$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/903c59bc-cabc-47eb-8860-bcf9a87d7a72.roa File: 903c59bc-cabc-47eb-8860-bcf9a87d7a72.roa (raw, json) Hash identifier: /ZMkYjOkEvLnCCt3+JTgXx51yFDT6RCQW/e3WrbNzVY= Subject key identifier: 8A:F5:00:D1:47:4A:69:44:99:F5:BC:22:5E:50:05:3A:6A:2A:71:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68CEED981AB39DC0B15CBFD5B9A900F92F0C5FD7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/903c59bc-cabc-47eb-8860-bcf9a87d7a72.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:ffa0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:ce:ed:98:1a:b3:9d:c0:b1:5c:bf:d5:b9:a9:00:f9:2f:0c:5f:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=9d78320d1c0f0740abe1ab73b01fa759238aebeb4af82e6bcc741748ccb395f0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:aa:37:a7:3e:24:54:04:e0:27:fe:a7:17:32: be:37:27:bc:f8:b6:fb:92:ec:29:b0:eb:87:cf:d3: f0:a3:5d:29:17:fa:f8:04:99:ac:9f:56:19:3a:dc: 8f:cb:a2:c5:23:dc:c9:90:a7:6e:bc:bc:ef:e0:39: d2:0c:12:e7:b2:a4:ca:56:1c:1c:fe:f1:ec:c8:63: 4e:b0:ea:f4:dd:87:db:3f:4f:14:7c:1a:66:3d:66: 34:8f:df:25:a5:de:e8:6a:72:0d:bc:da:f2:ec:2c: 6c:3c:5b:a7:03:53:da:bd:3d:9f:4c:c4:31:b3:23: 8c:07:df:0e:6a:26:17:a9:5e:00:73:de:ce:53:b5: 67:e4:aa:48:28:5f:b8:3c:16:c0:91:1f:c7:9a:42: 8d:31:6d:d6:2a:aa:70:fc:02:6f:fa:dd:58:ed:3a: 58:46:2a:e5:e2:24:1c:f0:1e:7a:b3:eb:6c:da:85: 09:7b:71:5c:74:d2:fc:d6:80:ef:23:26:a0:a8:9e: 42:ca:c4:7b:a1:82:4e:d2:b2:28:20:d1:fb:57:d9: 1e:9a:9d:a4:1e:a2:bf:5a:8f:a1:be:07:39:91:6a: 53:47:33:f6:9d:e3:30:66:b6:16:b1:22:27:39:86: b4:61:13:4c:d7:52:aa:e6:75:b9:aa:aa:b5:50:54: eb:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:F5:00:D1:47:4A:69:44:99:F5:BC:22:5E:50:05:3A:6A:2A:71:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/903c59bc-cabc-47eb-8860-bcf9a87d7a72.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:ffa0::/46 Signature Algorithm: sha256WithRSAEncryption b7:bc:af:db:3c:14:8c:33:c5:99:c1:6e:6d:db:a0:fc:e8:52: 49:bc:11:6e:c1:67:47:51:1f:50:5a:5e:1d:ef:1f:65:d4:ac: 20:05:55:bb:96:23:2d:97:8c:fc:cd:c0:88:52:30:8f:20:de: 2b:0f:46:5d:6f:a2:8c:91:ed:79:83:c0:61:07:71:cc:44:8e: 16:44:97:91:9e:92:f0:e7:8f:c2:96:05:da:39:df:01:3e:75: 47:5c:36:87:3d:d8:f5:be:95:77:21:c4:0c:31:1a:79:e6:4b: 58:22:4e:9f:02:15:91:32:af:f4:fa:27:64:7f:06:86:77:f6: 0b:5f:4f:cb:37:f0:46:04:79:0d:54:b1:91:fe:b2:3b:86:d3: 00:61:9d:b0:bc:8a:d3:b7:ab:33:c7:c9:cd:45:d3:eb:33:33: 03:66:66:0c:93:9b:f7:f3:f4:c5:4c:e5:a0:36:21:1d:ea:4b: b3:0a:34:70:cc:f2:f1:12:67:69:1b:c5:f2:bb:8c:50:52:b0: 8d:5c:0b:42:ac:7b:51:40:e4:e6:17:1e:ff:0d:e6:78:d2:49: e2:fe:35:4f:07:cf:1f:dc:79:f6:ac:49:ae:5f:5a:4f:27:fc: 37:8a:d7:03:e6:55:ae:37:a9:66:53:be:49:2b:3c:67:73:c9: 36:a6:f2:79 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaM7tmBqzncCxXL/VuakA+S8MX9cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNAOWQ3ODMyMGQxYzBmMDc0MGFiZTFh YjczYjAxZmE3NTkyMzhhZWJlYjRhZjgyZTZiY2M3NDE3NDhjY2IzOTVmMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6o3pz4kVATgJ/6nFzK+Nye8+Lb7 kuwpsOuHz9Pwo10pF/r4BJmsn1YZOtyPy6LFI9zJkKduvLzv4DnSDBLnsqTKVhwc /vHsyGNOsOr03YfbP08UfBpmPWY0j98lpd7oanINvNry7CxsPFunA1PavT2fTMQx syOMB98OaiYXqV4Ac97OU7Vn5KpIKF+4PBbAkR/HmkKNMW3WKqpw/AJv+t1Y7TpY Rirl4iQc8B56s+ts2oUJe3FcdNL81oDvIyagqJ5CysR7oYJO0rIoINH7V9kemp2k HqK/Wo+hvgc5kWpTRzP2neMwZrYWsSInOYa0YRNM11Kq5nW5qqq1UFTrSwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIr1ANFHSmlEmfW8Il5QBTpqKnHVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwM2M1OWJjLWNhYmMtNDdlYi04ODYwLWJjZjlhODdkN2E3Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba/P+gMA0GCSqGSIb3DQEBCwUAA4IBAQC3vK/bPBSMM8WZwW5t 26D86FJJvBFuwWdHUR9QWl4d7x9l1KwgBVW7liMtl4z8zcCIUjCPIN4rD0Zdb6KM ke15g8BhB3HMRI4WRJeRnpLw54/ClgXaOd8BPnVHXDaHPdj1vpV3IcQMMRp55ktY Ik6fAhWRMq/0+idkfwaGd/YLX0/LN/BGBHkNVLGR/rI7htMAYZ2wvIrTt6szx8nN RdPrMzMDZmYMk5v38/TFTOWgNiEd6kuzCjRwzPLxEmdpG8Xyu4xQUrCNXAtCrHtR QOTmFx7/DeZ40kni/jVPB88f3Hn2rEmuX1pPJ/w3itcD5lWuN6lmU75JKzxnc8k2 pvJ5 -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:25 2024 by rpki-client on console-ams.rpki-client.org