$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa File: e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa (raw, json) Hash identifier: VKOdfck9ainiIJxtbokCVZPEQasq+kJZDZkmDNfle6s= Subject key identifier: 85:2D:A9:64:78:15:C6:45:42:B6:46:A9:3B:4A:A0:30:04:FB:6A:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 491CB75E1BD5293F30C616986277B59880C54EE2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:1c:b7:5e:1b:d5:29:3f:30:c6:16:98:62:77:b5:98:80:c5:4e:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=355e67ee37d42c171a41e3980fc2a04a2dd40f7adbf37f2ff54c3e4090e4bba0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:d8:b6:88:e1:30:50:9c:10:06:e9:ca:d2:71: 86:79:a1:dd:fa:39:16:cd:4e:02:39:66:f6:fc:e7: b4:89:f4:ca:f6:10:40:91:c3:1a:ff:db:6a:a7:58: 62:97:53:f8:6d:9f:04:30:03:cc:b7:6c:06:33:97: 9d:79:36:a2:98:f6:d7:d8:54:dd:10:1f:71:af:88: 6e:14:10:db:39:ff:e4:47:22:25:c6:01:7c:38:5a: 22:6c:0a:99:2c:b2:86:80:2a:d7:cf:52:94:ff:18: 7c:0e:f0:e0:d3:d7:a5:22:60:e9:04:c8:e0:96:c4: 43:fd:8b:56:8f:83:19:67:f6:a0:80:56:6f:6b:7f: ca:0f:ad:ca:e1:6b:55:bc:57:e0:28:7a:dd:85:7c: 5a:91:75:0a:24:ab:12:7f:21:de:8c:d8:bb:e2:3a: f4:37:65:bf:1b:ee:f1:0f:8e:30:23:cb:1e:f9:34: a4:f0:70:93:b0:0d:79:16:fd:25:34:58:52:ab:42: 42:1a:e8:05:67:8e:7f:a3:8d:9c:0b:a9:06:db:2c: 5c:44:1d:e6:9a:40:20:49:e7:10:73:ce:c1:75:fc: 1d:6d:e6:68:bd:ea:25:fc:3d:b9:28:8c:be:3a:4f: 31:af:49:02:ca:30:48:eb:c9:68:8a:0c:cb:1f:7c: d6:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:2D:A9:64:78:15:C6:45:42:B6:46:A9:3B:4A:A0:30:04:FB:6A:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:6000::/40 Signature Algorithm: sha256WithRSAEncryption 96:a3:8b:90:08:69:c5:c0:fe:ab:27:fb:1a:ad:aa:a2:89:d2: 71:c2:74:58:54:d5:ab:3c:bd:80:79:ac:53:f0:4f:1d:c5:00: 28:d7:76:b6:54:62:1e:55:37:77:97:be:39:7c:83:1e:d3:0e: ce:e1:e1:22:83:45:1d:8e:56:19:76:f0:be:16:e2:a9:51:16: 28:95:48:07:e4:93:89:29:8e:f9:65:e6:4f:33:7e:9c:eb:f5: 80:6f:27:39:50:3e:8f:b0:49:7b:18:a8:21:ac:e9:f2:59:25: e0:fa:e3:6c:c0:45:42:22:09:27:05:94:36:af:dd:cc:11:20: f1:97:18:62:38:dd:ab:c8:24:a5:02:40:bc:a9:41:53:77:26: bc:47:b0:16:52:db:cc:03:6c:35:4c:a3:2a:27:02:0d:a0:56: 8c:65:50:2a:37:80:c1:66:02:d6:4f:ef:27:b3:90:90:f0:8b: 25:a9:e0:fc:e9:4b:0d:65:bc:90:89:7f:90:9e:2b:05:7a:3f: e7:0c:43:6f:4d:f5:ab:1f:63:fd:53:4b:e2:5c:e7:75:e6:f3: 44:7d:e3:5c:70:94:ab:7c:73:6b:3e:24:0d:52:81:72:78:83: 59:5e:1f:f6:0d:f3:5c:f4:19:45:4b:6d:0f:3b:7a:f4:8e:e7: 9c:7c:86:3b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSRy3XhvVKT8wxhaYYne1mIDFTuIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNAMzU1ZTY3ZWUzN2Q0MmMxNzFhNDFl Mzk4MGZjMmEwNGEyZGQ0MGY3YWRiZjM3ZjJmZjU0YzNlNDA5MGU0YmJhMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ti2iOEwUJwQBunK0nGGeaHd+jkW zU4COWb2/Oe0ifTK9hBAkcMa/9tqp1hil1P4bZ8EMAPMt2wGM5edeTaimPbX2FTd EB9xr4huFBDbOf/kRyIlxgF8OFoibAqZLLKGgCrXz1KU/xh8DvDg09elImDpBMjg lsRD/YtWj4MZZ/aggFZva3/KD63K4WtVvFfgKHrdhXxakXUKJKsSfyHejNi74jr0 N2W/G+7xD44wI8se+TSk8HCTsA15Fv0lNFhSq0JCGugFZ45/o42cC6kG2yxcRB3m mkAgSecQc87BdfwdbeZoveol/D25KIy+Ok8xr0kCyjBI68loigzLH3zWAwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIUtqWR4FcZFQrZGqTtKoDAE+2r4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U3M2NmNWY4LWVlMGQtNGRjZS04MGIxLWI1MDhmMzE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+2AwDQYJKoZIhvcNAQELBQADggEBAJaji5AIacXA/qsn+xqt qqKJ0nHCdFhU1as8vYB5rFPwTx3FACjXdrZUYh5VN3eXvjl8gx7TDs7h4SKDRR2O Vhl28L4W4qlRFiiVSAfkk4kpjvll5k8zfpzr9YBvJzlQPo+wSXsYqCGs6fJZJeD6 42zARUIiCScFlDav3cwRIPGXGGI43avIJKUCQLypQVN3JrxHsBZS28wDbDVMoyon Ag2gVoxlUCo3gMFmAtZP7yezkJDwiyWp4PzpSw1lvJCJf5CeKwV6P+cMQ29N9asf Y/1TS+Jc53Xm80R941xwlKt8c2s+JA1SgXJ4g1leH/YN81z0GUVLbQ87evSO55x8 hjs= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:27 2024 by rpki-client on console-ams.rpki-client.org