$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa File: c017ae6c-65e9-495c-a109-f29969b4159f.roa (raw, json) Hash identifier: xmtC4aOQ/ZTKlDWEm3QkRglCxLxmOMMPAinaMNe4mFc= Subject key identifier: 8E:87:D1:30:E1:66:AB:32:50:64:63:EA:01:B3:A9:F2:53:AF:FB:A2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 239119A9D6D6909A16EEB6D8370F84EAF070C1EE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:91:19:a9:d6:d6:90:9a:16:ee:b6:d8:37:0f:84:ea:f0:70:c1:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=2b0b66fd4224edac2f81caf2e90fb10ae3e9babcfdecc6d1f07f1a9c06fe42b9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:0d:40:6b:f4:e7:5d:52:f9:ab:25:09:38:e1: b8:81:f8:3c:e8:db:b8:bc:0d:93:f5:87:e0:d6:d1: 4a:0e:4a:f3:9d:70:08:3e:33:b7:5d:75:7c:4f:1e: 77:86:9f:f1:2a:bf:f4:b9:7a:d7:8e:04:2e:9b:f1: 00:c2:4f:7d:9d:bf:47:30:e8:b9:be:14:4c:03:86: 78:fd:53:b3:75:40:8d:f8:56:85:36:51:9c:38:80: 2d:c1:08:67:bf:db:31:f0:8b:2f:e3:22:25:90:ee: b0:52:68:9d:71:42:ec:02:9d:d4:87:c4:f0:07:9f: 10:1a:ec:ad:77:ca:46:f0:d1:f1:86:c6:b1:4d:dc: 00:6d:42:cc:9c:8f:87:62:44:16:76:3d:c7:d6:b3: cc:ec:71:d4:38:c0:8a:92:03:24:93:ff:19:dd:43: 75:32:bc:be:fd:04:68:c5:43:28:dd:51:27:a7:60: 5b:61:21:c6:96:4d:b3:65:4f:8b:cb:2c:c3:3f:d9: 53:5c:75:26:ab:a8:14:16:b1:3c:17:71:a2:fa:b7: 7a:68:7c:ec:f9:4b:16:3a:26:fa:a5:ab:dd:58:e3: f9:5a:29:ec:fb:a1:00:1b:f4:28:34:5c:82:4f:d6: 25:7b:03:35:f8:65:ea:49:27:dc:dc:b4:6c:0f:25: 87:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:87:D1:30:E1:66:AB:32:50:64:63:EA:01:B3:A9:F2:53:AF:FB:A2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:2000::/40 Signature Algorithm: sha256WithRSAEncryption 41:ea:5b:b6:ca:5f:dc:a5:24:30:ce:62:02:28:2f:20:c1:83: 09:73:d3:0c:cc:99:4b:c5:17:41:f4:8e:2a:7b:b0:ba:6f:aa: 28:6d:8b:ac:90:21:99:b4:04:55:dc:af:96:e1:0b:c6:bb:f4: d6:fa:60:6d:1f:5a:aa:33:e8:12:33:d4:63:97:22:62:ae:34: e4:8f:42:9f:fd:bc:f8:41:f0:f3:84:1c:fa:52:32:ac:9c:a2: 39:f4:b6:f5:40:35:dd:b7:da:62:25:a7:32:16:cc:34:8a:92: f8:93:5d:56:05:54:75:4a:18:f7:97:28:0e:d1:06:d6:56:fc: 13:45:46:c1:fb:0b:82:ce:6a:5e:81:1a:5e:57:a0:8b:03:77: 40:69:e3:eb:21:7b:b3:ca:75:13:f5:4e:4b:ad:8f:36:46:49: 2a:bd:49:aa:bd:6a:d2:e2:2d:39:2c:4f:f0:26:c9:a4:cb:c6: f2:c1:3f:2f:b3:16:8e:54:5a:fa:25:f6:8b:3c:a8:23:8c:bc: 7e:74:ed:ac:61:71:d6:c2:b3:47:82:6b:54:79:08:2a:39:49: bd:28:b1:7f:c1:42:1e:fc:99:09:fb:55:c0:aa:74:15:c8:1f: 39:0c:21:40:82:e8:00:ac:3e:77:f7:3e:77:14:f1:5d:71:96: a7:ca:f9:58 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUI5EZqdbWkJoW7rbYNw+E6vBwwe4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNAMmIwYjY2ZmQ0MjI0ZWRhYzJmODFj YWYyZTkwZmIxMGFlM2U5YmFiY2ZkZWNjNmQxZjA3ZjFhOWMwNmZlNDJiOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw1Aa/TnXVL5qyUJOOG4gfg86Nu4 vA2T9Yfg1tFKDkrznXAIPjO3XXV8Tx53hp/xKr/0uXrXjgQum/EAwk99nb9HMOi5 vhRMA4Z4/VOzdUCN+FaFNlGcOIAtwQhnv9sx8Isv4yIlkO6wUmidcULsAp3Uh8Tw B58QGuytd8pG8NHxhsaxTdwAbULMnI+HYkQWdj3H1rPM7HHUOMCKkgMkk/8Z3UN1 Mry+/QRoxUMo3VEnp2BbYSHGlk2zZU+LyyzDP9lTXHUmq6gUFrE8F3Gi+rd6aHzs +UsWOib6pavdWOP5Wins+6EAG/QoNFyCT9YlewM1+GXqSSfc3LRsDyWHhQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI6H0TDhZqsyUGRj6gGzqfJTr/uiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwMTdhZTZjLTY1ZTktNDk1Yy1hMTA5LWYyOTk2OWI0MTU5Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+iAwDQYJKoZIhvcNAQELBQADggEBAEHqW7bKX9ylJDDOYgIo LyDBgwlz0wzMmUvFF0H0jip7sLpvqihti6yQIZm0BFXcr5bhC8a79Nb6YG0fWqoz 6BIz1GOXImKuNOSPQp/9vPhB8POEHPpSMqycojn0tvVANd232mIlpzIWzDSKkviT XVYFVHVKGPeXKA7RBtZW/BNFRsH7C4LOal6BGl5XoIsDd0Bp4+she7PKdRP1Tkut jzZGSSq9Saq9atLiLTksT/AmyaTLxvLBPy+zFo5UWvol9os8qCOMvH507axhcdbC s0eCa1R5CCo5Sb0osX/BQh78mQn7VcCqdBXIHzkMIUCC6ACsPnf3PncU8V1xlqfK +Vg= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:26 2024 by rpki-client on console-ams.rpki-client.org