$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa File: bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa (raw, json) Hash identifier: 9erCK02kOpsRVGf8NMjbWipyM8fpeFV4VsQ9rP+Bn9Y= Subject key identifier: BB:52:9C:8F:9C:61:7D:F1:FF:5A:8B:50:C1:7F:17:9E:14:6D:58:97 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 646B5A97FAC13EFFC70A5B51444CF150F798AA2E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:6b:5a:97:fa:c1:3e:ff:c7:0a:5b:51:44:4c:f1:50:f7:98:aa:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=f4fe5c68acbf2c0b1f41a32068acda318b8dfb54a315c6aba40a84e60210f246, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c0:43:44:3e:04:db:db:14:19:9c:43:24:0b: d0:21:50:d4:3a:4c:99:b9:51:6d:d2:01:bd:d2:d7: a6:43:6b:ce:c1:d1:d8:4c:2c:d1:e6:f7:2d:c1:cf: 2b:24:31:61:fa:20:8c:55:ac:aa:47:a5:70:66:be: b7:3d:eb:fe:37:c3:16:04:ff:8d:0c:66:30:d1:1d: 9f:82:df:0d:2a:8d:e3:de:d7:cd:94:de:ac:a1:3d: f7:6d:ac:27:3b:11:da:89:a6:88:c3:08:de:e3:03: 01:e7:5f:f4:07:41:d6:30:1e:a9:97:a1:c8:43:ce: 0d:80:8e:3e:88:e8:4d:b4:a1:77:d1:39:59:be:f4: 37:14:5a:e9:d1:09:8e:32:2b:f9:d9:02:bd:5d:67: f6:96:69:52:7e:24:3f:fc:5e:6e:d2:65:a6:02:ba: 43:e7:70:19:19:3b:b6:a3:8a:ee:46:2f:0b:a0:72: 4f:37:93:69:56:17:cb:11:d3:fc:cb:17:8c:83:16: dc:5d:76:75:e8:23:33:a2:a0:33:03:e2:50:98:e7: 31:95:e6:31:77:9e:a7:f7:02:84:42:71:27:05:28: 84:53:a9:68:1f:9e:1b:51:21:ac:5a:41:e0:4d:1a: 2e:ec:0a:88:ff:22:45:a9:45:fd:59:1c:7b:b8:54: 2e:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:52:9C:8F:9C:61:7D:F1:FF:5A:8B:50:C1:7F:17:9E:14:6D:58:97 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:2800::/40 Signature Algorithm: sha256WithRSAEncryption 0a:57:6f:ec:d4:46:9c:8f:76:1a:9a:47:96:e2:37:ac:8f:6a: 63:17:bb:5b:ad:32:79:ec:1e:85:79:4f:80:7a:ab:7b:54:d9: 2d:66:06:a6:fd:bd:82:93:f4:e4:27:c1:94:e2:74:71:7c:b2: 63:e7:c3:34:a3:c1:57:71:fe:6e:6e:14:f2:31:f1:11:f6:59: 62:34:fd:b9:34:f9:e7:2a:5c:bf:a0:1b:ed:7e:6b:ad:49:63: dc:16:0f:36:df:96:b2:d9:47:6a:23:ad:c3:b2:9a:29:ec:8a: ae:26:d7:14:20:e7:8e:0b:df:a8:c2:4d:53:e8:c8:18:e4:25: 75:1b:b1:1f:e2:14:7a:c4:3d:ee:f5:e6:78:99:1f:c2:74:9d: a4:84:24:68:00:be:5b:4d:a5:05:78:83:b3:57:b1:fe:dd:f7: 8b:3c:d5:6f:ba:07:84:12:6f:63:2e:c5:47:27:d9:b0:62:9e: 8e:cd:94:81:63:08:b3:20:2b:af:f6:5d:09:6a:46:26:80:60: 3e:8e:ca:e2:2f:2b:31:5c:a8:f0:b4:a8:d3:4a:70:9a:85:b3: 8f:fe:22:a8:71:05:62:48:c5:82:ec:6e:3d:2e:04:9d:0f:c1: a7:5c:20:3a:4b:45:5a:d9:26:17:08:01:47:16:08:32:1a:1e: 6d:46:83:42 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZGtal/rBPv/HCltRREzxUPeYqi4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAZjRmZTVjNjhhY2JmMmMwYjFmNDFh MzIwNjhhY2RhMzE4YjhkZmI1NGEzMTVjNmFiYTQwYTg0ZTYwMjEwZjI0NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMBDRD4E29sUGZxDJAvQIVDUOkyZ uVFt0gG90temQ2vOwdHYTCzR5vctwc8rJDFh+iCMVayqR6VwZr63Pev+N8MWBP+N DGYw0R2fgt8NKo3j3tfNlN6soT33bawnOxHaiaaIwwje4wMB51/0B0HWMB6pl6HI Q84NgI4+iOhNtKF30TlZvvQ3FFrp0QmOMiv52QK9XWf2lmlSfiQ//F5u0mWmArpD 53AZGTu2o4ruRi8LoHJPN5NpVhfLEdP8yxeMgxbcXXZ16CMzoqAzA+JQmOcxleYx d56n9wKEQnEnBSiEU6loH54bUSGsWkHgTRou7AqI/yJFqUX9WRx7uFQuSwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLtSnI+cYX3x/1qLUMF/F54UbViXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmY2U2M2I4LTQ0MmQtNDRjYi1hMmI3LTFiNzA4MDBiNzBjZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauSgwDQYJKoZIhvcNAQELBQADggEBAApXb+zURpyPdhqaR5bi N6yPamMXu1utMnnsHoV5T4B6q3tU2S1mBqb9vYKT9OQnwZTidHF8smPnwzSjwVdx /m5uFPIx8RH2WWI0/bk0+ecqXL+gG+1+a61JY9wWDzbflrLZR2ojrcOyminsiq4m 1xQg544L36jCTVPoyBjkJXUbsR/iFHrEPe715niZH8J0naSEJGgAvltNpQV4g7NX sf7d94s81W+6B4QSb2MuxUcn2bBino7NlIFjCLMgK6/2XQlqRiaAYD6OyuIvKzFc qPC0qNNKcJqFs4/+IqhxBWJIxYLsbj0uBJ0PwadcIDpLRVrZJhcIAUcWCDIaHm1G g0I= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:36 2024 by rpki-client on console-fra.rpki-client.org