$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/f88f0730-b125-42e8-9451-f0a369a3bbc1.roa File: f88f0730-b125-42e8-9451-f0a369a3bbc1.roa (raw, json) Hash identifier: u51wg3F2al8zWYCr+Pb1gFgLYrQ+DNx3N791j1Lmk4U= Subject key identifier: 81:61:CD:20:0E:EA:8F:63:61:F4:22:FD:B5:0A:70:58:31:82:97:AB Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 5DBBC597F7E20D0B3F1C09910609EE9CAB492388 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/f88f0730-b125-42e8-9451-f0a369a3bbc1.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 15:14:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:bb:c5:97:f7:e2:0d:0b:3f:1c:09:91:06:09:ee:9c:ab:49:23:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=d6c92ace3d38a9c056c29e9a8fd23ec0d666bc5fee626514c619980fff5c02cd, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:41:ec:97:28:4e:b5:99:e6:c3:4e:60:2d:5c: 66:7f:4c:57:fb:5f:88:4e:0c:32:2a:26:1a:e1:09: 42:33:e0:d8:b4:73:90:42:cd:db:18:32:9d:18:78: 77:93:d3:0e:07:fb:22:dd:c5:8e:d6:0b:f4:f4:35: 82:3d:95:ed:56:68:6b:1b:1e:b7:1e:c8:24:1a:6f: 97:13:89:43:f0:62:76:bf:bd:e9:4f:25:e8:04:93: a0:b4:fc:ca:2a:39:01:97:6d:54:e5:bf:02:08:81: 37:c5:59:48:e7:21:74:21:9b:b1:cc:c3:18:6c:ea: 55:ac:9c:84:24:bd:8b:d7:04:e9:4d:71:f0:53:b3: 8e:12:78:a7:8e:5e:c3:c2:c6:28:71:b9:f3:f4:25: 51:a4:d3:a2:ab:21:96:e4:eb:26:4c:9b:84:a8:1f: 7e:20:79:6b:86:f0:30:c0:cb:53:d1:cd:26:37:89: e7:26:a9:c1:11:fa:3c:a8:5b:c9:74:13:fe:85:6d: 4b:b2:c0:e2:4c:3b:b5:dc:bf:20:29:0a:47:20:b7: ce:38:7a:d9:ac:53:9f:b3:1d:85:d7:78:27:bf:63: b0:82:b0:f5:4a:20:70:58:67:04:d9:72:dd:ed:41: 0c:15:8b:b6:c9:f2:d6:1e:c1:8d:e6:ef:5b:92:c8: 26:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:61:CD:20:0E:EA:8F:63:61:F4:22:FD:B5:0A:70:58:31:82:97:AB X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/f88f0730-b125-42e8-9451-f0a369a3bbc1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300::/32 Signature Algorithm: sha256WithRSAEncryption 24:29:f0:33:02:d8:78:d6:f4:e2:1e:ad:da:30:1d:5a:7c:73: aa:74:68:11:a7:aa:0e:57:e9:38:4f:61:04:f7:32:60:dc:20: d2:75:a9:52:23:0a:69:78:82:bb:9c:3c:57:23:45:ee:ec:61: 72:34:22:02:99:23:7c:2c:1b:78:47:bb:72:19:0a:86:0f:c2: 36:25:ae:64:cb:1f:80:7a:d1:d2:b4:12:4a:b1:61:39:d1:23: ac:81:bd:fd:a8:30:56:16:33:c9:e3:39:19:d8:be:75:40:3d: f1:f3:96:d6:ba:fa:ed:8f:28:7e:bb:cf:a2:63:6c:0b:a1:f0: 7c:b5:60:b1:b3:b2:7e:dd:04:82:a9:55:53:8a:7f:37:35:37: f6:9d:2d:4c:12:7b:f5:dc:88:ea:a4:28:de:e7:b3:f3:d2:7a: 6d:82:73:24:36:c7:4c:e7:50:1b:72:0b:36:50:8a:2f:71:7b: 1b:3b:23:ab:e6:fb:3d:92:3d:45:5e:e6:2d:ec:7a:c3:57:4c: 0e:c1:0f:0b:55:52:e1:19:88:50:f6:d8:3b:a5:5b:ab:a2:10: cf:8c:d4:89:da:6c:3c:23:d4:cf:b3:73:07:69:14:82:3e:9b: 97:47:c9:7f:9f:95:88:97:8c:84:c1:5c:de:a5:1e:e3:1f:97: 5b:68:c1:f3 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUXbvFl/fiDQs/HAmRBgnunKtJI4gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAZDZjOTJhY2UzZDM4YTljMDU2YzI5 ZTlhOGZkMjNlYzBkNjY2YmM1ZmVlNjI2NTE0YzYxOTk4MGZmZjVjMDJjZDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0HslyhOtZnmw05gLVxmf0xX+1+I TgwyKiYa4QlCM+DYtHOQQs3bGDKdGHh3k9MOB/si3cWO1gv09DWCPZXtVmhrGx63 HsgkGm+XE4lD8GJ2v73pTyXoBJOgtPzKKjkBl21U5b8CCIE3xVlI5yF0IZuxzMMY bOpVrJyEJL2L1wTpTXHwU7OOEninjl7DwsYocbnz9CVRpNOiqyGW5OsmTJuEqB9+ IHlrhvAwwMtT0c0mN4nnJqnBEfo8qFvJdBP+hW1LssDiTDu13L8gKQpHILfOOHrZ rFOfsx2F13gnv2OwgrD1SiBwWGcE2XLd7UEMFYu2yfLWHsGN5u9bksgmrQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFIFhzSAO6o9jYfQi/bUKcFgxgperMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2Y4OGYwNzMwLWIxMjUtNDJlOC05NDUxLWYwYTM2OWEzYmJjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAOzADANBgkqhkiG9w0BAQsFAAOCAQEAJCnwMwLYeNb04h6t2jAd WnxzqnRoEaeqDlfpOE9hBPcyYNwg0nWpUiMKaXiCu5w8VyNF7uxhcjQiApkjfCwb eEe7chkKhg/CNiWuZMsfgHrR0rQSSrFhOdEjrIG9/agwVhYzyeM5Gdi+dUA98fOW 1rr67Y8ofrvPomNsC6HwfLVgsbOyft0EgqlVU4p/NzU39p0tTBJ79dyI6qQo3uez 89J6bYJzJDbHTOdQG3ILNlCKL3F7Gzsjq+b7PZI9RV7mLex6w1dMDsEPC1VS4RmI UPbYO6Vbq6IQz4zUidpsPCPUz7NzB2kUgj6bl0fJf5+ViJeMhMFc3qUe4x+XW2jB 8w== -----END CERTIFICATE-----Generated at Sun Nov 24 18:22:22 2024 by rpki-client on console-ams.rpki-client.org