$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d514cc94-d81f-4850-9ca1-4bd4b7a4b0dc.roa File: d514cc94-d81f-4850-9ca1-4bd4b7a4b0dc.roa (raw, json) Hash identifier: 1QSdIHUyFqCVAkMakLTTFvK0jYegtxnntfptxYg6teQ= Subject key identifier: C7:00:DB:EE:F7:22:C9:DE:01:8F:3B:2E:F9:DC:D4:AB:B8:3A:E4:D9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B52E21AA04B70553446B934830F5910645A53E3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d514cc94-d81f-4850-9ca1-4bd4b7a4b0dc.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:52:e2:1a:a0:4b:70:55:34:46:b9:34:83:0f:59:10:64:5a:53:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=a320ae206b1d34f8b5a4656c442cdd9e12848e483d703793f84da68e722b69ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:79:65:bf:64:15:99:64:da:fd:b1:a4:c4:8c: ba:7b:8c:2b:00:27:28:c2:71:e3:7e:b6:ff:05:95: a7:17:aa:cf:66:0d:5b:19:35:dc:ee:08:21:95:fd: 99:2d:12:8a:d2:21:f4:8f:5a:8a:7f:84:f3:f8:01: b3:e8:29:1c:b9:48:62:63:ff:bc:f8:1e:1c:cd:22: c3:3e:61:46:0b:dc:c6:f0:a9:91:b4:d3:a6:52:cc: fc:ad:e8:c4:3c:2a:ee:d2:ed:d1:b4:c3:c0:23:dd: 28:d2:ac:6a:cc:70:03:6b:45:f2:a2:8a:6d:87:77: d8:12:9e:09:72:ba:f0:cf:5e:71:61:97:c2:c5:43: 79:e8:32:c0:66:64:81:45:52:81:bc:4e:47:a2:22: f9:3d:3d:d8:87:d4:32:99:29:e9:9d:eb:17:49:c0: c3:42:43:e1:96:8d:ae:f8:56:67:f1:0c:a2:6e:ee: b5:ba:45:a1:40:11:dc:d4:61:c1:4b:ae:8a:5c:82: 43:d0:18:85:ba:79:e6:ac:65:ee:d1:bc:1a:61:06: 5c:37:5a:c2:03:f9:8c:6b:8a:9c:9b:d4:d2:26:c4: 87:cf:c7:00:b6:94:3a:85:29:6d:ba:e8:43:89:08: 97:37:2a:2f:73:8b:a9:8d:66:3f:89:16:78:dc:62: df:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:00:DB:EE:F7:22:C9:DE:01:8F:3B:2E:F9:DC:D4:AB:B8:3A:E4:D9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d514cc94-d81f-4850-9ca1-4bd4b7a4b0dc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:8000::/40 Signature Algorithm: sha256WithRSAEncryption 1c:35:d1:c7:f5:aa:9f:fa:a1:71:11:c8:4c:af:91:0e:c4:49: a5:d2:44:67:f2:18:5d:e8:ab:9f:06:5b:bd:8e:e1:d5:d8:2c: 7a:3a:e1:c4:fb:f4:ca:e7:73:00:20:a7:87:97:a8:46:ef:61: 0c:4e:28:49:4a:37:92:a7:05:33:02:88:0d:83:27:e2:21:c2: 35:0d:ba:43:70:10:91:3c:ee:0b:bb:1e:a8:1e:b0:54:74:f0: 25:a0:b4:25:84:3a:29:74:18:16:3a:90:be:5e:54:c5:ae:24: 6f:07:10:d0:6a:50:bd:05:22:cf:7c:dc:ab:25:af:b0:a4:0c: 5f:79:7c:69:99:fe:07:43:0b:1e:b1:bf:58:c9:a0:22:b1:72: 90:0b:68:3d:24:83:a2:8d:c0:00:12:ed:c0:cc:02:df:9e:68: dd:7e:a8:b4:92:bc:4a:c3:1e:50:bc:0b:1d:30:91:7b:5f:92: ca:97:a7:93:83:44:e1:5f:6a:8e:ab:ce:80:a0:62:78:9f:f6: 71:9c:d3:27:cc:e8:57:5b:1d:e1:91:c6:e6:65:e5:85:37:52: db:a0:d5:60:17:2f:e1:9d:75:df:9e:94:db:74:cc:7f:9f:9f: da:fb:ff:af:1d:29:d7:b8:b9:a7:43:37:87:3f:09:da:4e:03: 43:c9:e6:32 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUa1LiGqBLcFU0Rrk0gw9ZEGRaU+MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNAYTMyMGFlMjA2YjFkMzRmOGI1YTQ2 NTZjNDQyY2RkOWUxMjg0OGU0ODNkNzAzNzkzZjg0ZGE2OGU3MjJiNjlhYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunllv2QVmWTa/bGkxIy6e4wrACco wnHjfrb/BZWnF6rPZg1bGTXc7gghlf2ZLRKK0iH0j1qKf4Tz+AGz6CkcuUhiY/+8 +B4czSLDPmFGC9zG8KmRtNOmUsz8rejEPCru0u3RtMPAI90o0qxqzHADa0Xyoopt h3fYEp4Jcrrwz15xYZfCxUN56DLAZmSBRVKBvE5HoiL5PT3Yh9QymSnpnesXScDD QkPhlo2u+FZn8Qyibu61ukWhQBHc1GHBS66KXIJD0BiFunnmrGXu0bwaYQZcN1rC A/mMa4qcm9TSJsSHz8cAtpQ6hSltuuhDiQiXNyovc4upjWY/iRZ43GLfoQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMcA2+73IsneAY87Lvnc1Ku4OuTZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q1MTRjYzk0LWQ4MWYtNDg1MC05Y2ExLTRiZDRiN2E0YjBkYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+4AwDQYJKoZIhvcNAQELBQADggEBABw10cf1qp/6oXERyEyv kQ7ESaXSRGfyGF3oq58GW72O4dXYLHo64cT79MrncwAgp4eXqEbvYQxOKElKN5Kn BTMCiA2DJ+IhwjUNukNwEJE87gu7HqgesFR08CWgtCWEOil0GBY6kL5eVMWuJG8H ENBqUL0FIs983Kslr7CkDF95fGmZ/gdDCx6xv1jJoCKxcpALaD0kg6KNwAAS7cDM At+eaN1+qLSSvErDHlC8Cx0wkXtfksqXp5ODROFfao6rzoCgYnif9nGc0yfM6Fdb HeGRxuZl5YU3Utug1WAXL+Gddd+elNt0zH+fn9r7/68dKde4uadDN4c/CdpOA0PJ 5jI= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:35 2024 by rpki-client on console-fra.rpki-client.org