$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa File: e1567509-f31d-4739-a7a6-ed24530c598b.roa (raw, json) Hash identifier: foa7vVoWyf+ntzNRduiFYWJuDfUCQsx3PWQc6AzNnZc= Subject key identifier: B8:FC:36:76:42:86:31:98:E4:B5:F9:EA:46:42:D1:88:E0:44:27:6B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7251D3854E983D5FFD7C13D1A1B2D466EA94A833 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa Signing time: Tue 12 Nov 2024 00:00:00 +0000 ROA not before: Tue 12 Nov 2024 00:00:00 +0000 ROA not after: Tue 17 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:51:d3:85:4e:98:3d:5f:fd:7c:13:d1:a1:b2:d4:66:ea:94:a8:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 12 00:00:00 2024 GMT Not After : Dec 17 23:59:59 2024 GMT Subject: serialNumber=d34ce5162eb8f07ba01162a10872ee39db611a6ba54bfad121752a35946cd811, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:47:d6:aa:f7:08:dd:c5:71:60:a8:c6:5e:e2: 15:14:65:c1:87:59:a6:b5:e7:14:be:a6:59:c3:d5: d6:8f:cb:6d:d4:a0:45:0a:05:d4:20:a3:23:14:57: 41:7a:29:2e:40:d2:8c:d6:52:fa:01:c5:eb:91:96: 0e:99:e3:f7:d0:d6:2a:8a:68:a2:97:96:41:6e:2c: d1:be:7d:89:dd:f3:79:73:e8:d7:b1:44:d5:95:c1: e1:38:96:3a:97:f9:6d:8e:b2:78:34:5f:ab:aa:cc: e8:e1:be:3a:6b:b0:8b:13:c0:97:d7:5e:99:07:92: d6:c4:e4:ae:a0:b3:5e:6c:b1:0d:bd:44:2d:b1:6d: be:80:39:0c:76:31:7a:ee:f0:74:f8:33:2e:50:9b: a7:31:91:9f:0d:50:1b:87:c8:30:74:02:81:20:67: ec:8f:fb:dc:e9:0c:ca:5a:5a:86:5f:f2:10:21:e7: 21:b8:60:60:42:0f:e8:ef:37:14:3b:aa:c2:7f:fe: c6:48:8d:af:c3:f3:94:bd:9f:24:93:46:4b:5e:79: 4a:b3:fd:f4:4f:14:f0:80:67:01:4e:7d:75:a5:ba: f1:51:3f:b6:06:f2:e6:92:a4:59:fe:b5:cb:28:84: 9a:6c:b4:c1:91:5d:db:81:7e:82:ef:dd:76:0c:ff: ef:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:FC:36:76:42:86:31:98:E4:B5:F9:EA:46:42:D1:88:E0:44:27:6B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:c000::/40 Signature Algorithm: sha256WithRSAEncryption 89:a9:55:ef:c7:d2:a2:fc:e3:dd:17:49:4a:47:be:da:3f:6e: 18:7e:d5:86:54:12:18:d7:86:89:db:a6:f1:d9:9e:07:8c:8e: bf:ae:8d:62:0d:89:3d:43:dc:f7:91:24:e2:e1:60:66:ff:ac: 52:3c:a4:b9:2d:38:6a:65:db:08:15:06:9d:f0:e1:79:c0:82: 21:c9:c3:41:38:73:9f:f9:20:15:fb:75:72:46:5c:5f:ac:30: a2:74:19:74:a6:23:b8:7a:b7:25:84:2e:1a:c1:11:9a:b4:79: ec:26:23:c3:bc:4c:45:e1:91:d1:c7:40:9e:06:fc:4f:4f:44: bf:aa:1d:bf:56:c8:f9:06:99:9e:05:3a:fa:4f:06:c7:c4:40: d4:37:4e:d7:ef:7c:b7:b9:76:c4:8a:2a:7b:b0:20:06:05:16: 46:1d:cc:38:23:47:be:f0:9c:e7:0a:c0:6e:74:89:29:4e:6b: c8:7b:a2:e5:1e:0f:3e:7d:81:51:65:39:31:2f:51:db:4b:14: 17:86:83:d1:eb:cf:ca:82:5d:29:53:07:95:ab:19:94:3b:9f: 35:a6:52:c5:63:a6:a9:63:f4:b1:b6:b3:e4:c1:ce:4a:9f:89: 0a:09:8c:29:f5:19:9d:29:7d:54:9f:e0:79:55:23:97:dc:54: 03:df:d3:29 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUclHThU6YPV/9fBPRobLUZuqUqDMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExMjAwMDAwMFoX DTI0MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAZDM0Y2U1MTYyZWI4ZjA3YmEwMTE2 MmExMDg3MmVlMzlkYjYxMWE2YmE1NGJmYWQxMjE3NTJhMzU5NDZjZDgxMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8UfWqvcI3cVxYKjGXuIVFGXBh1mm tecUvqZZw9XWj8tt1KBFCgXUIKMjFFdBeikuQNKM1lL6AcXrkZYOmeP30NYqimii l5ZBbizRvn2J3fN5c+jXsUTVlcHhOJY6l/ltjrJ4NF+rqszo4b46a7CLE8CX116Z B5LWxOSuoLNebLENvUQtsW2+gDkMdjF67vB0+DMuUJunMZGfDVAbh8gwdAKBIGfs j/vc6QzKWlqGX/IQIechuGBgQg/o7zcUO6rCf/7GSI2vw/OUvZ8kk0ZLXnlKs/30 TxTwgGcBTn11pbrxUT+2BvLmkqRZ/rXLKISabLTBkV3bgX6C7912DP/vawIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLj8NnZChjGY5LX56kZC0YjgRCdrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UxNTY3NTA5LWYzMWQtNDczOS1hN2E2LWVkMjQ1MzBjNTk4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9cAwDQYJKoZIhvcNAQELBQADggEBAImpVe/H0qL8490XSUpH vto/bhh+1YZUEhjXhonbpvHZngeMjr+ujWINiT1D3PeRJOLhYGb/rFI8pLktOGpl 2wgVBp3w4XnAgiHJw0E4c5/5IBX7dXJGXF+sMKJ0GXSmI7h6tyWELhrBEZq0eewm I8O8TEXhkdHHQJ4G/E9PRL+qHb9WyPkGmZ4FOvpPBsfEQNQ3TtfvfLe5dsSKKnuw IAYFFkYdzDgjR77wnOcKwG50iSlOa8h7ouUeDz59gVFlOTEvUdtLFBeGg9Hrz8qC XSlTB5WrGZQ7nzWmUsVjpqlj9LG2s+TBzkqfiQoJjCn1GZ0pfVSf4HlVI5fcVAPf 0yk= -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:17 2024 by rpki-client on console-fra.rpki-client.org