$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa File: bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa (raw, json) Hash identifier: ALgN9ttG4Tp53gzaFzHHaaw2yaQ4PQMzXKOdV4jzWF4= Subject key identifier: 50:58:E6:A3:B9:10:10:2B:A0:97:CB:E1:84:27:75:32:5B:65:FA:10 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1C8B0BC9E71D8910FE3F985E45B31C204E271AB8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:8b:0b:c9:e7:1d:89:10:fe:3f:98:5e:45:b3:1c:20:4e:27:1a:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=4b1f25979abd2f926b5b53c7fca6f9c7142764e1d57af43d0a39761cef90b20c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:cb:1b:5e:d7:a9:54:eb:21:01:3d:ea:3c:6c: ae:bf:59:88:05:57:df:3b:20:13:04:1f:e7:88:93: f5:e9:cc:2b:27:88:1f:1b:d2:82:51:71:12:3d:00: c9:b0:e3:15:38:d6:db:cf:c0:8c:ed:70:a8:b9:68: 80:27:79:16:9b:d0:73:1d:9d:b3:0c:34:70:29:e5: f9:b8:3d:3c:22:8a:b1:be:7d:50:96:79:28:02:1f: 2a:3e:c1:07:44:e3:bf:23:58:82:f6:81:08:4c:62: 53:ec:99:7d:11:92:b1:d3:4c:b6:53:d9:62:50:ef: 53:54:0b:74:68:05:ec:e2:89:56:51:81:58:77:de: 48:3b:07:cf:b3:30:6c:b0:cd:ce:d9:0a:8a:a6:f7: 1e:42:1b:73:97:b3:77:56:27:5a:3f:bc:35:90:fd: d8:ef:ed:33:72:6b:92:84:93:39:b6:09:1a:58:be: 7e:45:65:a5:da:d2:45:94:f7:93:be:18:66:44:b3: b3:c9:96:7d:f3:07:8b:1f:0e:c9:6a:33:4a:ce:08: 05:ff:67:7f:1d:a7:7d:8e:ec:3c:d7:5b:68:a8:df: ce:84:9b:e9:5e:30:db:05:c1:60:41:e1:2f:11:39: 1d:9e:fa:f6:25:8f:39:45:1c:d9:25:5c:ac:29:0c: a0:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:58:E6:A3:B9:10:10:2B:A0:97:CB:E1:84:27:75:32:5B:65:FA:10 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:2800::/40 Signature Algorithm: sha256WithRSAEncryption 8c:f2:d3:31:2c:b8:33:0d:45:e3:a0:97:1f:fe:ad:f7:c1:65: e3:57:5b:ab:51:0b:12:af:8a:f1:a4:62:da:58:d9:8c:e4:c5: b1:02:e0:98:e6:a1:f0:43:f2:2c:d1:24:9d:e2:64:66:8b:ec: 7d:83:c9:dd:d7:97:6a:94:c3:f5:20:24:eb:1c:f6:13:65:d6: bb:b4:e1:fb:04:ff:81:bb:a4:a3:87:e9:55:47:e2:8d:8f:f8: b9:0c:1f:4c:b1:6a:b1:4a:4b:36:4d:68:73:51:7c:15:92:2c: 40:0a:c5:82:a6:ef:8b:7a:7b:11:63:72:b9:e2:f6:6e:d6:57: 3d:1b:6f:b3:15:25:5f:bf:49:ef:17:33:43:ae:0b:e6:de:fb: 4c:75:cd:fc:ad:6f:02:0e:3c:7d:26:7b:a2:20:72:9b:58:ea: d6:41:2f:7a:17:29:c1:72:7f:eb:44:4a:18:f2:42:17:7b:88: a1:2e:c3:28:56:69:29:9e:c7:b2:72:b8:93:fc:68:f2:90:b0: 19:ab:54:48:3a:87:e4:14:3d:41:d9:0d:8c:a6:41:57:02:89: e8:ca:55:9f:db:c4:66:70:34:04:a2:7a:c8:f6:39:41:f4:5b: 84:00:45:f5:7d:a7:5d:2d:65:08:56:ba:d0:23:52:52:dd:af: 06:dd:1b:1c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHIsLyecdiRD+P5heRbMcIE4nGrgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNANGIxZjI1OTc5YWJkMmY5MjZiNWI1 M2M3ZmNhNmY5YzcxNDI3NjRlMWQ1N2FmNDNkMGEzOTc2MWNlZjkwYjIwYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68sbXtepVOshAT3qPGyuv1mIBVff OyATBB/niJP16cwrJ4gfG9KCUXESPQDJsOMVONbbz8CM7XCouWiAJ3kWm9BzHZ2z DDRwKeX5uD08Ioqxvn1QlnkoAh8qPsEHROO/I1iC9oEITGJT7Jl9EZKx00y2U9li UO9TVAt0aAXs4olWUYFYd95IOwfPszBssM3O2QqKpvceQhtzl7N3VidaP7w1kP3Y 7+0zcmuShJM5tgkaWL5+RWWl2tJFlPeTvhhmRLOzyZZ98weLHw7JajNKzggF/2d/ Had9juw811toqN/OhJvpXjDbBcFgQeEvETkdnvr2JY85RRzZJVysKQygVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFBY5qO5EBAroJfL4YQndTJbZfoQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmY2U2M2I4LTQ0MmQtNDRjYi1hMmI3LTFiNzA4MDBiNzBjZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauSgwDQYJKoZIhvcNAQELBQADggEBAIzy0zEsuDMNReOglx/+ rffBZeNXW6tRCxKvivGkYtpY2YzkxbEC4JjmofBD8izRJJ3iZGaL7H2Dyd3Xl2qU w/UgJOsc9hNl1ru04fsE/4G7pKOH6VVH4o2P+LkMH0yxarFKSzZNaHNRfBWSLEAK xYKm74t6exFjcrni9m7WVz0bb7MVJV+/Se8XM0OuC+be+0x1zfytbwIOPH0me6Ig cptY6tZBL3oXKcFyf+tEShjyQhd7iKEuwyhWaSmex7JyuJP8aPKQsBmrVEg6h+QU PUHZDYymQVcCiejKVZ/bxGZwNASiesj2OUH0W4QARfV9p10tZQhWutAjUlLdrwbd Gxw= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:34 2024 by rpki-client on console-fra.rpki-client.org