$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ceffd188-c03a-4d40-bc0f-a2289b6b4b40.roa File: ceffd188-c03a-4d40-bc0f-a2289b6b4b40.roa (raw, json) Hash identifier: FJLyWawJjmOasXhzT4+WcLnHvuYTKwalnKAj+9Zh5us= Subject key identifier: D2:11:A8:6E:D0:BB:64:5B:9C:01:78:8B:C7:74:AA:2E:3B:5E:89:52 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43EEBA15FC30AAF1FB016B1516442B7C9A804824 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ceffd188-c03a-4d40-bc0f-a2289b6b4b40.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:ee:ba:15:fc:30:aa:f1:fb:01:6b:15:16:44:2b:7c:9a:80:48:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=b8d39f1a72b7fcba49f7625edee1d719fbf1f2d11baaf0fb5df8baa4ad626cf0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:48:52:a0:bf:19:1f:f5:72:06:bf:7d:97:d5: 71:87:1f:bd:fe:54:f9:c3:99:6e:c4:d7:e4:b7:41: 59:6a:aa:75:8a:80:43:df:39:af:0d:2f:9c:8d:52: 09:2b:33:fd:92:2c:f4:43:c1:f8:76:89:f6:35:bc: 7a:f0:dc:b2:4c:ec:d3:96:eb:70:62:e1:d0:45:9d: de:bc:37:25:b9:00:a8:d5:f8:2a:e0:5b:1a:74:07: 0d:ef:f7:c7:16:4c:4e:c4:07:c7:5e:9b:3a:04:e0: e5:33:8f:0d:32:b2:df:64:3b:78:2e:c4:cb:9d:95: 23:73:6e:51:5a:ee:f7:f3:87:1f:48:ce:77:42:0b: b6:35:2b:44:e0:7c:16:cd:7d:63:a5:75:fe:67:46: 6d:1f:72:07:06:bb:b4:e2:17:9d:7b:04:1e:93:23: bd:87:38:f1:d0:53:55:62:53:51:69:68:c8:8d:d1: a5:ff:13:31:7a:11:1a:2e:4f:84:e4:2a:9e:da:d7: ab:99:ac:db:0d:d1:18:03:1d:e9:f9:24:ce:53:23: 23:f3:6c:93:0e:a1:a3:73:cd:33:a0:c5:2a:c5:74: 08:7c:66:35:21:73:21:3c:a5:cd:0a:55:2a:19:65: ca:5d:1c:5a:ae:ce:21:97:d1:8e:ea:fb:72:91:c3: c6:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:11:A8:6E:D0:BB:64:5B:9C:01:78:8B:C7:74:AA:2E:3B:5E:89:52 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ceffd188-c03a-4d40-bc0f-a2289b6b4b40.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:1000::/40 Signature Algorithm: sha256WithRSAEncryption 71:8c:9d:4c:19:0b:3e:65:df:7c:e6:5e:b4:27:de:98:65:93: 2b:54:c6:2f:ca:46:f8:ce:fd:29:a7:d2:ad:a3:22:f4:01:64: 09:ec:e0:dc:33:78:4b:14:9e:34:ff:2d:81:79:97:4c:50:14: be:07:54:69:85:28:5e:b6:30:17:21:c7:93:18:3b:fc:1f:a8: 96:18:9b:a4:4d:b7:3f:5c:57:40:d2:60:fc:5e:52:d8:0f:d1: fb:a0:ca:bd:03:43:63:d0:eb:8a:d0:4f:41:1b:7a:1e:83:8a: 6e:8c:21:2b:0a:67:dd:e7:25:51:8a:29:4f:34:84:d3:8c:93: 65:c2:d4:cc:f7:12:fb:3a:33:52:54:5b:83:3a:33:62:50:41: 18:e5:76:23:a3:a5:60:1a:29:37:5a:e7:9d:fc:27:eb:64:c1: d9:14:96:74:1a:7c:c5:1a:9b:15:b3:22:85:ff:ba:a6:8e:a1: 79:b8:58:57:52:35:84:a1:b7:df:0f:d0:ce:1a:65:1a:cb:82: e1:9f:92:e7:71:bd:8d:0f:4d:7f:e4:21:eb:3d:ba:fe:a6:0d: 59:71:74:c6:36:53:71:ca:30:73:bd:64:d8:f3:ca:14:0a:0c: 61:d7:47:8d:6d:9f:e0:66:36:c9:6e:da:f7:0b:16:54:80:d4: 6d:21:c2:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ+66FfwwqvH7AWsVFkQrfJqASCQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAYjhkMzlmMWE3MmI3ZmNiYTQ5Zjc2 MjVlZGVlMWQ3MTlmYmYxZjJkMTFiYWFmMGZiNWRmOGJhYTRhZDYyNmNmMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UhSoL8ZH/VyBr99l9Vxhx+9/lT5 w5luxNfkt0FZaqp1ioBD3zmvDS+cjVIJKzP9kiz0Q8H4don2Nbx68NyyTOzTlutw YuHQRZ3evDcluQCo1fgq4FsadAcN7/fHFkxOxAfHXps6BODlM48NMrLfZDt4LsTL nZUjc25RWu7384cfSM53Qgu2NStE4HwWzX1jpXX+Z0ZtH3IHBru04hedewQekyO9 hzjx0FNVYlNRaWjIjdGl/xMxehEaLk+E5Cqe2termazbDdEYAx3p+STOUyMj82yT DqGjc80zoMUqxXQIfGY1IXMhPKXNClUqGWXKXRxars4hl9GO6vtykcPGPwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNIRqG7Qu2RbnAF4i8d0qi47XolSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NlZmZkMTg4LWMwM2EtNGQ0MC1iYzBmLWEyMjg5YjZiNGI0MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+xAwDQYJKoZIhvcNAQELBQADggEBAHGMnUwZCz5l33zmXrQn 3phlkytUxi/KRvjO/Smn0q2jIvQBZAns4NwzeEsUnjT/LYF5l0xQFL4HVGmFKF62 MBchx5MYO/wfqJYYm6RNtz9cV0DSYPxeUtgP0fugyr0DQ2PQ64rQT0Ebeh6Dim6M ISsKZ93nJVGKKU80hNOMk2XC1Mz3Evs6M1JUW4M6M2JQQRjldiOjpWAaKTda5538 J+tkwdkUlnQafMUamxWzIoX/uqaOoXm4WFdSNYSht98P0M4aZRrLguGfkudxvY0P TX/kIes9uv6mDVlxdMY2U3HKMHO9ZNjzyhQKDGHXR41tn+BmNslu2vcLFlSA1G0h wsI= -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:17 2024 by rpki-client on console-fra.rpki-client.org