$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a9d41bd-0bed-4bc0-8365-34453f074020.roa File: 9a9d41bd-0bed-4bc0-8365-34453f074020.roa (raw, json) Hash identifier: e0NT72aA1J1G2Lo07t4JOTJ/oT0Lv9pL/vZNhaE69kM= Subject key identifier: 44:F1:B7:35:58:0A:E3:04:17:83:BF:92:10:7F:7C:0B:79:55:F4:26 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7117BADF4CB41B0E875CECDC4C2EC2A3E6EBB099 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a9d41bd-0bed-4bc0-8365-34453f074020.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:17:ba:df:4c:b4:1b:0e:87:5c:ec:dc:4c:2e:c2:a3:e6:eb:b0:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=53b6c39f82e881af2429ba0a1407a874aac99aadcd203f0cb7daa32adc3fa600, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a2:f4:cf:98:08:61:f8:06:29:52:76:01:c7: f2:d6:41:db:c6:dd:8a:d7:5a:9a:83:96:f8:76:98: 69:f5:1b:27:99:4f:4f:18:41:63:42:3b:6c:91:ac: b5:05:75:3b:f1:74:90:1e:2c:f4:81:7e:35:bb:b8: e7:8f:f6:b8:ca:4a:fe:13:03:41:91:a9:6a:d0:0a: 73:a2:cf:30:7f:78:13:7d:e9:95:89:f6:10:81:07: fe:65:fe:3d:d9:01:d8:62:54:63:5a:28:b0:d5:98: 97:00:b3:dd:c5:b2:78:b7:ec:ca:70:b7:fc:8b:4a: 75:96:6a:21:58:b8:66:a4:3e:ba:0d:7f:eb:06:d3: 67:fd:04:3c:86:63:e0:0b:7c:30:99:b6:dd:12:17: 79:80:f3:30:c8:cf:db:2c:f1:f1:87:65:9d:9f:f9: ea:06:92:5a:6d:e4:d6:ff:a2:f3:e7:88:df:d5:46: 30:34:3d:1d:fe:f8:54:42:4d:80:03:32:a7:20:1a: 9d:9d:67:d8:97:2c:49:e8:7e:c4:bf:63:2b:53:49: 05:c5:bb:00:fe:e4:bd:53:ad:dc:70:77:b3:d6:0c: b0:26:f7:f8:46:88:a2:d4:94:81:19:bd:49:3d:1c: d1:20:b0:04:45:b3:f6:bf:3d:df:47:94:31:5c:e6: 69:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:F1:B7:35:58:0A:E3:04:17:83:BF:92:10:7F:7C:0B:79:55:F4:26 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a9d41bd-0bed-4bc0-8365-34453f074020.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:e000::/40 Signature Algorithm: sha256WithRSAEncryption ab:46:49:c3:50:39:63:cc:88:98:24:45:5c:fe:b2:c4:b4:bc: 6a:f1:d0:29:ce:56:c8:c1:ea:e8:44:e3:8b:06:fe:4f:91:bb: 1f:cb:87:aa:38:cc:3f:89:5a:66:04:1e:a3:b6:3f:7a:a7:b9: fd:01:8d:1f:99:4d:d7:e8:64:aa:8b:bb:5b:f0:fc:0f:5d:00: 45:a7:e9:d2:41:3d:aa:6c:0e:a4:3c:22:1f:31:75:35:b5:77: 65:88:0f:e1:53:9f:ba:07:0a:9d:a3:b8:a8:16:78:4d:2d:2e: 95:30:10:8d:cc:61:1c:fa:bf:08:cc:bd:f6:87:25:87:74:c6: 76:2e:35:c5:fc:c1:a9:fb:64:17:58:2f:bb:c9:bf:6f:6a:56: 9b:c5:a0:84:7b:a0:8d:1e:b5:d2:5f:a4:a9:85:26:9c:13:68: 2f:2b:dd:16:c2:35:2a:18:a9:ef:fa:ab:3f:1c:06:64:d9:41: 10:37:d1:6e:37:0b:6e:f8:38:fb:2d:bc:de:82:4b:48:13:0f: 2c:64:58:54:5e:dd:53:d9:b2:6b:cf:ab:68:aa:2b:fb:6d:a8: 3e:75:25:10:0a:8a:20:15:46:7f:bb:0e:e8:ae:9f:91:99:87: a0:15:c9:ea:77:ce:4c:6e:3d:54:88:a4:fa:f7:d2:31:ba:c4: c4:db:0a:46 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcRe630y0Gw6HXOzcTC7Co+brsJkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNANTNiNmMzOWY4MmU4ODFhZjI0Mjli YTBhMTQwN2E4NzRhYWM5OWFhZGNkMjAzZjBjYjdkYWEzMmFkYzNmYTYwMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6L0z5gIYfgGKVJ2Acfy1kHbxt2K 11qag5b4dphp9RsnmU9PGEFjQjtskay1BXU78XSQHiz0gX41u7jnj/a4ykr+EwNB kalq0Apzos8wf3gTfemVifYQgQf+Zf492QHYYlRjWiiw1ZiXALPdxbJ4t+zKcLf8 i0p1lmohWLhmpD66DX/rBtNn/QQ8hmPgC3wwmbbdEhd5gPMwyM/bLPHxh2Wdn/nq BpJabeTW/6Lz54jf1UYwND0d/vhUQk2AAzKnIBqdnWfYlyxJ6H7Ev2MrU0kFxbsA /uS9U63ccHez1gywJvf4Roii1JSBGb1JPRzRILAERbP2vz3fR5QxXOZp2QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFETxtzVYCuMEF4O/khB/fAt5VfQmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhOWQ0MWJkLTBiZWQtNGJjMC04MzY1LTM0NDUzZjA3NDAyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/uAwDQYJKoZIhvcNAQELBQADggEBAKtGScNQOWPMiJgkRVz+ ssS0vGrx0CnOVsjB6uhE44sG/k+Rux/Lh6o4zD+JWmYEHqO2P3qnuf0BjR+ZTdfo ZKqLu1vw/A9dAEWn6dJBPapsDqQ8Ih8xdTW1d2WID+FTn7oHCp2juKgWeE0tLpUw EI3MYRz6vwjMvfaHJYd0xnYuNcX8wan7ZBdYL7vJv29qVpvFoIR7oI0etdJfpKmF JpwTaC8r3RbCNSoYqe/6qz8cBmTZQRA30W43C274OPstvN6CS0gTDyxkWFRe3VPZ smvPq2iqK/ttqD51JRAKiiAVRn+7Duiun5GZh6AVyep3zkxuPVSIpPr30jG6xMTb CkY= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:33 2024 by rpki-client on console-fra.rpki-client.org