$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa File: a5e20664-bb4b-418f-9be3-4d905265deec.roa (raw, json) Hash identifier: U0mJM/Sw1iaAKAqD8SzItoG6paAnG1/y4gd8C8uPDcM= Subject key identifier: 59:04:56:11:EF:DF:35:7D:04:39:BA:7F:32:86:95:BC:10:AB:99:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5E7433A739C938A0FD7CD66BE0B61FD69894A72B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:74:33:a7:39:c9:38:a0:fd:7c:d6:6b:e0:b6:1f:d6:98:94:a7:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=e519ac2e6920aa22a63d48d98ec50eabfff8e9a122aaf188b43e9b56fd7eaba6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:0b:ab:96:93:25:54:b1:c9:d4:d7:09:2f:57: fc:c3:6a:9b:dc:58:55:a5:80:13:78:ee:d1:fe:57: e4:d4:00:b9:c8:86:a6:b0:46:7b:b0:76:0a:45:23: 6c:ce:ec:6b:db:fb:e6:33:95:32:18:6a:9b:b8:78: 98:6d:f8:9d:34:1a:74:9e:0b:3c:cd:45:5b:00:d1: 5e:e9:32:3b:50:16:18:f4:ea:42:4c:82:49:05:83: c5:a3:81:ce:2e:76:f4:73:7a:fc:6e:ab:62:1c:38: d1:c5:97:9e:4e:e5:d6:a3:f6:2c:f8:2a:06:0b:49: c0:0a:91:67:df:f3:7b:e6:99:a6:ff:9f:2c:e3:25: b8:54:26:cb:99:48:7a:6b:3a:89:0a:9c:38:87:a5: ce:44:fc:f5:ba:62:e3:28:63:34:cc:c6:98:fa:30: 17:7b:22:87:5b:e1:b8:3a:c7:49:c3:e5:37:54:8a: 7a:a1:d2:54:ce:9a:72:67:ac:57:09:d0:44:64:de: 45:c1:8a:cc:9e:d1:cc:2d:79:5f:f7:0d:64:f1:fe: 7a:25:7f:f5:a1:0d:ce:c5:25:37:d1:3b:42:03:64: 40:06:7c:e2:c7:ba:58:be:5b:e3:35:52:b0:1c:88: a2:42:d5:0a:45:94:04:1d:81:a1:c7:6e:c6:0a:73: ba:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:04:56:11:EF:DF:35:7D:04:39:BA:7F:32:86:95:BC:10:AB:99:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:8000::/40 Signature Algorithm: sha256WithRSAEncryption 6b:e4:da:a0:10:81:4c:af:d7:65:ae:a2:ba:78:6e:58:0e:60: 42:c8:88:2e:6a:5a:b9:9d:73:d2:aa:de:04:b8:51:81:bd:24: 47:29:c8:b4:69:2f:04:2b:28:34:66:c4:23:23:fd:82:84:73: 88:bf:1c:43:80:49:05:56:de:87:2e:84:26:a3:c4:9b:17:2a: ef:7d:9f:d4:b5:4d:ae:7d:61:67:4d:55:2c:2d:98:03:a8:e3: 83:b2:c5:10:41:b5:f2:7f:57:e9:b8:28:b3:c1:05:e9:8b:9b: cb:05:bc:e2:bb:b5:1e:19:69:b3:20:66:3b:89:d8:7d:d6:37: ac:77:5a:6a:c3:a1:76:94:0f:65:24:49:b3:41:3f:f2:af:7a: d9:28:29:c2:34:67:24:1b:52:12:bb:21:fd:fa:08:5c:b2:c2: 29:13:38:10:f9:e6:3a:44:36:3e:e3:5a:72:80:23:ab:b0:07: 2d:6e:fc:ee:7d:22:78:78:7d:3f:9a:7d:1b:db:28:c8:9f:76: b1:59:9f:d6:1d:89:26:76:31:ca:9e:e2:e8:b9:d6:57:28:03: f3:12:6e:7b:06:11:2e:dd:88:49:63:79:c5:e0:f9:b0:53:98: 3d:db:84:cd:24:9c:28:87:ea:f8:35:f5:e6:b1:74:39:34:cc: 79:b0:3b:c8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXnQzpznJOKD9fNZr4LYf1piUpyswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAZTUxOWFjMmU2OTIwYWEyMmE2M2Q0 OGQ5OGVjNTBlYWJmZmY4ZTlhMTIyYWFmMTg4YjQzZTliNTZmZDdlYWJhNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQurlpMlVLHJ1NcJL1f8w2qb3FhV pYATeO7R/lfk1AC5yIamsEZ7sHYKRSNszuxr2/vmM5UyGGqbuHiYbfidNBp0ngs8 zUVbANFe6TI7UBYY9OpCTIJJBYPFo4HOLnb0c3r8bqtiHDjRxZeeTuXWo/Ys+CoG C0nACpFn3/N75pmm/58s4yW4VCbLmUh6azqJCpw4h6XORPz1umLjKGM0zMaY+jAX eyKHW+G4OsdJw+U3VIp6odJUzppyZ6xXCdBEZN5FwYrMntHMLXlf9w1k8f56JX/1 oQ3OxSU30TtCA2RABnzix7pYvlvjNVKwHIiiQtUKRZQEHYGhx27GCnO6LwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFkEVhHv3zV9BDm6fzKGlbwQq5k5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E1ZTIwNjY0LWJiNGItNDE4Zi05YmUzLTRkOTA1MjY1ZGVlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaIAwDQYJKoZIhvcNAQELBQADggEBAGvk2qAQgUyv12Wuorp4 blgOYELIiC5qWrmdc9Kq3gS4UYG9JEcpyLRpLwQrKDRmxCMj/YKEc4i/HEOASQVW 3ocuhCajxJsXKu99n9S1Ta59YWdNVSwtmAOo44OyxRBBtfJ/V+m4KLPBBemLm8sF vOK7tR4ZabMgZjuJ2H3WN6x3WmrDoXaUD2UkSbNBP/KvetkoKcI0ZyQbUhK7If36 CFyywikTOBD55jpENj7jWnKAI6uwBy1u/O59Inh4fT+afRvbKMifdrFZn9YdiSZ2 Mcqe4ui51lcoA/MSbnsGES7diEljecXg+bBTmD3bhM0knCiH6vg19eaxdDk0zHmw O8g= -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:39 2024 by rpki-client on console-ams.rpki-client.org