$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d95f55c3-18b5-487c-a688-cab85ad16859.roa File: d95f55c3-18b5-487c-a688-cab85ad16859.roa (raw, json) Hash identifier: MkDbGc4oyO6VOAPlNR1rUgYxzx3+zmb8gcae7Xw8FsY= Subject key identifier: A5:2B:76:82:ED:A6:40:C1:64:7B:A7:73:41:0F:FA:16:37:2B:D7:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 353598F5460C3108BB6020DF1D8799D524C44EB7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d95f55c3-18b5-487c-a688-cab85ad16859.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:35:98:f5:46:0c:31:08:bb:60:20:df:1d:87:99:d5:24:c4:4e:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=7b415cb23974219703a7269ee085c7ff311b3a9156373629f54d4ae6ca02cf85, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:b1:73:d9:2e:cb:f0:a2:91:e3:89:00:74:68: bd:21:6e:b6:65:97:a3:86:2d:6e:7e:d8:9f:08:1d: 48:0d:2f:a4:92:e0:48:81:d0:40:7e:3d:b1:cf:71: d0:45:38:65:e4:93:0b:6c:ed:18:d1:4b:8a:45:6f: 58:6a:e7:db:e6:5c:6a:82:93:ef:cd:8b:4b:a4:db: da:95:77:f7:a3:52:04:fd:78:8d:cd:1c:5a:17:05: c4:93:4c:b3:11:d4:8f:a5:9f:a0:6c:e3:79:fe:75: ea:de:32:cf:0b:b8:17:65:f4:7f:0b:f1:88:88:0c: 1d:a1:3b:0a:4a:ad:b7:aa:ab:7e:2a:21:c4:5b:2c: 47:1f:4f:d1:c0:27:e0:69:31:8d:9c:02:46:f8:97: 7f:b9:cb:67:bd:33:89:14:05:a7:97:72:8c:95:67: 72:09:6e:2c:e0:b9:31:5b:49:35:ba:92:c5:4e:24: 6e:d7:e4:68:eb:4d:73:72:d4:e9:50:0b:90:b6:93: e6:ec:cd:e4:87:3d:13:8f:db:51:c7:36:d1:1b:4c: 79:2e:ec:97:bc:8a:ad:2e:4e:75:2a:24:c6:0e:6d: a7:21:19:1f:0c:c0:06:05:f0:df:51:ff:75:a4:ed: c2:a7:d3:5b:3b:35:05:26:5c:50:ba:2d:13:f6:dd: b9:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:2B:76:82:ED:A6:40:C1:64:7B:A7:73:41:0F:FA:16:37:2B:D7:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d95f55c3-18b5-487c-a688-cab85ad16859.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:1000::/40 Signature Algorithm: sha256WithRSAEncryption 10:9a:2c:70:c2:85:e2:c1:48:33:5c:72:1b:3e:7d:6a:cb:e2: b3:64:69:de:dd:04:e6:1d:da:1e:f8:e3:e5:45:45:4f:75:44: dd:65:31:ae:84:00:76:48:d3:b8:72:7f:47:c6:8c:88:d1:aa: 47:56:70:40:95:0c:c2:aa:e2:da:f6:8b:f9:72:84:d6:fa:66: fa:e8:4f:2d:45:0a:e8:0d:6b:50:ee:2b:c6:fc:5a:6f:a1:c0: 6a:9f:7d:14:2b:47:3f:2f:f4:c4:c0:92:47:dc:09:df:e9:99: a0:7c:47:c8:4f:94:33:32:6e:57:a9:65:5a:7d:cd:56:7c:64: a3:ce:7a:a9:45:28:8c:50:f5:64:d4:46:94:a7:53:c2:76:ad: 87:4a:46:14:d2:f0:08:ec:5c:ee:94:77:dd:ad:56:fe:b9:f8: e1:01:dd:3f:6b:1f:a3:f0:b2:d0:42:b9:a0:a8:28:b4:59:56: 65:60:20:64:cc:e5:f2:94:6c:90:05:6c:0d:8b:3e:3f:29:78: 52:46:9b:58:0b:fc:73:c0:f4:aa:8d:92:5c:3a:74:79:7c:27: a2:65:94:6b:7f:81:3b:8d:8a:9b:c6:b8:19:e8:ad:b6:3d:e6: ca:e1:01:93:83:19:a4:62:75:d4:a8:47:0d:de:f3:4a:b9:08: c9:bf:fc:89 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNTWY9UYMMQi7YCDfHYeZ1STETrcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAN2I0MTVjYjIzOTc0MjE5NzAzYTcy NjllZTA4NWM3ZmYzMTFiM2E5MTU2MzczNjI5ZjU0ZDRhZTZjYTAyY2Y4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rFz2S7L8KKR44kAdGi9IW62ZZej hi1uftifCB1IDS+kkuBIgdBAfj2xz3HQRThl5JMLbO0Y0UuKRW9Yaufb5lxqgpPv zYtLpNvalXf3o1IE/XiNzRxaFwXEk0yzEdSPpZ+gbON5/nXq3jLPC7gXZfR/C/GI iAwdoTsKSq23qqt+KiHEWyxHH0/RwCfgaTGNnAJG+Jd/uctnvTOJFAWnl3KMlWdy CW4s4LkxW0k1upLFTiRu1+Ro601zctTpUAuQtpPm7M3khz0Tj9tRxzbRG0x5LuyX vIqtLk51KiTGDm2nIRkfDMAGBfDfUf91pO3Cp9NbOzUFJlxQui0T9t25zQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKUrdoLtpkDBZHunc0EP+hY3K9cKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q5NWY1NWMzLTE4YjUtNDg3Yy1hNjg4LWNhYjg1YWQxNjg1OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYBAwDQYJKoZIhvcNAQELBQADggEBABCaLHDCheLBSDNcchs+ fWrL4rNkad7dBOYd2h744+VFRU91RN1lMa6EAHZI07hyf0fGjIjRqkdWcECVDMKq 4tr2i/lyhNb6ZvroTy1FCugNa1DuK8b8Wm+hwGqffRQrRz8v9MTAkkfcCd/pmaB8 R8hPlDMyblepZVp9zVZ8ZKPOeqlFKIxQ9WTURpSnU8J2rYdKRhTS8AjsXO6Ud92t Vv65+OEB3T9rH6PwstBCuaCoKLRZVmVgIGTM5fKUbJAFbA2LPj8peFJGm1gL/HPA 9KqNklw6dHl8J6JllGt/gTuNipvGuBnorbY95srhAZODGaRiddSoRw3e80q5CMm/ /Ik= -----END CERTIFICATE-----Generated at Mon Nov 25 02:46:12 2024 by rpki-client on console-ams.rpki-client.org