$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa File: b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa (raw, json) Hash identifier: 2bUSipoyY8IWks2TKA/cVc7BAUdcS1wNNdpoWO22Fbo= Subject key identifier: 0F:75:67:1B:EA:F9:E2:51:7F:35:23:0C:B9:32:E1:C1:63:87:1D:46 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 10CFF4AF206A672EB24E5C62090F559558FE5C43 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:cf:f4:af:20:6a:67:2e:b2:4e:5c:62:09:0f:55:95:58:fe:5c:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=b6fdfa3502b1998ffb4813d2d4b11de6aa92595db75597907694eafc22f21fad, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:a6:f0:cc:25:3b:fd:2b:d3:73:b9:6b:f7:47: 64:71:8b:de:8e:6c:2f:0e:4d:b7:c2:36:e2:bf:b8: fc:e3:ff:aa:61:91:f3:7f:39:44:8e:32:d2:ee:7b: d2:11:36:b4:fa:89:7e:93:cb:a8:c4:aa:f0:94:12: b3:79:a5:dd:f5:ac:2a:56:88:73:f8:44:31:47:fa: fe:d5:e1:50:8a:e9:78:50:77:a2:91:be:00:b1:4d: 0c:d0:ba:e6:65:13:21:0f:b9:3e:37:6b:1f:2f:a7: 69:5f:35:98:89:04:50:c8:f1:1c:19:14:97:c0:1f: f1:27:b2:56:13:0a:ba:8d:e0:a8:87:5c:94:b7:fe: 57:5d:fd:a5:eb:8f:a3:57:52:b9:4f:a7:75:ff:72: 43:81:5b:93:93:fe:42:b0:a5:6e:90:75:2b:52:94: 8c:61:e1:3c:3c:c0:c2:2d:93:32:0e:94:40:df:32: 7f:97:7d:17:31:1d:e3:12:46:9a:16:7f:72:93:0f: 92:2f:0a:20:86:24:f1:1f:55:e2:68:ee:8b:ee:8e: 44:b9:e0:69:20:2e:23:d6:2d:d3:e8:01:b3:c6:99: 32:2b:0c:7d:fa:0b:98:f1:f2:d7:c2:3c:e2:c9:b2: 7c:3d:e6:d9:06:38:80:af:7e:85:e8:b3:2a:bc:24: 4f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:75:67:1B:EA:F9:E2:51:7F:35:23:0C:B9:32:E1:C1:63:87:1D:46 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:e000::/40 Signature Algorithm: sha256WithRSAEncryption 78:b9:ba:c4:b7:33:2a:57:2c:34:87:fb:71:7f:0f:d4:26:0c: 70:fa:92:5a:72:7d:90:20:c4:21:90:e0:01:9d:8f:a0:a6:d3: c5:48:d2:b5:27:c0:8c:f7:93:1a:57:e8:46:cb:c7:6c:7e:06: cf:3e:36:02:42:a2:e9:00:a2:7a:c5:82:f1:0f:27:8d:84:52: 4a:9f:b5:e1:fa:f9:e2:99:a6:24:7a:b4:b9:2f:55:78:0f:2f: 91:46:c8:88:4f:42:a2:03:8c:ec:f4:9b:7b:c4:e6:7d:7b:b7: 9a:91:9e:c2:f0:ba:3e:d1:55:ab:20:73:8e:4f:04:4b:b0:03: 8a:24:e6:67:08:04:81:2c:2c:66:95:ad:57:02:08:7d:09:bb: 1c:61:70:9d:61:e1:e5:47:a4:0e:a1:2b:dd:53:bf:1b:20:6f: 1d:48:39:c9:68:13:4b:ce:86:6b:f8:6c:1a:44:22:ba:9c:98: d4:f2:ec:1c:51:b8:77:2f:c2:b2:43:1c:6f:22:b6:fe:86:b8: 8b:30:56:65:e7:aa:3e:18:f4:39:6e:b4:bc:dc:40:b7:c9:c8: 68:3d:42:17:62:14:c6:64:4a:b2:8d:94:76:77:e0:19:f2:c1: 1b:d5:53:d1:c3:37:06:84:62:64:2d:3b:8b:6f:83:55:e7:88: 6a:33:67:16 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEM/0ryBqZy6yTlxiCQ9VlVj+XEMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAYjZmZGZhMzUwMmIxOTk4ZmZiNDgx M2QyZDRiMTFkZTZhYTkyNTk1ZGI3NTU5NzkwNzY5NGVhZmMyMmYyMWZhZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA86bwzCU7/SvTc7lr90dkcYvejmwv Dk23wjbiv7j84/+qYZHzfzlEjjLS7nvSETa0+ol+k8uoxKrwlBKzeaXd9awqVohz +EQxR/r+1eFQiul4UHeikb4AsU0M0LrmZRMhD7k+N2sfL6dpXzWYiQRQyPEcGRSX wB/xJ7JWEwq6jeCoh1yUt/5XXf2l64+jV1K5T6d1/3JDgVuTk/5CsKVukHUrUpSM YeE8PMDCLZMyDpRA3zJ/l30XMR3jEkaaFn9ykw+SLwoghiTxH1XiaO6L7o5EueBp IC4j1i3T6AGzxpkyKwx9+guY8fLXwjziybJ8PebZBjiAr36F6LMqvCRPqQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA91Zxvq+eJRfzUjDLky4cFjhx1GMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I4MWFkNDkzLTFmM2ItNDIxZC04YzQzLWY5Y2NmZGY5OTdhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacOAwDQYJKoZIhvcNAQELBQADggEBAHi5usS3MypXLDSH+3F/ D9QmDHD6klpyfZAgxCGQ4AGdj6Cm08VI0rUnwIz3kxpX6EbLx2x+Bs8+NgJCoukA onrFgvEPJ42EUkqfteH6+eKZpiR6tLkvVXgPL5FGyIhPQqIDjOz0m3vE5n17t5qR nsLwuj7RVasgc45PBEuwA4ok5mcIBIEsLGaVrVcCCH0JuxxhcJ1h4eVHpA6hK91T vxsgbx1IOcloE0vOhmv4bBpEIrqcmNTy7BxRuHcvwrJDHG8itv6GuIswVmXnqj4Y 9DlutLzcQLfJyGg9QhdiFMZkSrKNlHZ34BnywRvVU9HDNwaEYmQtO4tvg1XniGoz ZxY= -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:39 2024 by rpki-client on console-ams.rpki-client.org