$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b91b090d-3825-4e2e-b284-6f3eeae6f950.roa File: b91b090d-3825-4e2e-b284-6f3eeae6f950.roa (raw, json) Hash identifier: aQK97AdVGiy0JlZ82qFEvQ3n0yNJUu2mdZNY1uI0cZs= Subject key identifier: BA:71:8D:83:C4:98:F5:C6:F7:FB:17:19:49:C8:DA:28:D6:FA:24:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2C03A71780420776C9973C7CC2915B884656168D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b91b090d-3825-4e2e-b284-6f3eeae6f950.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:03:a7:17:80:42:07:76:c9:97:3c:7c:c2:91:5b:88:46:56:16:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=4ed71a6259a71234f5686c51839aad43af3be1e300b08275042ff584c6415a57, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ed:42:9a:ad:06:4f:fb:75:bc:0e:bf:8a:82: 2c:f7:20:b8:d2:07:0c:e5:f0:e9:6b:94:ec:69:0d: a6:5f:51:ec:36:23:f9:8e:6e:bc:ea:be:30:24:37: 2a:fa:e5:00:c8:8e:d6:c4:35:97:37:90:73:b0:08: f5:23:ed:e8:d8:d6:6b:d5:db:4f:6f:15:fc:83:59: 47:27:24:b9:7a:c1:1f:f7:72:26:85:0c:1f:e7:12: 67:1e:cb:75:a7:73:f8:15:c0:41:ac:3f:b6:eb:19: 97:5c:35:de:dd:47:04:00:27:66:b0:61:25:b6:c0: 97:46:64:92:0c:eb:c5:9b:b1:73:be:fe:e9:66:33: 3d:49:70:91:b2:90:4d:87:99:e5:a8:21:9b:12:b4: 42:00:98:25:03:e6:9b:a5:14:39:01:b1:97:6d:1d: e9:3e:73:11:3f:e4:10:74:f4:77:3a:b6:d6:0b:81: 0f:3d:ad:ed:d3:21:99:fe:d4:71:eb:84:1c:cb:04: 8c:16:33:3c:2e:63:f7:3e:9e:dc:e1:d9:5c:bb:73: 21:ec:57:23:b1:7a:ff:85:b9:02:79:8d:8d:36:a3: 86:62:f6:b5:52:4c:e8:e4:57:3e:04:dd:78:d0:d0: 70:ce:8f:50:64:13:76:3f:d6:7d:99:7d:6d:da:8c: 79:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:71:8D:83:C4:98:F5:C6:F7:FB:17:19:49:C8:DA:28:D6:FA:24:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b91b090d-3825-4e2e-b284-6f3eeae6f950.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:2800::/40 Signature Algorithm: sha256WithRSAEncryption a4:86:11:3c:ac:6a:85:a8:12:57:98:02:8a:79:08:61:d6:3b: f7:da:39:67:e2:d0:32:35:40:a1:be:3c:68:20:07:21:f7:45: 24:6f:60:57:eb:62:b1:2e:aa:cb:6c:b1:97:28:38:4c:5d:dd: 0c:1c:34:37:db:78:06:26:7e:5d:1a:48:d4:71:23:40:3f:39: 84:74:7e:62:ca:97:fa:0f:88:7c:2b:bd:c3:c9:21:f1:28:30: c8:4f:c5:ed:8e:5c:2c:24:d9:f1:7f:47:5e:dd:a3:c3:ca:a5: b5:18:ca:15:58:c5:ac:d4:07:70:fc:04:00:f4:aa:58:b5:40: 8c:80:b7:e3:c7:e6:1a:bd:6e:83:9b:45:24:a9:ca:12:59:a4: 14:b0:bc:04:da:28:9b:69:d0:a4:1f:de:13:10:6a:22:33:0f: 75:a4:d9:11:77:7f:0b:95:7b:6d:58:97:6e:f2:a1:ce:ba:bd: ba:76:1e:53:80:74:7e:65:f3:7c:21:19:f0:8c:63:e7:0c:c5: 90:e7:5c:3a:36:0c:3c:dd:69:c6:37:6f:ee:e4:bd:db:40:87: 3c:84:62:cd:42:7a:e2:dd:b7:ba:f4:e2:7b:6d:92:b7:5f:4a: 47:0a:49:12:3b:1a:88:51:55:67:43:15:cc:48:d6:1b:92:55: e2:05:2d:46 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULAOnF4BCB3bJlzx8wpFbiEZWFo0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNANGVkNzFhNjI1OWE3MTIzNGY1Njg2 YzUxODM5YWFkNDNhZjNiZTFlMzAwYjA4Mjc1MDQyZmY1ODRjNjQxNWE1NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+1Cmq0GT/t1vA6/ioIs9yC40gcM 5fDpa5TsaQ2mX1HsNiP5jm686r4wJDcq+uUAyI7WxDWXN5BzsAj1I+3o2NZr1dtP bxX8g1lHJyS5esEf93ImhQwf5xJnHst1p3P4FcBBrD+26xmXXDXe3UcEACdmsGEl tsCXRmSSDOvFm7Fzvv7pZjM9SXCRspBNh5nlqCGbErRCAJglA+abpRQ5AbGXbR3p PnMRP+QQdPR3OrbWC4EPPa3t0yGZ/tRx64QcywSMFjM8LmP3Pp7c4dlcu3Mh7Fcj sXr/hbkCeY2NNqOGYva1Ukzo5Fc+BN140NBwzo9QZBN2P9Z9mX1t2ox5awIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLpxjYPEmPXG9/sXGUnI2ijW+iRAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I5MWIwOTBkLTM4MjUtNGUyZS1iMjg0LTZmM2VlYWU2Zjk1MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaSgwDQYJKoZIhvcNAQELBQADggEBAKSGETysaoWoEleYAop5 CGHWO/faOWfi0DI1QKG+PGggByH3RSRvYFfrYrEuqstssZcoOExd3QwcNDfbeAYm fl0aSNRxI0A/OYR0fmLKl/oPiHwrvcPJIfEoMMhPxe2OXCwk2fF/R17do8PKpbUY yhVYxazUB3D8BAD0qli1QIyAt+PH5hq9boObRSSpyhJZpBSwvATaKJtp0KQf3hMQ aiIzD3Wk2RF3fwuVe21Yl27yoc66vbp2HlOAdH5l83whGfCMY+cMxZDnXDo2DDzd acY3b+7kvdtAhzyEYs1CeuLdt7r04nttkrdfSkcKSRI7GohRVWdDFcxI1huSVeIF LUY= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:26 2024 by rpki-client on console-ams.rpki-client.org