$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fc653957-4f62-4afa-93a5-fdca0a97ec7a.roa File: fc653957-4f62-4afa-93a5-fdca0a97ec7a.roa (raw, json) Hash identifier: DKyjbr8sTK5iFqv2lkT3nsSqSoZd2XXsSLAH98QSJoU= Subject key identifier: 9C:52:FA:56:F8:EC:00:F3:51:89:32:3F:CF:EF:7D:75:23:CF:36:DB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 240E396F9AA153C11617C0115A40A4356EFA88ED Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fc653957-4f62-4afa-93a5-fdca0a97ec7a.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:0e:39:6f:9a:a1:53:c1:16:17:c0:11:5a:40:a4:35:6e:fa:88:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=5eb4f426021435b20466b17febbdd2ca3e0575bd4d8bc0f18fef4d91c6295b30, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:29:14:8e:c6:61:db:55:c8:77:19:8f:91:83: 02:df:63:9b:15:0e:19:46:77:6f:31:3b:ac:0e:3f: da:77:89:74:9c:ab:68:0c:fe:3d:75:05:73:42:f8: 80:75:28:c7:9f:fc:97:24:22:a0:8b:02:ea:9e:63: ad:88:5e:4c:65:e7:1f:f0:8e:0e:50:3d:c1:28:3c: 4a:65:cc:a7:0c:dc:79:63:d6:c2:8e:3a:52:cf:16: 7c:9b:81:4c:56:45:a3:12:91:09:2c:8b:30:89:e2: 33:00:a2:1d:d1:d5:77:6f:ef:21:8b:b6:15:35:07: 05:76:3b:f9:a1:fd:74:3d:ca:b7:89:ea:d7:c4:0f: 3a:22:83:5b:01:93:dd:92:5b:61:22:81:46:26:8d: ed:39:24:72:15:10:88:e6:ce:a5:79:50:a1:30:e2: 8f:21:00:db:ba:85:32:55:0c:be:4a:41:e5:ae:3c: 56:f7:1e:b8:6e:43:b1:3d:79:ac:5a:da:0f:99:1a: b4:1a:ad:50:84:e6:75:23:6a:d7:1d:16:19:81:fe: e5:34:06:f1:dc:b5:73:e8:38:0e:86:d7:0d:05:24: 7f:b7:c8:38:40:c6:46:ea:ad:fd:ed:13:47:95:89: ac:59:59:97:25:a8:ba:82:17:a1:6f:b6:ef:9e:77: da:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:52:FA:56:F8:EC:00:F3:51:89:32:3F:CF:EF:7D:75:23:CF:36:DB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fc653957-4f62-4afa-93a5-fdca0a97ec7a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:2000::/40 Signature Algorithm: sha256WithRSAEncryption 0b:2d:55:50:a1:55:fa:99:39:51:2a:0a:38:8a:58:3c:d6:dd: db:5b:fd:b1:9e:50:38:2e:95:d8:e1:f4:66:36:bc:2b:eb:0b: e3:20:6b:c4:2a:3d:f7:f5:bf:e5:27:84:52:92:6f:d8:b0:c7: 0a:3f:ec:de:3b:30:88:5e:4a:8b:b5:6f:0e:df:6e:4e:b8:df: 26:8a:0c:3a:f1:94:57:36:38:52:9d:92:4c:80:c4:76:97:92: a5:3f:3a:bd:71:89:85:3a:ef:7f:47:1d:be:a6:dc:c1:66:bb: 4d:f1:9d:4f:90:5c:41:57:dc:e7:12:6d:a7:ca:56:1b:23:1f: 05:a0:9a:5a:eb:4a:c0:07:e3:e6:e2:b6:69:1a:3c:76:95:4c: d8:1d:e7:58:00:5d:2a:d3:01:dc:a4:f9:63:8f:f4:9b:cd:d2: a6:22:83:5e:5c:aa:a2:d5:94:6c:72:b8:b1:e1:ae:2d:87:89: 44:47:1f:11:4f:4e:4d:a2:43:d1:9f:1a:fb:fe:cf:68:90:ef: 32:39:2a:5b:ca:4a:85:16:14:2f:92:0c:f5:a2:dc:f2:c6:44: 91:f8:57:95:fd:ba:40:9e:a8:b0:71:0f:84:f4:da:de:4a:0d: d5:94:91:b5:66:77:f5:48:84:68:88:36:87:3b:c9:8f:ec:a3: d6:c1:05:ce -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJA45b5qhU8EWF8ARWkCkNW76iO0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNANWViNGY0MjYwMjE0MzViMjA0NjZi MTdmZWJiZGQyY2EzZTA1NzViZDRkOGJjMGYxOGZlZjRkOTFjNjI5NWIzMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCkUjsZh21XIdxmPkYMC32ObFQ4Z RndvMTusDj/ad4l0nKtoDP49dQVzQviAdSjHn/yXJCKgiwLqnmOtiF5MZecf8I4O UD3BKDxKZcynDNx5Y9bCjjpSzxZ8m4FMVkWjEpEJLIswieIzAKId0dV3b+8hi7YV NQcFdjv5of10Pcq3ierXxA86IoNbAZPdklthIoFGJo3tOSRyFRCI5s6leVChMOKP IQDbuoUyVQy+SkHlrjxW9x64bkOxPXmsWtoPmRq0Gq1QhOZ1I2rXHRYZgf7lNAbx 3LVz6DgOhtcNBSR/t8g4QMZG6q397RNHlYmsWVmXJai6ghehb7bvnnfakwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJxS+lb47ADzUYkyP8/vfXUjzzbbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZjNjUzOTU3LTRmNjItNGFmYS05M2E1LWZkY2EwYTk3ZWM3YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/CAwDQYJKoZIhvcNAQELBQADggEBAAstVVChVfqZOVEqCjiK WDzW3dtb/bGeUDguldjh9GY2vCvrC+Mga8QqPff1v+UnhFKSb9iwxwo/7N47MIhe Sou1bw7fbk643yaKDDrxlFc2OFKdkkyAxHaXkqU/Or1xiYU6739HHb6m3MFmu03x nU+QXEFX3OcSbafKVhsjHwWgmlrrSsAH4+bitmkaPHaVTNgd51gAXSrTAdyk+WOP 9JvN0qYig15cqqLVlGxyuLHhri2HiURHHxFPTk2iQ9GfGvv+z2iQ7zI5KlvKSoUW FC+SDPWi3PLGRJH4V5X9ukCeqLBxD4T02t5KDdWUkbVmd/VIhGiINoc7yY/so9bB Bc4= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:37 2024 by rpki-client on console-fra.rpki-client.org