$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa File: ae920ed2-97d5-458b-804a-81fcd6f09e97.roa (raw, json) Hash identifier: f3CZdc4Ht99P+pf62tjmlnjTTpF6WNU0mmgz7n3z7xY= Subject key identifier: F1:9A:17:E9:BC:22:97:2B:25:B3:68:E4:FC:85:74:30:96:42:0D:52 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B8A705BD2D3450206428E7517AECC5A8A214919 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:8a:70:5b:d2:d3:45:02:06:42:8e:75:17:ae:cc:5a:8a:21:49:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=30142d4f2819d738a22a5b9f36aa49c0133a60973d86b1f237cb1810c1794a75, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:4a:01:dd:2b:ca:07:3a:51:7b:43:c6:0c:5e: 9a:5d:ac:3b:e0:12:a7:dd:0c:2f:64:ae:cd:a0:5d: 9d:6c:83:4c:a7:36:1d:34:f2:f7:7b:df:90:9f:bd: d8:29:f4:c8:63:fb:57:64:3b:d0:fc:77:4a:05:90: b8:63:0d:20:d1:90:e9:ee:52:05:83:64:24:50:44: 77:b0:32:13:0d:8c:8d:e7:4c:d0:77:97:bb:f2:86: bd:a8:a3:69:22:41:0b:c9:7b:f8:74:e3:f8:85:f7: 8b:ba:23:1e:e8:cf:46:b1:b1:d2:52:bf:ad:a4:a0: 55:34:a2:1f:be:60:56:00:c1:a1:45:1f:94:a9:ab: c1:bb:a7:2c:c8:eb:5b:25:a1:41:48:f8:e9:f0:34: 3d:62:f4:7e:b5:8d:89:31:73:b9:5d:ea:4b:0f:e3: 9b:b5:91:2b:b5:16:2b:06:f4:68:b3:f5:a2:79:49: 3b:1c:a4:89:8a:a4:9f:55:aa:33:58:23:75:a6:19: a2:61:a5:44:5b:b2:fe:26:29:09:e1:1e:53:dd:dc: 13:b5:cc:a6:a1:21:6b:a6:66:d8:52:7b:15:cb:b1: 96:52:94:20:ab:a4:3e:39:f1:22:4c:95:aa:f3:64: 91:b4:16:e1:9a:89:47:54:40:db:b0:da:bc:bd:4d: e1:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:9A:17:E9:BC:22:97:2B:25:B3:68:E4:FC:85:74:30:96:42:0D:52 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:7000::/40 Signature Algorithm: sha256WithRSAEncryption 44:a8:f4:17:fa:62:1e:bd:d1:7e:4a:f5:f3:b9:83:2e:83:1c: 25:c3:49:f3:61:e0:4e:78:0a:1d:04:38:eb:55:b3:26:58:3f: 9b:fa:55:45:42:0b:6f:4a:a4:39:bf:d5:e4:f6:ac:78:59:5c: d5:ca:0c:a5:92:18:6a:c4:bf:b0:8b:a5:e5:9a:47:a1:29:ee: 01:b1:ec:82:f0:c8:ad:13:ae:98:c6:37:bb:12:29:8c:c1:72: e4:44:3c:33:ee:5b:c0:2e:8c:2d:2f:33:05:ea:6d:6c:93:28: 98:02:a2:05:47:1f:eb:22:85:75:b4:5b:9f:e1:11:21:e9:6c: a7:8a:09:8b:8c:3a:16:85:ad:2d:31:0b:f7:90:e7:cc:d3:53: 84:2d:d3:e4:10:73:02:c9:55:c1:41:ce:dc:f9:a1:b8:6b:de: cf:62:67:89:c4:39:b5:0e:17:02:a3:d6:92:f5:c7:cd:a3:07: ac:02:1f:f4:4a:29:37:db:9b:a7:39:9e:48:d6:4b:69:5e:f8: 60:b2:ce:01:dc:19:e6:39:21:f7:e3:67:20:ed:f6:57:0f:76: 05:d4:7e:51:d2:be:47:02:3e:46:de:1e:9e:50:52:3e:09:1a: 30:6c:b2:85:12:b3:bd:76:0c:a0:9f:78:84:6f:c7:83:cf:8e: 80:45:50:3d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUa4pwW9LTRQIGQo51F67MWoohSRkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNAMzAxNDJkNGYyODE5ZDczOGEyMmE1 YjlmMzZhYTQ5YzAxMzNhNjA5NzNkODZiMWYyMzdjYjE4MTBjMTc5NGE3NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUoB3SvKBzpRe0PGDF6aXaw74BKn 3QwvZK7NoF2dbINMpzYdNPL3e9+Qn73YKfTIY/tXZDvQ/HdKBZC4Yw0g0ZDp7lIF g2QkUER3sDITDYyN50zQd5e78oa9qKNpIkELyXv4dOP4hfeLuiMe6M9GsbHSUr+t pKBVNKIfvmBWAMGhRR+UqavBu6csyOtbJaFBSPjp8DQ9YvR+tY2JMXO5XepLD+Ob tZErtRYrBvRos/WieUk7HKSJiqSfVaozWCN1phmiYaVEW7L+JikJ4R5T3dwTtcym oSFrpmbYUnsVy7GWUpQgq6Q+OfEiTJWq82SRtBbhmolHVEDbsNq8vU3hAQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPGaF+m8IpcrJbNo5PyFdDCWQg1SMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FlOTIwZWQyLTk3ZDUtNDU4Yi04MDRhLTgxZmNkNmYwOWU5Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/HAwDQYJKoZIhvcNAQELBQADggEBAESo9Bf6Yh690X5K9fO5 gy6DHCXDSfNh4E54Ch0EOOtVsyZYP5v6VUVCC29KpDm/1eT2rHhZXNXKDKWSGGrE v7CLpeWaR6Ep7gGx7ILwyK0TrpjGN7sSKYzBcuREPDPuW8AujC0vMwXqbWyTKJgC ogVHH+sihXW0W5/hESHpbKeKCYuMOhaFrS0xC/eQ58zTU4Qt0+QQcwLJVcFBztz5 obhr3s9iZ4nEObUOFwKj1pL1x82jB6wCH/RKKTfbm6c5nkjWS2le+GCyzgHcGeY5 IffjZyDt9lcPdgXUflHSvkcCPkbeHp5QUj4JGjBssoUSs712DKCfeIRvx4PPjoBF UD0= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:34 2024 by rpki-client on console-fra.rpki-client.org