$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa File: d07df133-27a9-413c-9804-adb048f407f3.roa (raw, json) Hash identifier: kP9YrhIo7KUMh64DVEGp+1A4kphUsTAUUV9vX+dkxtc= Subject key identifier: 13:52:EE:01:70:7F:93:29:DE:AC:8F:E3:1C:50:66:A8:20:D1:7A:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 51110EF259FFA90D872830EA11CF7C715BE66FD1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:11:0e:f2:59:ff:a9:0d:87:28:30:ea:11:cf:7c:71:5b:e6:6f:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=d2cba11662c446f5d2fce748c2aaa8632534a7217088e5dcd062eb2c6612d564, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:75:27:c2:02:4f:f7:b9:52:37:89:7c:be:d0: 55:8b:9b:38:66:2b:4b:52:fb:e8:50:99:57:7d:87: 99:3f:0f:da:2c:67:00:dd:af:22:4b:0f:78:8c:dd: 05:69:85:11:8f:3b:75:3e:4a:b8:04:e7:f1:47:e0: 25:95:8f:3a:5c:ad:07:2b:28:92:7e:e7:9e:a6:f9: ba:99:88:e4:ce:92:c7:4b:37:9d:ba:91:b4:04:1f: 3d:58:c8:3b:ff:7a:d5:b9:4f:a5:fe:0b:66:ed:d1: 06:26:67:d2:b8:55:b2:75:d5:d6:52:58:24:1e:ee: dd:13:aa:0b:68:13:8e:74:e8:8d:9d:82:cb:12:21: 4a:01:12:05:f5:26:3d:ab:70:60:23:ca:95:e1:dc: 8f:ca:91:5b:fc:df:6b:00:9a:f6:13:89:c1:c4:54: 64:94:ee:a1:93:fc:7e:38:d0:11:4b:56:00:ed:d4: 20:55:6b:73:0d:1f:56:f3:ae:4b:6e:e4:46:e5:6a: 42:cd:c7:e7:9c:44:91:1e:a4:60:f4:92:04:10:5c: 04:59:41:79:da:d3:2c:4e:e3:60:5b:4e:7e:8e:a0: 2f:54:14:b4:77:d9:4a:4b:c8:5d:81:84:da:62:45: 24:48:df:f8:d8:09:7f:04:8d:67:a5:63:4a:f5:5c: 59:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:52:EE:01:70:7F:93:29:DE:AC:8F:E3:1C:50:66:A8:20:D1:7A:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:2800::/40 Signature Algorithm: sha256WithRSAEncryption 7c:6b:16:b0:e3:84:c5:85:b4:b7:81:02:5c:05:a5:8f:69:bf: e2:cf:5c:bf:d3:0e:3c:cf:af:1e:3c:1f:ac:7e:c3:19:20:f9: 06:a4:c4:c2:f7:c2:73:c5:34:03:e7:4e:40:c3:53:c2:40:3f: 87:e5:ba:39:74:8c:8f:00:c9:aa:41:38:9c:e0:b1:61:8e:82: c1:f9:4a:5f:7d:54:f5:0c:f8:5f:ab:6f:5c:66:f0:21:1c:07: 14:f5:f6:75:3c:6e:57:ed:bb:26:78:e0:c9:5f:55:8b:9d:8a: 3e:50:ed:ae:a9:0b:21:4e:0e:a2:72:7f:21:44:cb:06:16:08: e1:97:6b:78:a5:64:db:52:14:87:fb:96:fc:2b:55:9f:f6:c1: 21:f6:57:61:9d:43:a1:db:17:a1:38:b7:ad:f3:1d:be:e0:6e: 46:b8:57:73:24:aa:ab:d3:3d:7f:c2:2f:bc:fe:a0:27:0d:12: 61:43:9c:35:4f:75:78:5b:35:7c:1b:ba:5b:7b:f7:40:43:9c: 73:81:35:ee:48:16:ee:26:e7:78:ce:9a:d8:48:50:38:c7:71: 7a:e2:38:b7:75:b0:74:71:6b:8d:a3:b7:94:7e:05:73:86:f6: 34:26:44:73:da:c6:5e:1e:ab:70:b1:2b:43:56:bb:36:25:f9: af:5b:c3:69 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUREO8ln/qQ2HKDDqEc98cVvmb9EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNAZDJjYmExMTY2MmM0NDZmNWQyZmNl NzQ4YzJhYWE4NjMyNTM0YTcyMTcwODhlNWRjZDA2MmViMmM2NjEyZDU2NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XUnwgJP97lSN4l8vtBVi5s4ZitL UvvoUJlXfYeZPw/aLGcA3a8iSw94jN0FaYURjzt1Pkq4BOfxR+AllY86XK0HKyiS fueepvm6mYjkzpLHSzedupG0BB89WMg7/3rVuU+l/gtm7dEGJmfSuFWyddXWUlgk Hu7dE6oLaBOOdOiNnYLLEiFKARIF9SY9q3BgI8qV4dyPypFb/N9rAJr2E4nBxFRk lO6hk/x+ONARS1YA7dQgVWtzDR9W865LbuRG5WpCzcfnnESRHqRg9JIEEFwEWUF5 2tMsTuNgW05+jqAvVBS0d9lKS8hdgYTaYkUkSN/42Al/BI1npWNK9VxZPQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBNS7gFwf5Mp3qyP4xxQZqgg0XoYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QwN2RmMTMzLTI3YTktNDEzYy05ODA0LWFkYjA0OGY0MDdmMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoCgwDQYJKoZIhvcNAQELBQADggEBAHxrFrDjhMWFtLeBAlwF pY9pv+LPXL/TDjzPrx48H6x+wxkg+QakxML3wnPFNAPnTkDDU8JAP4flujl0jI8A yapBOJzgsWGOgsH5Sl99VPUM+F+rb1xm8CEcBxT19nU8blftuyZ44MlfVYudij5Q 7a6pCyFODqJyfyFEywYWCOGXa3ilZNtSFIf7lvwrVZ/2wSH2V2GdQ6HbF6E4t63z Hb7gbka4V3MkqqvTPX/CL7z+oCcNEmFDnDVPdXhbNXwbult790BDnHOBNe5IFu4m 53jOmthIUDjHcXriOLd1sHRxa42jt5R+BXOG9jQmRHPaxl4eq3CxK0NWuzYl+a9b w2k= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:35 2024 by rpki-client on console-fra.rpki-client.org