$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cb72aad8-7ed7-4ae9-9686-3f71e3f49e01.roa File: cb72aad8-7ed7-4ae9-9686-3f71e3f49e01.roa (raw, json) Hash identifier: 6kwV/PLCvxIqQD5UIz+uXLHzO4u7GzNbwN4CLCDwhz4= Subject key identifier: 65:E3:48:8A:59:71:35:89:19:E4:CB:FD:8D:11:65:97:E2:72:D7:83 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5ADD41C9AC325581C93844C92493A669CE572DBC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cb72aad8-7ed7-4ae9-9686-3f71e3f49e01.roa Signing time: Sat 23 Nov 2024 00:00:00 +0000 ROA not before: Sat 23 Nov 2024 00:00:00 +0000 ROA not after: Sat 28 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:dd:41:c9:ac:32:55:81:c9:38:44:c9:24:93:a6:69:ce:57:2d:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 23 00:00:00 2024 GMT Not After : Dec 28 23:59:59 2024 GMT Subject: serialNumber=b813812c7957c387d13f69826c4c3e704882dcae1aa0a1e030ff19eb716682fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:ed:7c:85:fd:53:04:07:c2:5e:30:ff:4e:51: 80:88:6c:5d:09:94:0b:91:80:29:15:dd:1a:87:1b: a3:2a:57:8d:ef:7e:ff:fd:e9:66:31:c7:d7:58:45: d3:04:f9:ed:3a:7a:33:03:68:73:aa:a5:1b:1d:d2: 71:40:08:33:46:73:b2:56:6c:02:4e:93:35:6e:17: 39:37:a4:c0:cd:78:57:d1:c5:f1:ae:b2:c7:5b:9f: 1e:0f:f2:c3:c4:0d:6a:c4:bf:9e:fb:ed:68:a9:ba: 42:85:71:ec:83:3b:5e:dd:ca:9b:a1:a5:c4:ae:03: 0e:25:92:11:ed:4c:5c:e5:4c:11:ca:69:68:9f:99: 54:25:8b:a2:cd:e9:54:65:a8:03:73:c3:e3:2d:7d: 6e:40:7a:35:e9:c2:93:c1:7f:36:6d:12:f0:28:6a: 97:1b:36:97:41:bc:7b:24:b4:f1:6b:ef:41:94:19: 7c:a8:3e:e5:d2:12:da:96:24:d5:50:45:bb:35:48: 70:66:20:fa:d0:b8:71:79:d7:ba:2a:0b:09:17:96: 70:73:8b:66:a3:ce:ab:b6:71:58:3c:96:3d:75:4a: b5:bd:eb:8f:d7:0d:1b:22:41:6f:49:5f:4d:96:09: 84:16:2f:e4:00:c2:cf:4c:59:b3:3e:8c:a9:9c:92: a6:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:E3:48:8A:59:71:35:89:19:E4:CB:FD:8D:11:65:97:E2:72:D7:83 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cb72aad8-7ed7-4ae9-9686-3f71e3f49e01.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:c000::/40 Signature Algorithm: sha256WithRSAEncryption 63:1a:7a:ef:c3:5d:93:1f:3f:59:05:5e:ac:83:b1:bf:78:0e: 7e:25:ce:51:a0:70:57:30:85:92:80:aa:13:21:ca:ab:a9:81: d4:e0:af:f2:3a:b8:cc:d8:b2:3c:7c:52:d1:a4:c6:88:c6:12: 58:e3:0a:e0:68:bd:c6:90:8a:ad:e2:0e:96:4c:3a:cd:ad:f8: cf:c2:c8:63:a4:71:bd:c8:b8:a7:b0:ba:65:bc:1b:ca:36:82: e8:49:44:74:6f:f1:cd:54:29:7d:d5:4d:ff:e1:98:5e:f8:04: 3a:0a:01:32:e7:ac:51:1d:57:88:16:24:33:47:57:a8:23:67: e5:04:34:8c:77:73:c3:3a:0f:ff:e3:e9:a6:37:24:ed:6f:2d: 14:6f:a1:6d:5a:50:b4:b5:d0:6c:41:3e:bb:00:9d:0c:42:6a: 37:cb:b7:80:59:80:2c:8b:42:d9:1b:d4:e0:5f:64:69:a6:90: 39:82:9b:9f:7e:0f:c7:d9:08:09:b9:dd:da:e3:57:33:04:23: 2f:cd:e0:c2:99:79:f7:36:73:41:e1:3a:60:86:e5:0b:5a:0e: c4:0d:45:de:5b:f3:8a:01:4c:00:49:a7:58:80:03:be:6e:21: 1e:93:f4:9a:05:6c:f7:26:0b:e3:5c:d7:f1:8f:ed:d8:87:a0: 87:d8:22:e6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWt1ByawyVYHJOETJJJOmac5XLbwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMzAwMDAwMFoX DTI0MTIyODIzNTk1OVowejFJMEcGA1UEBRNAYjgxMzgxMmM3OTU3YzM4N2QxM2Y2 OTgyNmM0YzNlNzA0ODgyZGNhZTFhYTBhMWUwMzBmZjE5ZWI3MTY2ODJmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+18hf1TBAfCXjD/TlGAiGxdCZQL kYApFd0ahxujKleN737//elmMcfXWEXTBPntOnozA2hzqqUbHdJxQAgzRnOyVmwC TpM1bhc5N6TAzXhX0cXxrrLHW58eD/LDxA1qxL+e++1oqbpChXHsgzte3cqboaXE rgMOJZIR7Uxc5UwRymlon5lUJYuizelUZagDc8PjLX1uQHo16cKTwX82bRLwKGqX GzaXQbx7JLTxa+9BlBl8qD7l0hLaliTVUEW7NUhwZiD60Lhxede6KgsJF5Zwc4tm o86rtnFYPJY9dUq1veuP1w0bIkFvSV9NlgmEFi/kAMLPTFmzPoypnJKmxQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGXjSIpZcTWJGeTL/Y0RZZficteDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NiNzJhYWQ4LTdlZDctNGFlOS05Njg2LTNmNzFlM2Y0OWUwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9sAwDQYJKoZIhvcNAQELBQADggEBAGMaeu/DXZMfP1kFXqyD sb94Dn4lzlGgcFcwhZKAqhMhyqupgdTgr/I6uMzYsjx8UtGkxojGEljjCuBovcaQ iq3iDpZMOs2t+M/CyGOkcb3IuKewumW8G8o2guhJRHRv8c1UKX3VTf/hmF74BDoK ATLnrFEdV4gWJDNHV6gjZ+UENIx3c8M6D//j6aY3JO1vLRRvoW1aULS10GxBPrsA nQxCajfLt4BZgCyLQtkb1OBfZGmmkDmCm59+D8fZCAm53drjVzMEIy/N4MKZefc2 c0HhOmCG5QtaDsQNRd5b84oBTABJp1iAA75uIR6T9JoFbPcmC+Nc1/GP7diHoIfY IuY= -----END CERTIFICATE-----Generated at Mon Nov 25 02:46:12 2024 by rpki-client on console-ams.rpki-client.org