$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa File: 86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa (raw, json) Hash identifier: tjCJ1J66VM9CNCHdX9i2AP7B4y2PXE3JfF7WX4LJ+QU= Subject key identifier: 58:A0:4D:13:32:D8:F0:C6:E8:E7:37:1E:1E:ED:3D:D5:8C:D6:42:8D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 62B300A4B6C87C07DC68DB9516F42D350D5A93A8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:b3:00:a4:b6:c8:7c:07:dc:68:db:95:16:f4:2d:35:0d:5a:93:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=8e49567fd967e261c8f8d4468848b4f341f741b094c487af084b29e45e4b21d7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:20:0e:da:46:e0:54:29:51:eb:8b:a4:77:87: de:b8:42:eb:52:8b:ed:44:55:ad:26:9f:1c:0d:a9: f2:2a:2d:7c:7f:46:ab:57:f1:38:19:35:bc:40:53: 63:e7:a7:e6:db:9a:5c:0c:b2:bf:21:d3:26:05:25: 1e:b9:7f:4b:f6:bb:17:e8:ed:72:7b:02:1f:c9:b6: c3:46:8a:de:15:cc:22:b8:d2:ae:63:5f:85:0b:53: 11:cb:81:37:56:cf:d9:ae:0f:ac:98:a1:77:47:48: 3c:58:33:71:e9:6c:a5:5d:7e:63:be:f9:f2:c8:07: 21:6c:0c:43:5a:9f:10:d7:1a:ea:b0:8a:b9:3f:af: 4f:ab:c3:b7:2a:15:a0:60:06:18:67:39:41:64:d4: b7:0b:1c:d1:ba:41:5b:64:9c:24:c2:12:6c:8b:a4: 70:69:ad:6d:33:1a:ea:59:11:11:7c:71:9a:88:23: 80:8a:57:66:d3:e4:da:85:c3:58:5a:b1:23:88:c0: 00:83:98:a1:ed:4f:81:e3:7e:a7:25:28:a3:ca:66: 1c:21:e9:92:f9:82:6a:ad:7f:52:c9:5b:e4:25:38: 67:82:66:d3:79:23:2c:e8:48:54:0d:e0:d8:36:b9: cf:7e:95:24:e5:7f:38:92:bb:f2:72:07:7a:15:a9: fc:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:A0:4D:13:32:D8:F0:C6:E8:E7:37:1E:1E:ED:3D:D5:8C:D6:42:8D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:f000::/40 Signature Algorithm: sha256WithRSAEncryption bb:64:0d:10:bf:aa:92:94:6f:2f:db:8f:34:81:b4:68:e6:7e: 82:31:57:bd:0e:8e:82:5f:f3:61:05:4d:d1:17:3a:59:d6:18: 93:45:b2:cd:b9:3f:f5:a4:05:00:50:6e:d5:1b:d3:b9:f0:9f: 95:01:5c:30:f8:a1:6b:9d:b8:dd:be:32:d9:f2:b6:3c:25:89: 96:dd:82:8a:d0:00:a3:02:00:64:90:29:f4:50:05:82:23:a7: b9:c1:f5:54:5c:41:62:2a:f9:f3:93:cd:f5:bb:e4:98:28:e8: be:9f:ca:2f:f9:33:68:36:12:21:1d:5e:ff:1c:5c:c1:65:de: 12:b1:38:27:d9:1a:66:fe:52:52:92:17:53:59:64:4d:2d:0e: 80:d6:12:4d:22:4e:c3:db:80:57:cd:06:95:f6:aa:34:66:10: 0d:34:8b:9e:38:6f:eb:65:d6:f1:39:55:ca:e0:b0:bf:11:2a: 65:74:26:53:2b:0d:dd:24:aa:74:22:19:99:e0:ae:a5:44:31: 8b:a5:42:1f:ba:6b:83:1e:89:68:1f:9a:09:7d:8f:65:1a:d3: 73:72:ab:f4:61:e0:f0:a2:00:14:91:87:f1:57:5c:1e:cc:fb: 8b:95:dc:8c:42:2b:f0:7c:2e:d8:65:db:31:ac:d8:56:30:ab: 07:ca:f1:2d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYrMApLbIfAfcaNuVFvQtNQ1ak6gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNAOGU0OTU2N2ZkOTY3ZTI2MWM4Zjhk NDQ2ODg0OGI0ZjM0MWY3NDFiMDk0YzQ4N2FmMDg0YjI5ZTQ1ZTRiMjFkNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiAO2kbgVClR64ukd4feuELrUovt RFWtJp8cDanyKi18f0arV/E4GTW8QFNj56fm25pcDLK/IdMmBSUeuX9L9rsX6O1y ewIfybbDRoreFcwiuNKuY1+FC1MRy4E3Vs/Zrg+smKF3R0g8WDNx6WylXX5jvvny yAchbAxDWp8Q1xrqsIq5P69Pq8O3KhWgYAYYZzlBZNS3CxzRukFbZJwkwhJsi6Rw aa1tMxrqWRERfHGaiCOAildm0+TahcNYWrEjiMAAg5ih7U+B436nJSijymYcIemS +YJqrX9SyVvkJThngmbTeSMs6EhUDeDYNrnPfpUk5X84krvycgd6Fan8MQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFigTRMy2PDG6Oc3Hh7tPdWM1kKNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg2YzA4YjM5LTVhNDktNGVlOS1iYWFkLWE5M2U4NmQ2MmIwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8fAwDQYJKoZIhvcNAQELBQADggEBALtkDRC/qpKUby/bjzSB tGjmfoIxV70OjoJf82EFTdEXOlnWGJNFss25P/WkBQBQbtUb07nwn5UBXDD4oWud uN2+MtnytjwliZbdgorQAKMCAGSQKfRQBYIjp7nB9VRcQWIq+fOTzfW75Jgo6L6f yi/5M2g2EiEdXv8cXMFl3hKxOCfZGmb+UlKSF1NZZE0tDoDWEk0iTsPbgFfNBpX2 qjRmEA00i544b+tl1vE5VcrgsL8RKmV0JlMrDd0kqnQiGZngrqVEMYulQh+6a4Me iWgfmgl9j2Ua03Nyq/Rh4PCiABSRh/FXXB7M+4uV3IxCK/B8Lthl2zGs2FYwqwfK 8S0= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:33 2024 by rpki-client on console-fra.rpki-client.org