$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/863b1d35-6e44-49bf-821c-64a6e5812d58.roa File: 863b1d35-6e44-49bf-821c-64a6e5812d58.roa (raw, json) Hash identifier: q28TUboighAEt6ZeIQ9tkZh6jKXqeqEtViCgL9+tLfg= Subject key identifier: 01:FD:C1:BD:B0:C4:A2:A6:A1:16:39:D8:2C:42:07:4D:A6:AA:07:DF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 329A07ABAA5A219FFB07575AF19C1D5ADE4589DB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/863b1d35-6e44-49bf-821c-64a6e5812d58.roa Signing time: Mon 09 Sep 2024 00:00:00 +0000 ROA not before: Mon 09 Sep 2024 00:00:00 +0000 ROA not after: Mon 14 Oct 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Sep 2024 15:54:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:9a:07:ab:aa:5a:21:9f:fb:07:57:5a:f1:9c:1d:5a:de:45:89:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 9 00:00:00 2024 GMT Not After : Oct 14 23:59:59 2024 GMT Subject: serialNumber=0f3f518e7a73ea37791ee0a07432f2784026eafeef3c2510aa24098ea1422a6e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:3e:30:d8:c8:80:4c:97:96:d6:b7:b8:8b:f0: 1d:3b:19:92:98:3c:bc:7f:15:eb:15:3f:bb:ce:31: 78:20:7e:1b:b4:3e:97:99:21:c2:0f:c2:da:63:da: 7b:61:14:1f:53:17:05:9b:66:d7:a5:fa:ae:a5:1e: ba:cf:a2:89:3a:3e:dc:6a:c6:1c:de:e1:0e:cf:07: a8:54:95:8b:07:f9:d7:7b:63:69:ce:0a:9b:98:57: 53:4d:4d:11:4a:6c:5d:62:ba:43:4d:8a:47:03:59: 18:e8:03:66:d8:e3:6f:cb:58:8c:a7:a1:4c:2f:9b: 64:f4:1a:de:20:8a:e0:ca:1f:d1:71:e6:b9:5f:cf: c7:f9:8b:8d:1c:73:a3:74:f6:5f:c6:f9:51:a4:dc: 96:bc:62:61:07:74:77:6a:8a:f1:89:eb:31:05:48: b3:9d:41:cb:98:96:d6:b8:2e:3a:78:34:9e:04:c5: f9:ee:9f:83:5a:20:3c:d9:ff:26:f4:4d:d2:c5:db: 64:c8:a0:c5:9a:22:d7:e8:b2:95:a9:b7:b7:d8:5c: 15:8d:7a:b4:81:a6:11:26:a5:3a:0f:13:48:cf:9d: f8:b4:f5:12:4b:73:d2:82:fd:b1:43:f9:e3:0b:61: 12:75:5f:f6:73:96:b2:65:9b:c7:ea:4c:d4:89:4b: 2c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:FD:C1:BD:B0:C4:A2:A6:A1:16:39:D8:2C:42:07:4D:A6:AA:07:DF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/863b1d35-6e44-49bf-821c-64a6e5812d58.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:b000::/40 Signature Algorithm: sha256WithRSAEncryption 9d:d8:44:27:55:24:68:ac:2e:e1:9d:08:5d:5a:6a:d3:c8:76: 57:2a:0c:eb:63:43:dc:5b:c3:d0:30:d4:98:5f:4c:f6:d6:ee: 4b:bb:3f:51:ee:fc:47:52:b4:a0:59:cc:fe:cb:3e:dd:c0:ec: c4:4d:fe:d1:65:d8:8e:15:ce:f8:5a:ab:eb:54:eb:ea:ed:f0: b2:1f:34:11:b8:ff:39:3a:3a:3e:42:37:6e:cb:2c:67:8b:4c: 28:05:50:2d:dd:2f:70:7d:c7:06:24:70:41:dc:a0:98:b3:8f: 7e:dc:36:e3:fe:06:b1:7d:70:8b:e4:d0:a6:ce:10:88:a2:d9: 96:79:3e:ee:e3:0b:ac:1b:03:ff:fb:22:7b:87:6c:67:7d:47: eb:62:04:a8:41:e1:7c:c7:8d:02:1f:ba:ed:15:d2:2a:39:5a: 68:6e:e2:fd:a6:ed:0a:6e:75:62:c2:0e:d7:05:5b:3a:ba:93: 71:55:37:2b:a3:a3:e4:45:c9:53:4f:3d:06:d9:84:a0:9e:d7: b2:73:7b:33:a0:29:62:12:0f:64:b0:16:26:93:a4:dc:18:55: e8:df:c7:5e:37:1f:7a:5e:4b:95:12:23:61:83:4a:5f:a1:37: 2d:0d:5e:22:48:34:7e:8a:40:3a:8b:b1:c8:50:12:dd:42:68: 2d:24:ce:d3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMpoHq6paIZ/7B1da8ZwdWt5FidswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDkwOTAwMDAwMFoX DTI0MTAxNDIzNTk1OVowejFJMEcGA1UEBRNAMGYzZjUxOGU3YTczZWEzNzc5MWVl MGEwNzQzMmYyNzg0MDI2ZWFmZWVmM2MyNTEwYWEyNDA5OGVhMTQyMmE2ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz4w2MiATJeW1re4i/AdOxmSmDy8 fxXrFT+7zjF4IH4btD6XmSHCD8LaY9p7YRQfUxcFm2bXpfqupR66z6KJOj7casYc 3uEOzweoVJWLB/nXe2NpzgqbmFdTTU0RSmxdYrpDTYpHA1kY6ANm2ONvy1iMp6FM L5tk9BreIIrgyh/Rcea5X8/H+YuNHHOjdPZfxvlRpNyWvGJhB3R3aorxiesxBUiz nUHLmJbWuC46eDSeBMX57p+DWiA82f8m9E3SxdtkyKDFmiLX6LKVqbe32FwVjXq0 gaYRJqU6DxNIz534tPUSS3PSgv2xQ/njC2ESdV/2c5ayZZvH6kzUiUssQwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAH9wb2wxKKmoRY52CxCB02mqgffMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg2M2IxZDM1LTZlNDQtNDliZi04MjFjLTY0YTZlNTgxMmQ1OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+7AwDQYJKoZIhvcNAQELBQADggEBAJ3YRCdVJGisLuGdCF1a atPIdlcqDOtjQ9xbw9Aw1JhfTPbW7ku7P1Hu/EdStKBZzP7LPt3A7MRN/tFl2I4V zvhaq+tU6+rt8LIfNBG4/zk6Oj5CN27LLGeLTCgFUC3dL3B9xwYkcEHcoJizj37c NuP+BrF9cIvk0KbOEIii2ZZ5Pu7jC6wbA//7InuHbGd9R+tiBKhB4XzHjQIfuu0V 0io5Wmhu4v2m7QpudWLCDtcFWzq6k3FVNyujo+RFyVNPPQbZhKCe17JzezOgKWIS D2SwFiaTpNwYVejfx143H3peS5USI2GDSl+hNy0NXiJINH6KQDqLschQEt1CaC0k ztM= -----END CERTIFICATE-----Generated at Sat Sep 14 17:31:02 2024 by rpki-client on console-fra.rpki-client.org