$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa File: a8746c50-b2c6-438f-ad79-3b608da68b61.roa (raw, json) Hash identifier: 9gzB8aQn09ZHi1rJI7hCQtPFeEkZZMG1CBCFjidijxg= Subject key identifier: 40:35:E6:9B:79:CA:3F:0B:6C:38:74:34:60:7C:7D:DC:17:47:CE:0F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 677AFEFF2F83F186C1D026BAC030103B6440EB4D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:7a:fe:ff:2f:83:f1:86:c1:d0:26:ba:c0:30:10:3b:64:40:eb:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=13c0c0ac8369a44951b82532e96028470ab806398643f5762c645a410cdd0a2f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4f:29:be:31:18:17:7d:34:ef:f8:d4:3a:84: 69:e8:da:22:ef:d0:22:25:6b:73:10:fc:41:23:88: 6e:d9:a2:18:b0:47:74:ce:13:86:e0:97:ea:4f:88: 8a:0b:8c:38:3e:95:94:34:2c:c8:d3:6c:15:f5:cc: ae:c6:92:bf:05:d6:15:94:55:d7:6a:ac:5e:21:0a: 1b:30:0b:37:4b:81:d6:d7:94:15:61:8b:83:67:95: 47:4b:c9:da:a9:ed:39:f7:c7:f4:08:49:d3:36:5e: 90:19:51:d2:0d:e9:db:cc:e2:20:4c:6d:31:d6:f5: 2c:93:d7:d3:bc:8a:52:2b:43:4d:03:86:60:bb:28: b8:bd:99:da:97:a4:65:27:74:fe:83:85:f1:d5:df: 45:72:8a:6a:eb:0a:4f:b0:8f:a9:dc:7e:b7:7b:b3: 9b:6a:c3:1f:04:31:80:bc:32:56:0f:f1:12:b1:27: 2d:7d:92:57:92:88:6c:35:8c:38:67:31:86:df:2f: d5:74:ff:e2:a3:7c:28:42:2f:24:87:37:80:a0:a2: fa:8a:8b:92:de:04:51:c7:a5:69:97:bf:5e:3a:c1: d8:0b:ab:ad:57:89:da:f3:24:a2:ec:14:52:4d:8a: 98:c7:30:1b:70:63:d7:8b:a2:a7:4c:2e:eb:9c:d2: 4f:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:35:E6:9B:79:CA:3F:0B:6C:38:74:34:60:7C:7D:DC:17:47:CE:0F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:6000::/40 Signature Algorithm: sha256WithRSAEncryption 62:40:75:00:7d:67:b9:79:87:57:14:8e:89:5f:f9:49:96:4f: 60:64:72:46:fd:d3:ed:2b:3d:7f:5b:81:be:94:61:91:2d:28: 67:b1:d8:91:4b:a2:f3:c5:6f:c1:92:be:d6:ae:22:08:2f:29: 02:f6:ad:f1:3a:57:e2:a8:9f:8c:46:eb:4a:19:02:b1:85:6b: db:53:b8:ec:bc:a5:18:ea:88:a8:a7:85:f5:50:a6:f6:d8:c6: 4c:fb:23:17:db:9c:18:31:2f:8a:df:46:94:ef:d0:e3:69:cb: 90:53:7d:9c:2d:ac:7e:e2:be:51:bf:be:30:d2:6e:81:57:58: e7:4d:c2:f9:63:02:a0:dc:7c:5e:37:54:4f:29:7a:93:2f:b2: 9f:07:af:25:66:35:f9:64:24:e8:e6:52:bd:0e:3f:2a:3d:de: 5c:eb:3d:90:cb:ba:06:3f:43:17:a9:11:58:54:1d:ae:a7:b2: 49:2d:56:3c:30:22:e6:2a:cc:0e:56:5c:07:a9:2e:97:c1:8b: 9d:72:f8:4b:30:a1:2b:41:f6:49:4b:5e:cd:8b:e8:a5:b4:85: d8:28:8e:ca:dd:e7:39:67:c8:d8:81:29:d2:d3:41:5d:8b:75: be:ef:03:a6:49:5d:94:92:7d:78:26:17:07:0f:65:80:a7:03: e6:f1:55:a7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZ3r+/y+D8YbB0Ca6wDAQO2RA600wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAMTNjMGMwYWM4MzY5YTQ0OTUxYjgy NTMyZTk2MDI4NDcwYWI4MDYzOTg2NDNmNTc2MmM2NDVhNDEwY2RkMGEyZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr08pvjEYF3007/jUOoRp6Noi79Ai JWtzEPxBI4hu2aIYsEd0zhOG4JfqT4iKC4w4PpWUNCzI02wV9cyuxpK/BdYVlFXX aqxeIQobMAs3S4HW15QVYYuDZ5VHS8naqe0598f0CEnTNl6QGVHSDenbzOIgTG0x 1vUsk9fTvIpSK0NNA4Zguyi4vZnal6RlJ3T+g4Xx1d9Fcopq6wpPsI+p3H63e7Ob asMfBDGAvDJWD/ESsSctfZJXkohsNYw4ZzGG3y/VdP/io3woQi8khzeAoKL6iouS 3gRRx6Vpl79eOsHYC6utV4na8ySi7BRSTYqYxzAbcGPXi6KnTC7rnNJPmwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEA15pt5yj8LbDh0NGB8fdwXR84PMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4NzQ2YzUwLWIyYzYtNDM4Zi1hZDc5LTNiNjA4ZGE2OGI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaGAwDQYJKoZIhvcNAQELBQADggEBAGJAdQB9Z7l5h1cUjolf +UmWT2Bkckb90+0rPX9bgb6UYZEtKGex2JFLovPFb8GSvtauIggvKQL2rfE6V+Ko n4xG60oZArGFa9tTuOy8pRjqiKinhfVQpvbYxkz7IxfbnBgxL4rfRpTv0ONpy5BT fZwtrH7ivlG/vjDSboFXWOdNwvljAqDcfF43VE8pepMvsp8HryVmNflkJOjmUr0O Pyo93lzrPZDLugY/QxepEVhUHa6nskktVjwwIuYqzA5WXAepLpfBi51y+EswoStB 9klLXs2L6KW0hdgojsrd5zlnyNiBKdLTQV2Ldb7vA6ZJXZSSfXgmFwcPZYCnA+bx Vac= -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:16 2024 by rpki-client on console-fra.rpki-client.org