$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa File: c017ae6c-65e9-495c-a109-f29969b4159f.roa (raw, json) Hash identifier: Gvtx5hcBFRNekWE64QqDOtsi7m8VgxY/kzDs3eboX3s= Subject key identifier: 0C:4A:57:D8:CB:98:84:5E:D2:21:A4:96:BE:E7:DD:3D:01:A9:81:21 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2D28FBD62F8304CF1C1F0ED987F35FCBD266C6C8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:28:fb:d6:2f:83:04:cf:1c:1f:0e:d9:87:f3:5f:cb:d2:66:c6:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=6720b58582495367274740a7d57e5f9cff276e39aa1fc77c9d08336e2fe4ca74, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:b7:75:c8:e7:a8:98:f0:c6:0a:a9:4f:ae:08: 15:ce:27:f3:a5:f8:e6:ba:e1:b0:8b:2f:ec:7c:f4: d8:05:8b:d5:b5:fa:89:98:5d:5f:b4:a9:4e:38:e0: e1:49:31:de:0c:de:12:c7:cc:a2:ca:d1:55:18:31: 51:03:36:b2:98:1b:c0:cc:33:2a:75:4a:7e:be:f2: 0b:7f:3c:db:dc:1f:ff:fa:a3:1d:12:df:2c:5e:fd: 42:8a:35:4b:57:16:04:5a:a0:57:a5:85:a6:97:21: 06:32:ed:01:f2:ac:17:a7:4e:d8:c8:5c:6c:ef:5b: 7c:42:db:e5:58:6f:44:a6:4d:37:7f:cc:76:77:41: 93:e5:a6:af:0a:e6:e1:c9:d6:d2:96:26:c7:2a:f2: 0f:93:eb:c9:90:93:31:ee:85:d4:4d:6a:d2:e3:8e: 62:07:34:8d:8c:4d:ad:01:8c:7f:ac:40:5a:47:68: be:42:98:6d:e3:f5:78:c1:6e:27:85:9f:92:3d:f9: 7c:1d:6d:cc:8b:5e:4b:2b:ec:07:5c:d1:42:38:b1: 3a:1b:9e:2b:9e:d2:5b:fb:a4:d5:2f:44:f9:3c:d5: 71:a0:67:45:0f:36:17:9d:0b:87:f9:6e:e1:ae:33: 85:b4:44:9a:ac:f9:22:c7:ea:fc:7d:38:b2:75:0b: a9:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:4A:57:D8:CB:98:84:5E:D2:21:A4:96:BE:E7:DD:3D:01:A9:81:21 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:2000::/40 Signature Algorithm: sha256WithRSAEncryption ac:0c:35:3b:b3:89:ae:1b:86:69:c0:6e:62:bb:cb:0b:42:26: ce:14:32:c4:f7:7f:74:09:c2:2b:cb:21:2d:cd:dc:06:8b:49: e7:29:7f:89:10:39:41:07:91:3c:c8:c1:0a:aa:97:be:a3:5e: 22:00:20:c9:5c:34:bc:fd:68:b4:1a:3a:28:86:a6:18:71:34: 74:81:a3:2f:1d:81:b6:db:c7:63:45:2d:45:67:39:56:bb:f8: d5:ec:c4:a2:f7:85:b8:01:ab:4d:c3:59:ba:ab:6e:90:0f:c0: 42:0f:ab:8b:9d:8c:56:ef:c4:1f:99:75:22:ac:ec:a2:33:be: 9e:cf:72:a6:0a:6e:6c:84:4f:cf:f7:1e:e5:fe:53:d1:07:30: 7d:77:8c:18:8e:82:48:bc:cd:7f:47:b0:e0:b1:da:89:1e:a0: 76:a8:f2:ef:b2:93:16:60:cf:f4:f5:dc:5b:dd:3b:e8:ae:e3: 6e:ca:29:39:30:3a:4d:d5:54:c8:b9:60:1c:4f:68:80:ba:08: ad:9a:e9:68:c3:6b:45:19:10:55:be:7d:a9:10:22:25:5c:70: 5c:1d:25:e5:eb:47:72:a4:54:aa:55:73:6b:a6:6a:73:7b:24: cf:27:ea:8a:73:eb:f9:80:f0:23:a9:bb:4d:8e:b2:e0:1f:ea: 5d:c3:82:66 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULSj71i+DBM8cHw7Zh/Nfy9JmxsgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNANjcyMGI1ODU4MjQ5NTM2NzI3NDc0 MGE3ZDU3ZTVmOWNmZjI3NmUzOWFhMWZjNzdjOWQwODMzNmUyZmU0Y2E3NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbd1yOeomPDGCqlPrggVzifzpfjm uuGwiy/sfPTYBYvVtfqJmF1ftKlOOODhSTHeDN4Sx8yiytFVGDFRAzaymBvAzDMq dUp+vvILfzzb3B//+qMdEt8sXv1CijVLVxYEWqBXpYWmlyEGMu0B8qwXp07YyFxs 71t8QtvlWG9Epk03f8x2d0GT5aavCubhydbSlibHKvIPk+vJkJMx7oXUTWrS445i BzSNjE2tAYx/rEBaR2i+Qpht4/V4wW4nhZ+SPfl8HW3Mi15LK+wHXNFCOLE6G54r ntJb+6TVL0T5PNVxoGdFDzYXnQuH+W7hrjOFtESarPkix+r8fTiydQupzQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAxKV9jLmIRe0iGklr7n3T0BqYEhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwMTdhZTZjLTY1ZTktNDk1Yy1hMTA5LWYyOTk2OWI0MTU5Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+iAwDQYJKoZIhvcNAQELBQADggEBAKwMNTuzia4bhmnAbmK7 ywtCJs4UMsT3f3QJwivLIS3N3AaLSecpf4kQOUEHkTzIwQqql76jXiIAIMlcNLz9 aLQaOiiGphhxNHSBoy8dgbbbx2NFLUVnOVa7+NXsxKL3hbgBq03DWbqrbpAPwEIP q4udjFbvxB+ZdSKs7KIzvp7PcqYKbmyET8/3HuX+U9EHMH13jBiOgki8zX9HsOCx 2okeoHao8u+ykxZgz/T13FvdO+iu427KKTkwOk3VVMi5YBxPaIC6CK2a6WjDa0UZ EFW+fakQIiVccFwdJeXrR3KkVKpVc2umanN7JM8n6opz6/mA8COpu02OsuAf6l3D gmY= -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:39 2024 by rpki-client on console-ams.rpki-client.org