$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d4f84930-308c-4801-a06d-2566101f31dd.roa File: d4f84930-308c-4801-a06d-2566101f31dd.roa (raw, json) Hash identifier: S9Ppg9oM7dYYa5H3yeT7TWKfKHbfAUIcZ5UbN3m2fww= Subject key identifier: 05:72:65:C2:B9:05:B4:C3:65:AA:9E:A8:42:D1:84:72:14:A8:74:47 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 46EAE8A14C169E005EB8EC720C4DCAD2E6A8F18D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d4f84930-308c-4801-a06d-2566101f31dd.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:ea:e8:a1:4c:16:9e:00:5e:b8:ec:72:0c:4d:ca:d2:e6:a8:f1:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=ae46d85f03e2d1140821208058692d878ebcb67ef3b2e7339d231d69411b35a5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a2:e5:fc:0b:a7:f9:7a:35:37:ec:17:6c:15: 77:83:02:86:97:29:a0:f2:73:05:32:7d:c0:db:3b: da:30:ed:b7:57:b5:6c:37:10:88:be:92:e0:6b:80: 23:4d:dc:48:a0:6a:ec:77:c2:de:6b:87:2f:60:68: b9:6e:ba:61:ae:0f:bc:d7:36:59:db:0a:14:4a:58: 94:4d:99:c9:23:cb:85:43:64:e0:a1:1b:34:bd:4f: df:ac:ff:34:e6:e7:ce:df:db:80:38:17:9e:d8:e3: fb:68:a1:8e:fc:b3:c0:8f:1f:7e:3c:d7:c0:77:77: 06:31:10:f8:4d:92:b2:df:ae:cd:0c:96:87:56:64: 36:03:37:e6:c0:1d:a3:99:84:4b:ac:e6:3d:48:1e: 2c:f8:ac:a5:92:5b:4b:33:44:62:7c:3e:3f:2f:0a: 3b:0d:ab:f8:2a:33:a3:f9:fd:0b:3e:06:af:64:4c: b6:f6:20:80:70:22:a3:72:52:c9:9a:b5:bb:8f:dc: 02:fb:70:17:e2:90:6b:e5:7b:1a:30:97:9d:cc:81: c0:ce:67:15:8e:2b:77:ac:9c:55:b4:95:37:d8:53: ce:7a:7e:4e:db:02:42:b6:d4:15:43:6a:9a:75:c7: 02:3b:86:a2:d7:f4:93:7e:a9:92:34:06:78:2d:09: e7:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:72:65:C2:B9:05:B4:C3:65:AA:9E:A8:42:D1:84:72:14:A8:74:47 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d4f84930-308c-4801-a06d-2566101f31dd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:f000::/40 Signature Algorithm: sha256WithRSAEncryption 86:b6:16:a7:18:a0:18:ce:b8:db:ff:a1:5b:af:8e:c0:6e:cd: dc:c4:61:ea:4a:9c:82:dd:59:c6:31:1a:1f:ba:ad:d3:11:fc: 66:3f:6d:1f:0e:71:75:e5:64:3f:4b:d4:24:44:35:c9:8c:ac: 93:63:bc:30:cc:48:57:05:cc:ce:56:70:6d:ec:8b:28:55:10: be:ae:08:00:17:10:03:2f:d5:15:54:a9:7b:1f:50:50:8e:3b: 8a:8f:a4:b4:ec:72:d8:1f:f8:94:86:00:dc:fe:8b:89:05:9d: 5e:90:dc:06:2f:24:1c:3b:d7:13:7c:f5:d6:31:a6:e7:8c:7f: 58:9e:65:ff:45:37:6f:e1:e0:45:c5:5e:a9:ec:7f:d5:1c:11: cc:62:1f:6d:f4:28:83:a8:b2:e7:b7:c1:d2:59:06:65:50:d9: 44:3a:5a:c7:3d:13:f0:bc:55:95:6d:9c:2d:b7:a9:28:29:2b: a5:29:a8:53:01:db:a4:c8:17:97:ae:99:d1:83:fe:be:91:bd: b5:b9:ee:4b:17:be:2c:5c:ab:70:00:5b:2c:ac:ec:20:97:de: 1d:7f:b4:2a:ae:b6:6f:28:17:10:3c:60:cb:4d:63:fb:ca:f2: 92:3f:fb:09:fd:47:f0:48:1d:e5:b1:b8:21:72:61:ec:6b:78: 91:f7:83:d9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURurooUwWngBeuOxyDE3K0uao8Y0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAYWU0NmQ4NWYwM2UyZDExNDA4MjEy MDgwNTg2OTJkODc4ZWJjYjY3ZWYzYjJlNzMzOWQyMzFkNjk0MTFiMzVhNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06Ll/Aun+Xo1N+wXbBV3gwKGlymg 8nMFMn3A2zvaMO23V7VsNxCIvpLga4AjTdxIoGrsd8Lea4cvYGi5brphrg+81zZZ 2woUSliUTZnJI8uFQ2TgoRs0vU/frP805ufO39uAOBee2OP7aKGO/LPAjx9+PNfA d3cGMRD4TZKy367NDJaHVmQ2AzfmwB2jmYRLrOY9SB4s+KylkltLM0RifD4/Lwo7 Dav4KjOj+f0LPgavZEy29iCAcCKjclLJmrW7j9wC+3AX4pBr5XsaMJedzIHAzmcV jit3rJxVtJU32FPOen5O2wJCttQVQ2qadccCO4ai1/STfqmSNAZ4LQnnIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAVyZcK5BbTDZaqeqELRhHIUqHRHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q0Zjg0OTMwLTMwOGMtNDgwMS1hMDZkLTI1NjYxMDFmMzFkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+/AwDQYJKoZIhvcNAQELBQADggEBAIa2FqcYoBjOuNv/oVuv jsBuzdzEYepKnILdWcYxGh+6rdMR/GY/bR8OcXXlZD9L1CRENcmMrJNjvDDMSFcF zM5WcG3siyhVEL6uCAAXEAMv1RVUqXsfUFCOO4qPpLTsctgf+JSGANz+i4kFnV6Q 3AYvJBw71xN89dYxpueMf1ieZf9FN2/h4EXFXqnsf9UcEcxiH230KIOosue3wdJZ BmVQ2UQ6Wsc9E/C8VZVtnC23qSgpK6UpqFMB26TIF5eumdGD/r6RvbW57ksXvixc q3AAWyys7CCX3h1/tCqutm8oFxA8YMtNY/vK8pI/+wn9R/BIHeWxuCFyYexreJH3 g9k= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:37 2024 by rpki-client on console-fra.rpki-client.org