$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0035674-15ff-434e-b4d2-44fc6010a1aa.roa File: f0035674-15ff-434e-b4d2-44fc6010a1aa.roa (raw, json) Hash identifier: wIvwHtHL870q6Y1xO6vzuXzmj8HDNhh5FExcoJvmxA0= Subject key identifier: 48:15:CC:77:24:A8:35:17:FB:1E:EA:AE:3A:54:0D:7E:23:AC:1A:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 399C3BDDB276A5A7D14FAC31D6D8F59B1DC20434 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0035674-15ff-434e-b4d2-44fc6010a1aa.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:9c:3b:dd:b2:76:a5:a7:d1:4f:ac:31:d6:d8:f5:9b:1d:c2:04:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=2705271260e79e84ad1af71a8e47a79be02f77a7f72bcc869d46acac9612cf6b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:17:0b:77:2c:15:46:1f:b1:c6:2d:88:ce:3a: f7:11:f0:ad:50:a6:b2:9d:a1:b4:48:6d:21:6f:89: b3:d0:ff:86:a9:11:e2:71:bf:e2:25:85:79:2f:63: de:48:84:4d:2c:02:48:38:1f:ef:16:33:1a:3c:4e: 46:8e:c9:27:00:b4:00:fe:f5:34:98:8f:e6:37:fc: 39:21:0d:cf:4d:e9:aa:da:f6:af:cb:17:51:d2:40: 90:d0:b9:f9:df:d0:83:c8:93:cb:1b:aa:bf:21:d6: ac:c9:d6:4f:a9:09:6a:bd:c4:cb:b7:48:c0:c5:57: 3c:f4:cc:55:64:48:df:fe:62:3c:8a:4b:a4:f1:9c: 85:d7:b7:0d:d7:75:e5:d4:c4:f0:2b:3c:82:97:78: e3:c9:d4:3b:b2:ea:a8:e1:a4:76:9d:26:9f:7f:05: 76:09:b8:2d:f4:3b:8f:9e:a3:84:b3:95:d9:b0:4e: c4:84:53:fc:e3:c5:94:1e:57:62:59:7d:20:f8:71: 9c:8e:e0:25:18:93:8b:1b:6d:87:a1:70:37:5e:77: 3f:63:b5:e4:cf:f1:ea:3f:e8:0a:7f:e8:85:93:bc: ae:24:e4:f1:d4:48:f9:bc:9b:51:ad:86:d5:1e:59: 0b:51:b9:9d:dd:f8:3a:17:14:33:de:30:76:9e:3f: cd:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:15:CC:77:24:A8:35:17:FB:1E:EA:AE:3A:54:0D:7E:23:AC:1A:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0035674-15ff-434e-b4d2-44fc6010a1aa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:e000::/40 Signature Algorithm: sha256WithRSAEncryption 3e:75:c1:e1:3e:8c:e9:50:e5:47:41:78:10:9e:bc:67:f2:12: dd:8d:c4:6f:f9:25:1c:12:63:70:34:09:40:8c:03:d4:5c:69: 36:06:7f:c4:04:d2:24:0d:a5:b3:1c:3d:96:65:fc:27:76:0b: 89:cc:cf:20:b6:65:6b:a0:8a:88:29:a9:12:83:3a:49:b8:74: d7:a5:e8:ad:75:e6:ed:f8:ac:54:b7:50:94:82:21:b0:7d:ed: 5e:d6:69:15:5f:5d:a0:63:d6:e9:aa:42:13:2e:f2:65:5a:83: fc:63:f0:5b:ee:4d:16:83:9d:15:ba:93:be:0e:e5:da:e3:b6: e2:09:56:c6:3b:09:d4:a4:48:d0:77:34:8f:d4:90:83:8b:04: 0e:ee:a8:f4:65:7c:0f:63:7c:71:fa:85:2e:ea:01:cf:9d:07: 4d:a0:5e:ac:94:7c:5d:ac:71:61:a1:ce:ca:ac:d4:dc:56:40: ce:52:c8:90:ab:ac:d2:7e:e2:b4:27:92:1b:5b:cb:f5:5a:b0: b2:61:87:19:1f:e9:71:66:63:c5:eb:c3:38:d3:4f:62:52:6f: bc:e5:71:60:c1:65:12:63:0b:48:9f:6a:f8:b5:02:1e:95:65: 96:ad:72:f9:ce:8a:c3:48:da:5d:bc:10:f6:70:a9:9e:aa:94: 82:c8:25:89 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOZw73bJ2pafRT6wx1tj1mx3CBDQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNAMjcwNTI3MTI2MGU3OWU4NGFkMWFm NzFhOGU0N2E3OWJlMDJmNzdhN2Y3MmJjYzg2OWQ0NmFjYWM5NjEyY2Y2YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBcLdywVRh+xxi2Izjr3EfCtUKay naG0SG0hb4mz0P+GqRHicb/iJYV5L2PeSIRNLAJIOB/vFjMaPE5GjsknALQA/vU0 mI/mN/w5IQ3PTemq2vavyxdR0kCQ0Ln539CDyJPLG6q/IdasydZPqQlqvcTLt0jA xVc89MxVZEjf/mI8ikuk8ZyF17cN13Xl1MTwKzyCl3jjydQ7suqo4aR2nSaffwV2 Cbgt9DuPnqOEs5XZsE7EhFP848WUHldiWX0g+HGcjuAlGJOLG22HoXA3Xnc/Y7Xk z/HqP+gKf+iFk7yuJOTx1Ej5vJtRrYbVHlkLUbmd3fg6FxQz3jB2nj/NIQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEgVzHckqDUX+x7qrjpUDX4jrBoRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YwMDM1Njc0LTE1ZmYtNDM0ZS1iNGQyLTQ0ZmM2MDEwYTFhYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaOAwDQYJKoZIhvcNAQELBQADggEBAD51weE+jOlQ5UdBeBCe vGfyEt2NxG/5JRwSY3A0CUCMA9RcaTYGf8QE0iQNpbMcPZZl/Cd2C4nMzyC2ZWug iogpqRKDOkm4dNel6K115u34rFS3UJSCIbB97V7WaRVfXaBj1umqQhMu8mVag/xj 8FvuTRaDnRW6k74O5drjtuIJVsY7CdSkSNB3NI/UkIOLBA7uqPRlfA9jfHH6hS7q Ac+dB02gXqyUfF2scWGhzsqs1NxWQM5SyJCrrNJ+4rQnkhtby/VasLJhhxkf6XFm Y8XrwzjTT2JSb7zlcWDBZRJjC0ifavi1Ah6VZZatcvnOisNI2l28EPZwqZ6qlILI JYk= -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:27 2024 by rpki-client on console-ams.rpki-client.org