$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa File: e0fbaecf-3318-488e-80aa-57f0a5202e27.roa (raw, json) Hash identifier: kZ+7d6SB2YBtfl0ui/5V9K9gAC91EqOfcLrrvbb5AS8= Subject key identifier: E3:0F:4C:EB:BA:4F:D2:B7:47:7C:E6:F3:BA:7C:CA:79:84:62:23:FE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 192F0E827EF39140B0C32806680988CE08D6D7E1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa Signing time: Fri 04 Oct 2024 00:00:00 +0000 ROA not before: Fri 04 Oct 2024 00:00:00 +0000 ROA not after: Fri 08 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:2f:0e:82:7e:f3:91:40:b0:c3:28:06:68:09:88:ce:08:d6:d7:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 4 00:00:00 2024 GMT Not After : Nov 8 23:59:59 2024 GMT Subject: serialNumber=752eab67aaf4564d100052f50b7fac7e342589a779306a9b57f15c448d1f2b25, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:bc:5d:01:d4:35:b9:47:02:15:98:44:22:4b: a4:cb:42:48:33:22:1b:74:24:70:47:77:0b:eb:9d: 59:18:04:8f:e9:66:c9:eb:7a:5e:73:ca:27:57:76: fb:83:df:6b:cb:a4:f3:a0:d8:5b:c5:c9:b2:f5:ed: 86:7d:ce:a7:19:29:ab:39:62:a1:a3:44:39:d4:cd: 07:6f:a8:9c:93:53:17:00:72:ff:cb:47:25:c8:1b: 43:2f:7d:04:b9:1e:96:ec:d8:b8:65:23:63:da:2c: 81:1a:07:ec:bf:01:2f:eb:6b:d9:8a:e4:94:20:dd: 65:25:38:84:00:7c:d4:c6:fb:a2:28:18:38:df:6c: 8f:8a:61:8b:bf:13:87:b0:dd:d8:0d:9a:5f:b6:65: da:5f:22:25:ab:e4:ca:25:25:fc:73:f2:3a:1f:56: 49:e0:ad:f6:0d:0c:71:19:8e:df:37:e2:f1:61:51: 44:26:35:89:4f:4b:ec:bf:ef:99:08:12:b7:7c:50: 93:c4:a4:95:74:20:98:4b:9e:e8:19:3c:34:ba:45: d7:e8:5d:78:c6:32:f7:c2:d1:48:1e:9d:9b:5c:fe: f7:de:c1:2c:bc:4a:e9:44:da:79:4f:4f:27:56:79: cb:84:dd:7a:1d:cd:e5:2e:2f:5a:da:29:a2:9d:b9: 31:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:0F:4C:EB:BA:4F:D2:B7:47:7C:E6:F3:BA:7C:CA:79:84:62:23:FE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:8000::/40 Signature Algorithm: sha256WithRSAEncryption 48:1d:03:7d:5c:37:74:89:7f:75:1d:c8:61:16:3a:9f:f6:4a: 3b:89:9f:5c:13:dc:35:90:6b:94:eb:49:1d:d6:3d:b1:2a:2c: d6:50:e9:63:7b:fc:da:2d:13:04:10:38:97:a6:37:e8:c1:cc: b7:71:57:0b:70:5a:96:fe:1a:98:83:35:94:77:a5:5a:be:36: 97:6b:9e:cb:83:54:38:cf:6f:90:1f:54:ed:fa:c9:8a:3d:0f: 58:5e:6e:9c:ef:ee:4c:d6:7d:d7:00:9c:90:a5:72:54:61:41: 1b:c8:5f:87:1b:d7:02:61:29:8d:ab:56:cc:fb:7a:cd:8e:fc: 61:8e:61:fb:01:c2:8c:ec:09:14:0f:6c:2c:6a:b6:f0:90:1a: 0c:0e:97:32:de:16:71:27:00:8d:1e:c7:6f:86:00:45:49:32: 01:0c:e7:20:9c:73:92:18:7a:54:fe:bd:9d:61:87:90:b7:0f: 82:31:3c:37:a9:f2:50:02:ab:fe:65:0a:8e:19:d8:8a:e6:00: 50:36:df:b4:98:ef:5f:72:5b:2a:a4:80:ba:a9:c5:e3:94:3e: 1a:1e:06:da:3e:a6:ab:9d:a5:e4:36:40:da:b1:72:f3:59:aa: b8:84:df:a0:98:ab:36:01:7f:a4:ee:e2:43:1f:90:26:60:2d: 78:6d:09:9e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGS8Ogn7zkUCwwygGaAmIzgjW1+EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwNDAwMDAwMFoX DTI0MTEwODIzNTk1OVowejFJMEcGA1UEBRNANzUyZWFiNjdhYWY0NTY0ZDEwMDA1 MmY1MGI3ZmFjN2UzNDI1ODlhNzc5MzA2YTliNTdmMTVjNDQ4ZDFmMmIyNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LxdAdQ1uUcCFZhEIkuky0JIMyIb dCRwR3cL651ZGASP6WbJ63pec8onV3b7g99ry6TzoNhbxcmy9e2Gfc6nGSmrOWKh o0Q51M0Hb6ick1MXAHL/y0clyBtDL30EuR6W7Ni4ZSNj2iyBGgfsvwEv62vZiuSU IN1lJTiEAHzUxvuiKBg432yPimGLvxOHsN3YDZpftmXaXyIlq+TKJSX8c/I6H1ZJ 4K32DQxxGY7fN+LxYVFEJjWJT0vsv++ZCBK3fFCTxKSVdCCYS57oGTw0ukXX6F14 xjL3wtFIHp2bXP733sEsvErpRNp5T08nVnnLhN16Hc3lLi9a2iminbkxgQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOMPTOu6T9K3R3zm87p8ynmEYiP+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwZmJhZWNmLTMzMTgtNDg4ZS04MGFhLTU3ZjBhNTIwMmUyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAIAwDQYJKoZIhvcNAQELBQADggEBAEgdA31cN3SJf3UdyGEW Op/2SjuJn1wT3DWQa5TrSR3WPbEqLNZQ6WN7/NotEwQQOJemN+jBzLdxVwtwWpb+ GpiDNZR3pVq+NpdrnsuDVDjPb5AfVO36yYo9D1hebpzv7kzWfdcAnJClclRhQRvI X4cb1wJhKY2rVsz7es2O/GGOYfsBwozsCRQPbCxqtvCQGgwOlzLeFnEnAI0ex2+G AEVJMgEM5yCcc5IYelT+vZ1hh5C3D4IxPDep8lACq/5lCo4Z2IrmAFA237SY719y WyqkgLqpxeOUPhoeBto+pqudpeQ2QNqxcvNZqriE36CYqzYBf6Tu4kMfkCZgLXht CZ4= -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:35 2024 by rpki-client on console-fra.rpki-client.org