$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d95f55c3-18b5-487c-a688-cab85ad16859.roa File: d95f55c3-18b5-487c-a688-cab85ad16859.roa (raw, json) Hash identifier: XzLpPqd6CN/j1V2LbvilL3NwMaeGCNj7y16b/7U/Y18= Subject key identifier: 6A:48:9C:31:85:1B:F1:4D:89:77:E1:AC:7D:A9:BF:84:40:E0:4D:64 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 72045E3D27ED3225610A781395E6D82A0A83D9AA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d95f55c3-18b5-487c-a688-cab85ad16859.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:04:5e:3d:27:ed:32:25:61:0a:78:13:95:e6:d8:2a:0a:83:d9:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=5b06737e539a37d721135c669a7c10002d1b2a4c149293142be6e60f0b8d6fb8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a5:5b:e5:a8:58:27:5a:9f:3e:c2:32:e9:2a: 2b:4f:7a:75:ae:20:c2:e6:e9:02:f2:03:ee:d0:52: c2:6b:89:96:82:3d:c5:44:9b:15:9d:2c:ec:02:f6: 47:b0:22:97:ed:31:62:1a:7a:4f:a4:bb:78:a1:b6: b3:c1:5d:13:ad:9f:0a:d6:b2:fb:45:c0:de:2d:6b: d1:d7:cb:b9:95:5c:8b:9e:b3:8f:f5:4a:4a:f1:cc: 3d:e8:8c:d5:3e:63:15:92:ab:14:a5:19:ec:bf:c8: 16:6b:9c:c4:2e:26:bf:ca:a2:a5:2f:60:36:06:64: ab:f9:75:01:f0:ea:10:5f:7e:9d:e3:f3:03:77:c2: 9c:83:08:5d:a1:d2:67:d9:c8:46:4c:95:36:52:ce: ea:f0:c9:fe:6c:4d:28:17:50:5b:6b:97:48:03:c2: 7e:34:f1:90:ab:eb:08:21:f7:b2:aa:4b:7c:5c:a1: a5:f3:d3:09:69:84:47:fe:0f:25:0b:ab:bd:15:3e: eb:a5:6e:a8:7a:6d:e6:6c:94:aa:de:bc:04:6b:79: 0b:a5:19:b1:9b:25:76:b5:cb:70:62:3c:ac:d9:db: 39:eb:23:ac:7f:cc:23:2c:11:a8:e5:ec:64:d0:9c: af:0c:e8:01:41:d5:15:f9:60:1e:ee:d7:73:48:44: 17:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:48:9C:31:85:1B:F1:4D:89:77:E1:AC:7D:A9:BF:84:40:E0:4D:64 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d95f55c3-18b5-487c-a688-cab85ad16859.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:1000::/40 Signature Algorithm: sha256WithRSAEncryption 87:6a:89:53:f0:5e:45:92:79:6b:25:3f:99:d8:a2:f7:f0:27: b9:dc:11:74:c1:c1:fb:c2:5a:10:dd:71:80:a8:fa:c6:30:bb: 63:a5:71:58:92:82:21:28:e7:e5:ec:62:ae:9f:65:30:5b:fb: 94:8d:d9:e5:c9:ee:40:0e:17:cb:1f:9b:e4:bc:04:61:ca:71: bd:dd:23:7b:74:a0:f4:09:03:f9:09:1f:72:60:0b:61:3b:14: b0:8c:d2:c4:3a:3f:12:4b:5a:37:06:c1:92:ee:2f:98:1e:b7: 0d:48:bb:4f:b2:65:71:f2:89:e9:0d:9d:fb:00:fa:eb:22:64: 2e:72:b3:ee:8a:21:98:72:d9:6c:fb:80:d5:bf:49:55:42:6d: 3c:e9:f4:dc:11:30:da:46:64:1e:e8:b4:ec:8d:ca:73:e7:e4: bf:3e:38:7d:e2:d4:7e:44:f4:2b:7c:68:a3:4c:3a:58:67:6e: b3:45:6b:1e:7f:18:51:ed:59:0e:75:de:8c:da:51:20:25:b3: 1f:c8:d4:14:88:4f:5e:eb:3a:e5:62:9b:86:d2:e0:40:ac:c6: 07:ad:fd:72:33:01:64:cd:b5:f5:0e:19:52:fe:4f:ae:06:6b: b7:e4:bd:0d:77:85:b9:2a:ec:cd:33:a6:fa:96:0a:4b:ee:3e: e6:33:70:87 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcgRePSftMiVhCngTlebYKgqD2aowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNANWIwNjczN2U1MzlhMzdkNzIxMTM1 YzY2OWE3YzEwMDAyZDFiMmE0YzE0OTI5MzE0MmJlNmU2MGYwYjhkNmZiODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqVb5ahYJ1qfPsIy6SorT3p1riDC 5ukC8gPu0FLCa4mWgj3FRJsVnSzsAvZHsCKX7TFiGnpPpLt4obazwV0TrZ8K1rL7 RcDeLWvR18u5lVyLnrOP9UpK8cw96IzVPmMVkqsUpRnsv8gWa5zELia/yqKlL2A2 BmSr+XUB8OoQX36d4/MDd8KcgwhdodJn2chGTJU2Us7q8Mn+bE0oF1Bba5dIA8J+ NPGQq+sIIfeyqkt8XKGl89MJaYRH/g8lC6u9FT7rpW6oem3mbJSq3rwEa3kLpRmx myV2tctwYjys2ds56yOsf8wjLBGo5exk0JyvDOgBQdUV+WAe7tdzSEQXAwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGpInDGFG/FNiXfhrH2pv4RA4E1kMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q5NWY1NWMzLTE4YjUtNDg3Yy1hNjg4LWNhYjg1YWQxNjg1OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYBAwDQYJKoZIhvcNAQELBQADggEBAIdqiVPwXkWSeWslP5nY ovfwJ7ncEXTBwfvCWhDdcYCo+sYwu2OlcViSgiEo5+XsYq6fZTBb+5SN2eXJ7kAO F8sfm+S8BGHKcb3dI3t0oPQJA/kJH3JgC2E7FLCM0sQ6PxJLWjcGwZLuL5getw1I u0+yZXHyiekNnfsA+usiZC5ys+6KIZhy2Wz7gNW/SVVCbTzp9NwRMNpGZB7otOyN ynPn5L8+OH3i1H5E9Ct8aKNMOlhnbrNFax5/GFHtWQ513ozaUSAlsx/I1BSIT17r OuVim4bS4ECsxget/XIzAWTNtfUOGVL+T64Ga7fkvQ13hbkq7M0zpvqWCkvuPuYz cIc= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:35 2024 by rpki-client on console-fra.rpki-client.org