$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa File: 2f35c729-72a9-490b-b37f-984abc13307d.roa (raw, json) Hash identifier: biKVzyE7QMheTt7YPbxYNCMkHm7Pj2pJsSvQ8YQyLxU= Subject key identifier: C8:32:C0:30:21:93:B3:DB:00:8D:71:81:3C:90:F1:35:D4:F1:77:F2 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 338CAF658CEFA1EF827E84D8F33000C3DB74A57F Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1010::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:8c:af:65:8c:ef:a1:ef:82:7e:84:d8:f3:30:00:c3:db:74:a5:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=11f7a68cf5ebf9d553f205d5af995b8b1fe76b15dad8514b6a509f5e1f302cdb, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:20:77:43:d8:e2:be:6c:03:b8:4a:bb:2d:5c: 33:dd:10:0c:1d:8b:83:63:55:cc:98:76:0f:11:f1: 63:55:cf:bd:4d:b3:c6:99:11:db:40:e1:21:40:26: ff:f8:89:a3:8e:0f:20:ee:d9:e3:ef:34:d8:d8:a8: 20:80:aa:1a:c5:7d:e6:a0:df:b1:80:91:4c:3d:9d: 1e:ee:bb:cc:96:a6:04:25:a2:11:eb:25:f6:a8:d0: 49:d7:66:1e:2d:ca:ba:3b:69:26:db:7a:a0:8c:1d: fc:b2:1e:ac:77:d7:7c:53:ce:b9:18:b4:d8:b5:0d: 0e:b6:a1:e5:22:66:31:c4:ab:ab:6f:06:89:9e:02: 36:17:2d:45:1d:0a:e9:4b:03:ec:05:b2:7a:c3:38: ca:68:0f:5f:6d:11:52:ba:f6:39:e9:85:1d:32:42: 27:ee:bd:1e:b5:b7:08:8a:01:9e:b0:0a:0f:e8:e7: 45:a7:c6:8d:57:a7:b2:26:32:22:e4:59:33:3f:1f: 8d:55:c9:b1:f3:80:d4:dd:c8:fc:50:cd:01:a5:44: 08:78:10:df:f6:1a:9f:ed:3c:b8:b2:c4:46:8a:d8: 67:5a:7e:26:0f:0e:57:ac:52:97:29:3a:1f:67:20: a3:0c:7e:d9:1b:3b:af:85:7c:09:ec:1d:96:b4:41: 84:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:32:C0:30:21:93:B3:DB:00:8D:71:81:3C:90:F1:35:D4:F1:77:F2 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1010::/48 Signature Algorithm: sha256WithRSAEncryption 0d:7e:db:0a:d2:67:ce:2a:73:35:3d:51:05:4b:25:7d:f8:c8: 4b:3e:24:f1:fb:73:e1:9e:00:02:d3:3c:b9:3e:5b:f6:ac:1a: f9:b8:8a:49:48:41:64:f9:fc:f0:1b:ca:35:88:eb:0b:63:2e: 7b:18:4e:54:24:11:a2:32:ed:18:84:2d:7f:6e:4a:2e:f5:c0: f3:53:93:85:a2:41:e2:af:a4:f3:70:eb:b2:8b:bf:36:5b:11: af:94:28:a6:06:b4:1b:8c:12:f7:71:41:5d:14:82:c3:09:ce: 1a:68:89:e8:7c:ff:06:1e:14:cc:df:50:da:d2:12:a7:14:9a: bf:8b:f3:b3:22:8b:10:13:fb:d4:0b:2b:78:be:5b:ae:a5:f7: 85:cc:ce:b2:3d:28:37:0f:78:7a:62:82:5a:bb:08:a3:79:6a: 81:4b:a1:b0:bd:1a:db:48:f5:ec:f0:ec:54:9e:da:97:49:bd: da:ab:14:08:92:06:3f:db:41:70:2e:14:3f:07:49:ec:7a:a2: ba:0f:46:ad:57:9a:dd:f4:97:dc:07:ff:fe:77:5f:40:5e:3e: d8:06:f7:b3:59:6e:d2:bc:65:77:f0:03:63:a2:f9:97:be:c5: 63:11:56:17:13:9d:8a:7f:0c:e3:c1:69:a6:45:1b:11:f3:a3: 6a:1c:c6:b3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUM4yvZYzvoe+CfoTY8zAAw9t0pX8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAMTFmN2E2OGNmNWViZjlkNTUzZjIw NWQ1YWY5OTViOGIxZmU3NmIxNWRhZDg1MTRiNmE1MDlmNWUxZjMwMmNkYjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CB3Q9jivmwDuEq7LVwz3RAMHYuD Y1XMmHYPEfFjVc+9TbPGmRHbQOEhQCb/+Imjjg8g7tnj7zTY2KgggKoaxX3moN+x gJFMPZ0e7rvMlqYEJaIR6yX2qNBJ12YeLcq6O2km23qgjB38sh6sd9d8U865GLTY tQ0OtqHlImYxxKurbwaJngI2Fy1FHQrpSwPsBbJ6wzjKaA9fbRFSuvY56YUdMkIn 7r0etbcIigGesAoP6OdFp8aNV6eyJjIi5FkzPx+NVcmx84DU3cj8UM0BpUQIeBDf 9hqf7Ty4ssRGithnWn4mDw5XrFKXKTofZyCjDH7ZGzuvhXwJ7B2WtEGEVwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMgywDAhk7PbAI1xgTyQ8TXU8XfyMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzJmMzVjNzI5LTcyYTktNDkwYi1iMzdmLTk4NGFiYzEzMzA3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAQMA0GCSqGSIb3DQEBCwUAA4IBAQANftsK0mfOKnM1PVEF SyV9+MhLPiTx+3PhngAC0zy5Plv2rBr5uIpJSEFk+fzwG8o1iOsLYy57GE5UJBGi Mu0YhC1/bkou9cDzU5OFokHir6TzcOuyi782WxGvlCimBrQbjBL3cUFdFILDCc4a aInofP8GHhTM31Da0hKnFJq/i/OzIosQE/vUCyt4vluupfeFzM6yPSg3D3h6YoJa uwijeWqBS6GwvRrbSPXs8OxUntqXSb3aqxQIkgY/20FwLhQ/B0nseqK6D0atV5rd 9JfcB//+d19AXj7YBvezWW7SvGV38ANjovmXvsVjEVYXE52KfwzjwWmmRRsR86Nq HMaz -----END CERTIFICATE-----Generated at Thu Nov 21 17:28:40 2024 by rpki-client on console-fra.rpki-client.org