$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/990a64b7-6f49-49b1-b261-f42f671355cf.roa File: 990a64b7-6f49-49b1-b261-f42f671355cf.roa (raw, json) Hash identifier: aiDErcbczFl/APb8dlSvUvyW+DrOmgZ/w5uH2vkkSqs= Subject key identifier: 48:E8:85:B6:F8:C2:84:E0:99:FF:2E:5C:2F:CF:E8:71:D2:BA:45:C7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27D8C8C73D7D00A2DD86B1C50090814CE6BED335 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/990a64b7-6f49-49b1-b261-f42f671355cf.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:d8:c8:c7:3d:7d:00:a2:dd:86:b1:c5:00:90:81:4c:e6:be:d3:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=c96c009d0bb11cdf30e4d697c8ec88c09527c611ea7fa0f5ecac74ec528dde73, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a1:de:85:35:42:0f:19:f7:a4:5b:47:56:27: 49:6d:db:6f:9e:38:10:bf:14:5b:8c:d5:05:d4:0d: 65:41:8f:35:87:b2:6e:21:7f:0a:68:77:bc:7f:a6: db:d4:78:50:e8:1a:d2:92:41:7e:33:e3:ef:8f:eb: b0:dd:e3:20:00:62:5c:e9:25:a1:4f:68:fc:55:84: 38:38:3f:07:e8:ec:45:8a:27:af:52:13:d9:d3:01: 3b:c0:0d:c1:0d:8c:f6:52:9a:55:c7:0b:d2:ea:b7: 27:a0:5d:ce:c3:65:86:0c:69:65:98:9e:13:3c:db: 2d:5c:82:00:9d:6b:4b:a2:59:2a:45:30:32:74:a2: f7:8e:e8:df:8a:77:f3:d9:0f:2d:43:6c:18:6b:54: 4b:91:eb:26:99:d9:94:ad:4f:2c:21:98:0f:31:93: 93:18:25:a0:c8:35:46:96:5e:06:e2:23:fc:1e:3e: 9f:75:b0:9c:13:20:2c:bf:43:43:b3:fe:49:2b:0d: f5:2e:b7:52:fa:5d:05:e1:b9:c0:a7:b3:5e:86:28: 99:6f:8c:91:fc:0b:ef:10:82:37:20:14:54:a6:22: be:ba:97:45:e8:86:a0:33:04:db:77:01:5b:e0:c1: 2f:bf:17:d5:e4:ba:fc:9a:d4:74:dc:f4:6f:bd:02: dd:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:E8:85:B6:F8:C2:84:E0:99:FF:2E:5C:2F:CF:E8:71:D2:BA:45:C7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/990a64b7-6f49-49b1-b261-f42f671355cf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:b000::/40 Signature Algorithm: sha256WithRSAEncryption a2:79:c6:f3:03:8f:19:f9:01:77:31:82:d4:d2:fb:ec:f4:f2: 55:e0:41:08:72:b1:41:4d:52:44:56:c2:c1:51:88:b4:ba:96: b8:76:ca:fb:40:f1:84:de:fc:3b:3a:b2:f7:f1:06:d1:31:9e: 28:01:92:04:fc:0f:a8:cc:bd:a2:dc:55:8c:1e:e6:09:07:9d: a1:46:04:82:0c:ba:78:2c:48:20:ed:04:9d:4f:2a:6d:9d:64: 27:79:2c:97:9e:0c:80:df:ce:db:87:cd:c9:e9:2c:0b:26:45: 49:03:1b:f6:5d:df:52:93:1a:72:46:76:67:cd:c1:f4:f7:bb: cb:3a:ee:41:6b:0e:bb:b0:20:9b:cf:61:8c:8a:4b:fd:78:68: 99:0f:07:11:e1:72:af:d6:9a:b3:1d:45:02:ac:a0:5b:e8:31: ba:7b:0e:d4:3d:10:51:15:0a:13:f8:71:de:46:44:b9:7b:7b: b1:01:a4:be:39:65:ad:6d:90:2d:a5:7a:05:86:14:24:70:85: 15:e1:93:6c:3d:2d:7e:8f:ed:82:e7:bf:cf:ca:e7:ca:6c:5e: 9e:e8:eb:4e:1f:37:66:14:a9:ed:f4:a1:8a:e5:50:9b:9c:11: 97:85:bc:c8:28:11:2b:4c:9d:c2:62:69:44:26:93:2c:6f:87: b5:dd:32:65 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ9jIxz19AKLdhrHFAJCBTOa+0zUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNAYzk2YzAwOWQwYmIxMWNkZjMwZTRk Njk3YzhlYzg4YzA5NTI3YzYxMWVhN2ZhMGY1ZWNhYzc0ZWM1MjhkZGU3MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqHehTVCDxn3pFtHVidJbdtvnjgQ vxRbjNUF1A1lQY81h7JuIX8KaHe8f6bb1HhQ6BrSkkF+M+Pvj+uw3eMgAGJc6SWh T2j8VYQ4OD8H6OxFiievUhPZ0wE7wA3BDYz2UppVxwvS6rcnoF3Ow2WGDGllmJ4T PNstXIIAnWtLolkqRTAydKL3jujfinfz2Q8tQ2wYa1RLkesmmdmUrU8sIZgPMZOT GCWgyDVGll4G4iP8Hj6fdbCcEyAsv0NDs/5JKw31LrdS+l0F4bnAp7NehiiZb4yR /AvvEII3IBRUpiK+updF6IagMwTbdwFb4MEvvxfV5Lr8mtR03PRvvQLdawIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEjohbb4woTgmf8uXC/P6HHSukXHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5MGE2NGI3LTZmNDktNDliMS1iMjYxLWY0MmY2NzEzNTVjZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/7AwDQYJKoZIhvcNAQELBQADggEBAKJ5xvMDjxn5AXcxgtTS ++z08lXgQQhysUFNUkRWwsFRiLS6lrh2yvtA8YTe/Ds6svfxBtExnigBkgT8D6jM vaLcVYwe5gkHnaFGBIIMungsSCDtBJ1PKm2dZCd5LJeeDIDfztuHzcnpLAsmRUkD G/Zd31KTGnJGdmfNwfT3u8s67kFrDruwIJvPYYyKS/14aJkPBxHhcq/WmrMdRQKs oFvoMbp7DtQ9EFEVChP4cd5GRLl7e7EBpL45Za1tkC2legWGFCRwhRXhk2w9LX6P 7YLnv8/K58psXp7o604fN2YUqe30oYrlUJucEZeFvMgoEStMncJiaUQmkyxvh7Xd MmU= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:26 2024 by rpki-client on console-ams.rpki-client.org