$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa File: aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa (raw, json) Hash identifier: JK0Knitpw7J0lsiaiEw6MjhiM+9TAOUJObZmUBS7mKc= Subject key identifier: C8:A4:76:1C:47:F7:15:A4:C5:6B:4A:9A:D0:F7:00:9C:39:2E:F1:0F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6EFFB45EDC8D33BB1EA07EA578A5700C662A9E95 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa Signing time: Sat 09 Nov 2024 00:00:00 +0000 ROA not before: Sat 09 Nov 2024 00:00:00 +0000 ROA not after: Sat 14 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:ff:b4:5e:dc:8d:33:bb:1e:a0:7e:a5:78:a5:70:0c:66:2a:9e:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:00:00 2024 GMT Not After : Dec 14 23:59:59 2024 GMT Subject: serialNumber=c373b9958b62fa3ff3f7be0e9a7949351dc30e13fc057afc98e714dd9f03231f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:fb:d4:e8:b6:44:66:bc:8f:46:bc:d4:30:9e: d9:bf:c1:a0:c5:6f:37:80:33:33:83:ea:0d:64:a6: aa:76:61:2f:dc:f7:88:f6:ea:6a:07:c2:09:15:cc: 5a:65:60:f7:a1:d1:19:a7:f1:23:4f:12:02:3d:df: c3:56:4f:76:50:cb:7f:16:a3:92:8e:b1:2e:10:c3: b2:ba:1b:1c:7d:be:6e:e6:7a:ed:65:4b:9c:19:58: a3:9f:86:f2:09:3b:62:27:1e:fa:53:4b:d9:60:b9: ce:ec:c4:4a:5a:e5:b2:62:23:1d:64:b1:be:09:8c: a1:0a:f2:85:6c:6c:62:f0:c0:59:e8:20:00:12:cf: 62:e6:66:55:da:64:d3:2f:12:e9:93:df:d3:95:96: 16:70:90:02:bc:fa:c4:83:dc:31:8c:7d:af:32:c4: 29:73:64:3b:7a:3b:88:ce:cc:55:c0:95:7d:e7:ee: 6a:c5:1a:36:30:20:ad:82:7e:14:49:06:97:28:0f: 99:98:37:fa:f7:54:c9:25:fb:92:d6:83:b9:63:ae: e3:00:9b:87:99:8e:d9:7f:df:c8:a2:cc:19:53:c3: e0:28:2d:69:4b:75:06:05:67:10:5e:f4:c9:0c:ae: 6e:8f:3f:ec:ff:0d:52:41:d5:99:6a:2e:b8:65:ed: 52:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:A4:76:1C:47:F7:15:A4:C5:6B:4A:9A:D0:F7:00:9C:39:2E:F1:0F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:a000::/40 Signature Algorithm: sha256WithRSAEncryption 29:23:df:da:ae:75:a8:9d:3e:c7:44:71:50:5b:46:ee:fc:84: e0:ee:7e:cc:52:e7:b4:86:99:f9:4d:42:a3:3c:8f:cf:19:97: 56:af:90:56:26:21:5d:6d:5f:a4:af:3b:33:98:fc:45:f6:ef: c2:db:55:e0:0b:b2:61:8f:85:6d:17:7c:6c:25:de:11:27:b4: 7d:47:a8:17:aa:41:6e:52:48:70:bf:75:4b:4b:3e:78:7d:e7: b4:3c:35:c3:c1:62:21:a6:a9:77:c7:77:02:42:4d:77:ea:45: d4:2f:c3:93:f5:c0:34:25:05:42:5a:9e:59:e8:e5:fb:ea:00: ac:31:9f:5f:89:fa:0f:fd:2a:42:8e:3e:be:f3:ca:32:33:9b: b0:9a:d7:b6:39:ac:fc:f0:e0:7b:9f:e9:ee:a7:9f:06:f6:9a: d5:8e:e7:1e:be:ce:46:a9:27:ce:a5:75:4e:9f:f3:b8:56:a1: 9f:9b:45:ea:1a:3d:28:44:e9:a0:cd:92:d7:ec:30:48:a1:16: 70:b3:ca:26:28:5d:2a:9e:0d:d7:eb:5c:77:98:30:9b:0a:e2: 6a:c0:ba:49:79:9c:ec:d4:21:05:cb:7e:89:21:01:72:b7:f5: 98:af:38:80:d9:b3:21:03:42:0b:17:1e:0f:3c:ba:34:10:ea: 0f:c8:c6:4b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbv+0XtyNM7seoH6leKVwDGYqnpUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEwOTAwMDAwMFoX DTI0MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAYzM3M2I5OTU4YjYyZmEzZmYzZjdi ZTBlOWE3OTQ5MzUxZGMzMGUxM2ZjMDU3YWZjOThlNzE0ZGQ5ZjAzMjMxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPvU6LZEZryPRrzUMJ7Zv8GgxW83 gDMzg+oNZKaqdmEv3PeI9upqB8IJFcxaZWD3odEZp/EjTxICPd/DVk92UMt/FqOS jrEuEMOyuhscfb5u5nrtZUucGVijn4byCTtiJx76U0vZYLnO7MRKWuWyYiMdZLG+ CYyhCvKFbGxi8MBZ6CAAEs9i5mZV2mTTLxLpk9/TlZYWcJACvPrEg9wxjH2vMsQp c2Q7ejuIzsxVwJV95+5qxRo2MCCtgn4USQaXKA+ZmDf691TJJfuS1oO5Y67jAJuH mY7Zf9/IoswZU8PgKC1pS3UGBWcQXvTJDK5ujz/s/w1SQdWZai64Ze1ShQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMikdhxH9xWkxWtKmtD3AJw5LvEPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FiYTIzMThjLWU5NmEtNDA1OC04ZTBjLTVhY2EyYjU2YWFkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMqAwDQYJKoZIhvcNAQELBQADggEBACkj39qudaidPsdEcVBb Ru78hODufsxS57SGmflNQqM8j88Zl1avkFYmIV1tX6SvOzOY/EX278LbVeALsmGP hW0XfGwl3hEntH1HqBeqQW5SSHC/dUtLPnh957Q8NcPBYiGmqXfHdwJCTXfqRdQv w5P1wDQlBUJanlno5fvqAKwxn1+J+g/9KkKOPr7zyjIzm7Ca17Y5rPzw4Huf6e6n nwb2mtWO5x6+zkapJ86ldU6f87hWoZ+bReoaPShE6aDNktfsMEihFnCzyiYoXSqe DdfrXHeYMJsK4mrAukl5nOzUIQXLfokhAXK39ZivOIDZsyEDQgsXHg88ujQQ6g/I xks= -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:16 2024 by rpki-client on console-fra.rpki-client.org