e:db:d7:20:97:94:f8:af:b5: f0:f7:63:a4:00:56:73:3d:6a:53:1c:6a:40:8e:97:8c:83:e4: 3d:a7:8e:ca:2b:ef:ba:c2:52:ce:b7:93:60:14:49:88:36:ac: c4:dd:ad:0d:2e:30:16:91:68:9e:39:65:24:be:b7:82:b6:06: 75:2b:d0:0a:78:75:70:59:a7:30:54:0f:3b:eb:24:be:e8:47: 8f:cd:c3:07:37:48:64:ef:69:39:e3:24:c7:d9:62:37:7e:4e: c7:a0:55:8f:51:29:d6:46:4f:02:66:2a:65:0a:86:65:31:19: 5e:74:12:fe:a5:38:7b:22:14:c1:c1:82:2f:13:4b:99:ce:dc: a6:fe:3e:e5:4b:62:a5:eb:93:5d:12:67:68:39:d2:3b:6f:bf: 1f:b5:69:bc:45:f1:62:21:d7:a7:4d:0b:27:ac:21:f1:f0:40: d5:a5:b1:9a:48:db:85:47:4c:25:9b:f7:f8:82:9c:d6:a3:98: 47:ab:ee:3c:3c:27:65:f9:48:51:d6:e2:ef:a9:86:01:f5:ea: 53:c7:f3:6e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG86qOLNbl6NPDZQRPzuNfEUCvpEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNAZTFhZTgzY2FhYzM2NGVmMzkxOWQ1 MmZiYzU1MzVlNGYwNTYyZWIxZmJmYTYyYjNmYzY2OWZiZDZmMzIzNTcyMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxct1ou/8LI3QqKg2B6aevvPPOiLL 0eyyP6Pf3b6REEeJnrsIBgy287sUO5sm3j0GKT8rnelZSaDX1cl7IYFrRzXVriuv gasfrmjklmx4YPXY+SL1kHsnSkSr6nnnwifi1IOKj8yYFaaDLrxmJqoKYhobMQfx 9h21TKDGdloc568MNlDlec7kqVNPzvVoD2gdzjtzYW3LCOdI4mGj/QfenBU0/207 te+8R5zglhfBAGBzr6wnFGdN8Zj3sXfNTrJX79YP2ItSTpVwe15FcFMu3KDJkJnJ n2HiTKeAdZJNngJsfr4rRD+udbUZL9rNqjms5vqSIvj+HJ2cTCQcXkjWvwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG8zY50hAeSmwG6ekPGf7RuNVd0aMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxM2ZkOGRiLWM4NTMtNDRiNy1iZDU1LTEyN2UxZTRmNWQyNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8JAwDQYJKoZIhvcNAQELBQADggEBAH5cLp1oDNje76I0uKSf Ij5/SGddFMPcn1E9UX0RPzLENLVJxeSItU6eIK8Wn07b1yCXlPivtfD3Y6QAVnM9 alMcakCOl4yD5D2njsor77rCUs63k2AUSYg2rMTdrQ0uMBaRaJ45ZSS+t4K2BnUr 0Ap4dXBZpzBUDzvrJL7oR4/Nwwc3SGTvaTnjJMfZYjd+TsegVY9RKdZGTwJmKmUK hmUxGV50Ev6lOHsiFMHBgi8TS5nO3Kb+PuVLYqXrk10SZ2g50jtvvx+1abxF8WIh 16dNCyesIfHwQNWlsZpI24VHTCWb9/iCnNajmEer7jw8J2X5SFHW4u+phgH16lPH 824= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:25 2024 by rpki-client on console-ams.rpki-client.org