$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d316ba41-8df7-40d0-9c34-98e2360a1ef3.roa File: d316ba41-8df7-40d0-9c34-98e2360a1ef3.roa (raw, json) Hash identifier: B0h9FspLtVKqDOHvkqQIYXFefN11QtYthskpHJg2aWI= Subject key identifier: E1:64:8C:9C:1B:71:44:8F:30:C2:5D:60:EE:AC:9E:5D:AD:BA:36:E5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3CB100B8770FE430630C037BCB0B6948C068CEEE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d316ba41-8df7-40d0-9c34-98e2360a1ef3.roa Signing time: Wed 16 Oct 2024 00:00:00 +0000 ROA not before: Wed 16 Oct 2024 00:00:00 +0000 ROA not after: Wed 20 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:b1:00:b8:77:0f:e4:30:63:0c:03:7b:cb:0b:69:48:c0:68:ce:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 16 00:00:00 2024 GMT Not After : Nov 20 23:59:59 2024 GMT Subject: serialNumber=a72800345762ea58d0838f8d95e657a8ecaf3e8f25da84e5c980e7fcacdf6d72, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:75:a2:bb:3b:d6:8e:5c:9a:0c:a5:89:89:0b: 9b:ac:21:77:96:88:aa:20:52:79:75:70:b1:cc:f0: 8e:87:51:6f:81:db:d1:bd:2b:26:1c:20:fc:bd:20: e1:a9:db:29:45:c8:f4:3c:96:55:e9:17:45:5b:ac: 07:03:85:ee:fc:2e:b8:2f:43:9b:2e:7b:9f:a7:01: 22:ba:9b:04:ae:83:5a:1e:9f:2b:24:43:b4:54:1f: f4:ef:e7:b5:bb:fb:98:49:f9:92:77:4e:b9:63:33: 83:89:ad:8a:ca:07:be:92:0e:ce:d3:f1:90:39:52: eb:80:24:4d:0d:6f:13:8a:ee:63:9b:ab:99:6a:c7: 47:a5:b6:6e:cd:f3:7b:11:07:47:08:ee:76:9f:41: 48:5b:e8:06:3a:c6:f3:8b:39:71:b5:a0:2e:a0:4e: 80:74:db:fa:56:e6:7b:2f:0f:77:b6:e8:48:a4:af: 7b:52:61:60:b1:a0:1e:6a:4b:49:1f:4a:3c:17:3a: b5:b5:ab:5a:e6:ad:91:f2:f5:b9:fd:66:62:28:1a: f7:6a:d3:00:a9:25:65:1b:6b:98:8f:0f:07:d5:1f: bd:89:99:ac:0f:9f:e7:c5:1f:ba:fb:56:23:48:ae: bd:14:ad:92:fc:59:c8:3d:c7:36:7c:d0:6e:51:84: 92:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:64:8C:9C:1B:71:44:8F:30:C2:5D:60:EE:AC:9E:5D:AD:BA:36:E5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d316ba41-8df7-40d0-9c34-98e2360a1ef3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:8800::/40 Signature Algorithm: sha256WithRSAEncryption 68:da:fa:6f:78:82:1e:e7:12:69:52:8f:60:bf:85:71:02:69: a0:b9:57:ce:9c:0a:a7:31:3f:b9:eb:47:90:cc:95:80:84:df: ea:e8:98:b8:f1:8f:8b:5b:b5:6c:20:8a:db:a6:d9:02:b4:4b: c4:a9:3c:23:6d:3e:41:5f:5f:7a:76:c9:7f:42:ac:8e:43:a5: bc:0e:81:11:38:a4:33:30:09:33:96:56:3e:15:2a:62:85:85: 15:5e:0a:4b:e2:4c:e3:e8:ee:27:05:65:45:c4:6a:de:12:25: 1a:af:06:f0:80:eb:76:c7:3f:8c:b7:46:e3:60:d4:71:bd:1a: 3b:cb:d9:a2:da:dc:0b:63:b6:57:c4:92:1a:5d:a3:62:9e:a0: 6d:bd:3b:8a:06:8a:a7:59:12:8b:2a:e3:9c:50:12:d6:e7:8b: 1b:ca:2d:f3:0b:f6:bc:c0:22:bd:d4:01:12:e4:e4:de:ac:81: 92:f2:e9:b7:5f:ec:e3:3c:4a:2f:ac:33:1b:4b:37:f5:fa:a6: df:f1:5f:a8:f8:65:a9:b6:14:83:48:ae:63:c3:28:5f:f7:90: 8a:c4:22:f4:7b:c0:04:74:17:e8:40:00:7c:a0:d6:61:de:16: fe:ff:a0:98:cb:63:28:8f:ef:b5:bb:c3:25:f8:6e:1a:ce:d0: 9e:d2:10:78 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPLEAuHcP5DBjDAN7ywtpSMBozu4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAxNjAwMDAwMFoX DTI0MTEyMDIzNTk1OVowejFJMEcGA1UEBRNAYTcyODAwMzQ1NzYyZWE1OGQwODM4 ZjhkOTVlNjU3YThlY2FmM2U4ZjI1ZGE4NGU1Yzk4MGU3ZmNhY2RmNmQ3MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03WiuzvWjlyaDKWJiQubrCF3loiq IFJ5dXCxzPCOh1FvgdvRvSsmHCD8vSDhqdspRcj0PJZV6RdFW6wHA4Xu/C64L0Ob LnufpwEiupsEroNaHp8rJEO0VB/07+e1u/uYSfmSd065YzODia2Kyge+kg7O0/GQ OVLrgCRNDW8Tiu5jm6uZasdHpbZuzfN7EQdHCO52n0FIW+gGOsbzizlxtaAuoE6A dNv6VuZ7Lw93tuhIpK97UmFgsaAeaktJH0o8Fzq1tata5q2R8vW5/WZiKBr3atMA qSVlG2uYjw8H1R+9iZmsD5/nxR+6+1YjSK69FK2S/FnIPcc2fNBuUYSSfwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOFkjJwbcUSPMMJdYO6snl2tujblMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QzMTZiYTQxLThkZjctNDBkMC05YzM0LTk4ZTIzNjBhMWVmMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/IgwDQYJKoZIhvcNAQELBQADggEBAGja+m94gh7nEmlSj2C/ hXECaaC5V86cCqcxP7nrR5DMlYCE3+romLjxj4tbtWwgitum2QK0S8SpPCNtPkFf X3p2yX9CrI5DpbwOgRE4pDMwCTOWVj4VKmKFhRVeCkviTOPo7icFZUXEat4SJRqv BvCA63bHP4y3RuNg1HG9GjvL2aLa3AtjtlfEkhpdo2KeoG29O4oGiqdZEosq45xQ EtbnixvKLfML9rzAIr3UARLk5N6sgZLy6bdf7OM8Si+sMxtLN/X6pt/xX6j4Zam2 FINIrmPDKF/3kIrEIvR7wAR0F+hAAHyg1mHeFv7/oJjLYyiP77W7wyX4bhrO0J7S EHg= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:35 2024 by rpki-client on console-fra.rpki-client.org