$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/41ea98ba-f4ea-45c4-8f0a-438a367705db.roa File: 41ea98ba-f4ea-45c4-8f0a-438a367705db.roa (raw, json) Hash identifier: ZLCFOebiha2QoKHxA5JNkdYsIaa/I+NQRMC/IBI85m8= Subject key identifier: BA:0D:21:D1:92:47:4C:88:4E:03:34:A2:D7:91:84:6D:98:1E:DA:F0 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 62801493DF7695BD23D0DCEFA6F125B2DF45B192 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/41ea98ba-f4ea-45c4-8f0a-438a367705db.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1084::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 15:14:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:80:14:93:df:76:95:bd:23:d0:dc:ef:a6:f1:25:b2:df:45:b1:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=7df748f543a73484d8d801ae86ed69aaf50fea74e97034d1874e863555a49536, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:35:b9:c4:b1:d3:96:4f:04:50:a9:3e:09:76: e3:d1:92:40:79:10:a8:c2:f4:30:88:a9:94:6f:c8: 8a:5b:f4:e9:15:a2:86:8e:46:d1:c2:40:7b:c5:02: 8d:d0:9c:3e:35:4d:3a:ab:9a:0a:82:4c:8f:52:a7: c3:ed:9a:f2:a8:74:bc:88:44:27:b2:9c:6d:5d:fb: 7a:3c:a7:2e:ec:43:b9:02:9c:c1:c0:aa:0f:08:84: af:8b:67:62:5d:0a:d8:35:ab:2a:9b:48:77:3b:e1: ed:72:33:1d:f8:88:ec:8e:03:13:43:13:f5:5e:e9: eb:b8:5b:e1:d0:55:37:39:a0:92:87:d7:a5:ea:4a: 70:9d:0d:57:68:12:e9:b1:13:56:96:da:2a:78:e7: e8:2b:33:f5:6b:f5:07:ef:d4:88:8b:5c:c4:d1:7e: 32:a3:f6:dc:2b:b1:45:37:43:56:b2:b9:88:f2:fb: 08:37:77:8a:93:f8:1b:ad:53:1e:6e:29:5b:94:bc: 6a:1a:34:38:68:16:ad:60:da:5d:3f:ee:42:42:bb: 2b:6c:12:3e:23:3c:c9:ae:8b:14:e2:e0:03:b1:fc: 0a:d7:4d:75:42:53:13:9b:d5:d5:38:e6:6f:04:89: db:97:c2:58:47:c1:d5:01:83:8a:f1:8c:5c:36:84: 3b:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:0D:21:D1:92:47:4C:88:4E:03:34:A2:D7:91:84:6D:98:1E:DA:F0 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/41ea98ba-f4ea-45c4-8f0a-438a367705db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1084::/48 Signature Algorithm: sha256WithRSAEncryption 03:b3:3c:61:1d:80:2d:9a:ea:b5:cc:31:13:dd:df:cd:02:bb: 0a:9f:d7:6b:d4:93:bb:9f:32:ff:59:4b:cb:92:db:fe:85:3b: a6:10:a9:ac:6f:16:10:9c:85:0c:eb:4d:20:d0:c5:2b:1e:92: e4:c9:86:d5:d3:92:00:c6:10:80:1d:f7:b4:37:cb:5e:b1:1a: 5d:22:e0:8b:c8:6c:fb:73:2b:26:fc:d5:0f:9c:9b:ab:0f:d1: 03:c9:0d:99:ee:de:5f:c0:94:c9:da:90:ff:42:af:c2:b1:00: 48:15:fd:d2:e0:06:a6:a9:cf:86:66:32:fa:f3:db:3a:b6:97: 98:af:72:a8:2e:8b:44:90:b4:c8:e0:56:60:f9:2c:1e:c3:be: 11:61:41:b8:32:c3:f9:78:83:15:cc:1f:a8:4c:46:fa:7a:ad: b1:29:53:5b:0b:54:ed:d1:12:25:14:df:6b:03:13:66:75:13: 7d:bf:87:c3:fc:21:b8:a2:6b:0b:b0:c1:a4:3e:42:bc:a9:48: ab:f3:36:0e:68:d0:f3:06:72:09:9e:bb:b2:35:29:4f:3d:ad: 5b:58:a7:ec:08:5a:f2:f7:0f:d5:5f:14:1e:98:6e:7b:eb:c0: b6:0c:96:73:a7:ca:1e:93:61:e2:8c:7f:61:de:1a:09:b2:6d: 52:20:24:87 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYoAUk992lb0j0NzvpvElst9FsZIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAN2RmNzQ4ZjU0M2E3MzQ4NGQ4ZDgw MWFlODZlZDY5YWFmNTBmZWE3NGU5NzAzNGQxODc0ZTg2MzU1NWE0OTUzNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDW5xLHTlk8EUKk+CXbj0ZJAeRCo wvQwiKmUb8iKW/TpFaKGjkbRwkB7xQKN0Jw+NU06q5oKgkyPUqfD7ZryqHS8iEQn spxtXft6PKcu7EO5ApzBwKoPCISvi2diXQrYNasqm0h3O+HtcjMd+IjsjgMTQxP1 XunruFvh0FU3OaCSh9el6kpwnQ1XaBLpsRNWltoqeOfoKzP1a/UH79SIi1zE0X4y o/bcK7FFN0NWsrmI8vsIN3eKk/gbrVMebilblLxqGjQ4aBatYNpdP+5CQrsrbBI+ IzzJrosU4uADsfwK1011QlMTm9XVOOZvBInbl8JYR8HVAYOK8YxcNoQ7EwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLoNIdGSR0yITgM0oteRhG2YHtrwMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQxZWE5OGJhLWY0ZWEtNDVjNC04ZjBhLTQzOGEzNjc3MDVkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABCEMA0GCSqGSIb3DQEBCwUAA4IBAQADszxhHYAtmuq1zDET 3d/NArsKn9dr1JO7nzL/WUvLktv+hTumEKmsbxYQnIUM600g0MUrHpLkyYbV05IA xhCAHfe0N8tesRpdIuCLyGz7cysm/NUPnJurD9EDyQ2Z7t5fwJTJ2pD/Qq/CsQBI Ff3S4Aamqc+GZjL689s6tpeYr3KoLotEkLTI4FZg+Swew74RYUG4MsP5eIMVzB+o TEb6eq2xKVNbC1Tt0RIlFN9rAxNmdRN9v4fD/CG4omsLsMGkPkK8qUir8zYOaNDz BnIJnruyNSlPPa1bWKfsCFry9w/VXxQemG5768C2DJZzp8oek2HijH9h3hoJsm1S ICSH -----END CERTIFICATE-----Generated at Sun Nov 24 17:18:25 2024 by rpki-client on console-fra.rpki-client.org