$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/90e88caa-70b7-406a-a161-a6118790ffdb.roa File: 90e88caa-70b7-406a-a161-a6118790ffdb.roa (raw, json) Hash identifier: PH/rWb31x9aXsLao7ltuo8oyGZK5WAjrWbJY+azq2eU= Subject key identifier: 5E:2F:D6:F7:EA:35:03:53:F3:84:BD:DE:75:00:A6:08:F1:90:A5:E3 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 6BFAC79B8C3D2489B7C20C68EDC368FA3A26E3 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/90e88caa-70b7-406a-a161-a6118790ffdb.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:1008::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:fa:c7:9b:8c:3d:24:89:b7:c2:0c:68:ed:c3:68:fa:3a:26:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=84451a5cc081406f18cc45c50072c6854d1b99645814136ffee2c8a70cdad6ab, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:91:a9:ec:74:30:ab:51:ff:77:78:db:b8:33: fd:17:54:90:cf:f2:e0:3b:d6:3c:c3:56:53:25:80: 2d:cd:e6:a2:2a:7d:c5:59:37:06:1a:00:e8:42:44: f6:49:0c:c5:c1:ee:12:93:75:84:5b:6e:a3:23:e4: e4:a4:a0:ec:4c:9c:c2:fc:52:7a:80:33:12:71:1a: 45:2b:fa:4b:8a:36:18:47:bb:14:68:8b:9c:a1:7d: 98:d4:98:5c:b2:a8:6e:7b:31:3e:a7:d6:19:6e:25: 77:8d:79:47:9e:3b:bf:30:60:9f:13:ca:bf:83:69: 4a:5a:3b:c0:bb:77:a8:76:c7:6d:b2:8b:8a:43:4a: fb:71:32:75:7c:fe:3c:3a:51:2c:c6:40:78:3a:fa: de:5b:bc:e7:9e:00:a3:91:c6:09:92:76:e4:ca:b7: f3:ee:e1:2a:de:e9:ea:27:27:b6:40:92:09:b6:be: 8a:d0:83:1b:7d:32:c4:2e:57:fe:48:f2:cf:0a:2b: 23:2b:14:b3:f1:d6:00:f1:c4:fd:2b:c5:67:8d:54: 52:c7:3b:69:5b:d4:6a:cf:73:90:58:57:9f:5c:5b: 4a:99:c6:8f:c6:8b:4f:68:e9:61:4a:c8:fb:f0:4c: 1f:c3:06:27:b8:2f:97:78:0a:56:1c:5a:ce:12:d3: 2e:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:2F:D6:F7:EA:35:03:53:F3:84:BD:DE:75:00:A6:08:F1:90:A5:E3 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/90e88caa-70b7-406a-a161-a6118790ffdb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1008::/48 Signature Algorithm: sha256WithRSAEncryption 41:f2:e6:a1:2d:6a:4a:b5:70:69:84:1a:53:af:04:c8:f1:ab: cf:1d:18:19:c8:ed:ef:cb:56:cb:02:12:90:3b:25:4f:13:89: a2:88:74:81:28:2d:01:fc:b2:72:56:9f:0b:22:8a:1e:de:17: a9:0d:e2:87:49:25:6c:3f:31:42:b7:63:33:10:d6:36:f2:ac: 5e:62:9a:df:e5:cd:35:d2:89:f3:24:1c:b5:3c:fc:60:f1:c4: 5e:be:db:9c:64:ce:8e:db:d2:5c:41:87:63:af:f1:9a:d0:04: d8:03:bf:65:32:ef:32:c0:63:31:fa:2e:4f:d0:38:3b:f4:d8: 41:bc:0e:06:e4:b1:44:eb:3a:64:d2:89:89:88:9c:58:2d:a9: 4c:59:53:be:ac:c1:91:3f:78:55:bd:71:02:4b:d6:d0:f8:40: 3c:b4:03:de:61:bf:4b:c2:7f:bb:75:e1:4e:c3:2c:d2:df:ed: de:5b:8b:5b:32:bb:ba:86:9c:92:ab:f7:e1:f8:cd:13:b8:e5: 46:7c:45:b1:bc:2f:a1:da:13:26:7f:6c:da:70:20:8a:1c:db: e5:cc:0e:81:5f:10:6b:ca:1e:ba:0f:f3:d4:e5:34:5b:8e:0b: d1:5a:84:a6:d2:74:24:a6:2c:b3:bf:3e:9f:55:03:57:db:ef: 1b:1f:76:d7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITa/rHm4w9JIm3wgxo7cNo+jom4zANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTE4ODA2RjAwMDAxMTAvBgNVBAUTKEU3Q0FEQTVGMDg4 MUQ3N0JFQTQ4QjA3NjhBMzc2NkI1MDA2NUFGMDgwHhcNMjQxMTE4MDAwMDAwWhcN MjQxMjIzMjM1OTU5WjB6MUkwRwYDVQQFE0A4NDQ1MWE1Y2MwODE0MDZmMThjYzQ1 YzUwMDcyYzY4NTRkMWI5OTY0NTgxNDEzNmZmZWUyYzhhNzBjZGFkNmFiMS0wKwYD VQQDEyRiYjlhOTExNi1mNjE1LTQ2MmUtYTY4MC01MjY2YjMyN2UwZmEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCykansdDCrUf93eNu4M/0XVJDP8uA7 1jzDVlMlgC3N5qIqfcVZNwYaAOhCRPZJDMXB7hKTdYRbbqMj5OSkoOxMnML8UnqA MxJxGkUr+kuKNhhHuxRoi5yhfZjUmFyyqG57MT6n1hluJXeNeUeeO78wYJ8Tyr+D aUpaO8C7d6h2x22yi4pDSvtxMnV8/jw6USzGQHg6+t5bvOeeAKORxgmSduTKt/Pu 4Sre6eonJ7ZAkgm2vorQgxt9MsQuV/5I8s8KKyMrFLPx1gDxxP0rxWeNVFLHO2lb 1GrPc5BYV59cW0qZxo/Gi09o6WFKyPvwTB/DBie4L5d4ClYcWs4S0y7xAgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQUXi/W9+o1A1PzhL3edQCmCPGQpeMwHwYDVR0jBBgw FoAU58raXwiB13vqSLB2ijdmtQBlrwgwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyLzU4cmFYd2lC MTN2cVNMQjJpamRtdFFCbHJ3Zy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2Iv OTBlODhjYWEtNzBiNy00MDZhLWExNjEtYTYxMTg3OTBmZmRiLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzcwOGFhZmFmLTAwYjQtNDg1Yi04NTRjLTBiMzJj YTMwZjU3Yi8xMmU1OTAwMS0zNWFjLTRhYmYtODU4Zi0zN2I5NTVhMjRiM2YuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAkA7MAEAgwDQYJKoZIhvcNAQELBQADggEBAEHy5qEtakq1cGmEGlOv BMjxq88dGBnI7e/LVssCEpA7JU8TiaKIdIEoLQH8snJWnwsiih7eF6kN4odJJWw/ MUK3YzMQ1jbyrF5imt/lzTXSifMkHLU8/GDxxF6+25xkzo7b0lxBh2Ov8ZrQBNgD v2Uy7zLAYzH6Lk/QODv02EG8DgbksUTrOmTSiYmInFgtqUxZU76swZE/eFW9cQJL 1tD4QDy0A95hv0vCf7t14U7DLNLf7d5bi1syu7qGnJKr9+H4zRO45UZ8RbG8L6Ha EyZ/bNpwIIoc2+XMDoFfEGvKHroP89TlNFuOC9FahKbSdCSmLLO/Pp9VA1fb7xsf dtc= -----END CERTIFICATE-----Generated at Thu Nov 21 18:50:37 2024 by rpki-client on console-ams.rpki-client.org