$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a43b74f5-9892-450a-af1e-3dfde7877fa2.roa File: a43b74f5-9892-450a-af1e-3dfde7877fa2.roa (raw, json) Hash identifier: U0IV3D6lihUZ3NI/Z30ZKsrVouvz38yBcKN5rSDJ2aU= Subject key identifier: E8:2D:F0:5A:39:FB:92:5D:46:89:6C:7F:8D:61:70:AE:6C:0A:04:99 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0F0A568E3E6192B433CCA505D2F3DD570FE817 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a43b74f5-9892-450a-af1e-3dfde7877fa2.roa Signing time: Mon 11 Nov 2024 00:00:00 +0000 ROA not before: Mon 11 Nov 2024 00:00:00 +0000 ROA not after: Mon 16 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:0a:56:8e:3e:61:92:b4:33:cc:a5:05:d2:f3:dd:57:0f:e8:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 11 00:00:00 2024 GMT Not After : Dec 16 23:59:59 2024 GMT Subject: serialNumber=1b58f86804b1c95cb2ed0d7583a66c2b9f6e4c7186c8db37530e8293835bcc41, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:94:50:e9:57:61:4f:df:cf:a1:76:80:86:b6: 83:32:36:ae:5c:bb:ee:67:41:2c:d2:41:b2:c0:69: 23:47:48:c3:99:1d:eb:20:64:66:d8:65:b5:61:7d: a5:c5:bf:2c:e5:c7:e0:7b:c5:51:11:20:3c:92:99: 39:0a:db:97:cb:70:df:ff:de:f7:12:2e:89:0c:d3: e0:38:dd:33:68:95:a0:46:9d:57:28:96:88:67:95: 26:15:fb:70:fc:a9:63:1b:4a:f1:7b:90:48:92:7c: 17:8d:a5:6d:33:5d:04:d6:b1:1f:3e:9f:ae:fb:5e: 47:a8:1b:8f:74:82:1e:50:10:47:a0:77:26:02:60: ca:02:67:0f:34:3c:49:30:c5:09:75:95:41:0a:98: b4:80:a8:23:c3:3a:53:f7:46:2d:7c:51:e1:33:5b: e6:3e:d4:2e:02:76:d5:6b:0d:a6:6c:5a:90:f7:0c: b5:e2:43:23:8b:fa:1b:92:03:23:1f:12:ed:17:09: af:7f:cd:e9:40:22:95:e4:84:10:07:36:64:a8:f3: 88:4a:11:86:05:7d:91:fb:25:e7:ff:e2:65:0e:19: b7:73:40:73:35:09:e1:8a:aa:90:d6:75:71:21:8c: ed:df:56:b9:1f:dd:8b:2d:b6:f3:46:1e:be:e9:3f: 53:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:2D:F0:5A:39:FB:92:5D:46:89:6C:7F:8D:61:70:AE:6C:0A:04:99 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a43b74f5-9892-450a-af1e-3dfde7877fa2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:c800::/40 Signature Algorithm: sha256WithRSAEncryption 3c:04:03:4e:8b:c1:be:ff:a3:0f:92:63:15:40:dc:12:42:6a: 0e:a4:aa:b6:c8:74:d2:0d:9d:37:4f:64:9d:bd:05:3f:97:a0: a0:ab:20:d0:5d:58:d6:ac:70:70:2b:4e:a3:32:03:7c:89:73: 8d:92:b4:96:37:f7:92:4d:53:5a:65:4a:8f:b4:50:60:cf:33: 83:56:e1:e4:56:64:3d:ce:9a:79:09:dd:bf:29:f9:05:ce:e5: c2:7e:6c:d5:44:a4:5f:74:ae:bb:ee:f3:5f:4f:36:15:ad:c7: dc:19:b1:08:91:3b:de:62:c8:ef:ed:cb:0a:2b:87:c0:b2:b5: 77:51:42:72:fa:04:05:ed:89:3d:51:da:0c:80:c0:22:3a:ba: ad:be:1f:f8:0a:3c:49:12:e5:23:15:bd:ff:92:6e:8f:0e:06: e4:d5:4b:38:e1:ee:61:ca:94:6c:5c:26:b0:22:4d:e4:fc:02: 80:71:87:37:78:46:bd:de:1b:1b:62:58:ab:9e:ec:bf:b2:26: 13:a5:2b:f9:65:07:dd:7c:80:d4:a5:f0:e9:f3:fc:a3:a7:bf: 9d:f9:05:f1:06:a1:db:c2:04:50:e6:d8:1a:9b:55:a3:9d:e3: 34:c6:0a:3b:6d:bc:40:5f:8a:5b:dc:60:3c:cc:3a:69:ca:f3: 7f:f5:17:a0 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITDwpWjj5hkrQzzKUF0vPdVw/oFzANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjQxMTExMDAwMDAwWhcN MjQxMjE2MjM1OTU5WjB6MUkwRwYDVQQFE0AxYjU4Zjg2ODA0YjFjOTVjYjJlZDBk NzU4M2E2NmMyYjlmNmU0YzcxODZjOGRiMzc1MzBlODI5MzgzNWJjYzQxMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBlFDpV2FP38+hdoCGtoMyNq5cu+5n QSzSQbLAaSNHSMOZHesgZGbYZbVhfaXFvyzlx+B7xVERIDySmTkK25fLcN//3vcS LokM0+A43TNolaBGnVcolohnlSYV+3D8qWMbSvF7kEiSfBeNpW0zXQTWsR8+n677 XkeoG490gh5QEEegdyYCYMoCZw80PEkwxQl1lUEKmLSAqCPDOlP3Ri18UeEzW+Y+ 1C4CdtVrDaZsWpD3DLXiQyOL+huSAyMfEu0XCa9/zelAIpXkhBAHNmSo84hKEYYF fZH7Jef/4mUOGbdzQHM1CeGKqpDWdXEhjO3fVrkf3YsttvNGHr7pP1MhAgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQU6C3wWjn7kl1GiWx/jWFwrmwKBJkwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv YTQzYjc0ZjUtOTg5Mi00NTBhLWFmMWUtM2RmZGU3ODc3ZmEyLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAkBtppyDANBgkqhkiG9w0BAQsFAAOCAQEAPAQDTovBvv+jD5JjFUDc EkJqDqSqtsh00g2dN09knb0FP5egoKsg0F1Y1qxwcCtOozIDfIlzjZK0ljf3kk1T WmVKj7RQYM8zg1bh5FZkPc6aeQndvyn5Bc7lwn5s1USkX3Suu+7zX082Fa3H3Bmx CJE73mLI7+3LCiuHwLK1d1FCcvoEBe2JPVHaDIDAIjq6rb4f+Ao8SRLlIxW9/5Ju jw4G5NVLOOHuYcqUbFwmsCJN5PwCgHGHN3hGvd4bG2JYq57sv7ImE6Ur+WUH3XyA 1KXw6fP8o6e/nfkF8Qah28IEUObYGptVo53jNMYKO228QF+KW9xgPMw6acrzf/UX oA== -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:39 2024 by rpki-client on console-ams.rpki-client.org