$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa File: 2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa (raw, json) Hash identifier: b8+ya+RpajXJK4GkcS4eUIPOxX9FW8O1/rWLjkPyKg0= Subject key identifier: 63:19:62:41:49:5C:1B:CB:22:C9:0F:1A:B7:53:9D:CF:3F:9D:52:19 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 178C37659F0300B966084AFE72182447BC751E54 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:31:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:8c:37:65:9f:03:00:b9:66:08:4a:fe:72:18:24:47:bc:75:1e:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=cf0a3749354c46b0315d313f5e1e6b14ded20924f53d4c2f8f502f9bcda29b38, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:df:11:00:eb:4f:2f:e1:25:91:33:d1:33:75: cb:3a:1e:37:e8:ae:f3:f1:a5:02:3b:47:e3:14:1b: 5b:e1:03:ce:9b:95:99:77:a9:e6:94:15:ec:42:2d: c7:12:52:2f:a4:43:99:b0:66:a9:d4:27:59:13:17: 3f:ee:55:fd:5f:f2:81:9d:43:5f:6b:67:ab:20:d2: a8:98:ae:22:5c:c5:1c:9b:de:b3:f6:24:7e:6b:cb: 79:7b:50:34:5a:61:93:48:6d:45:c7:4c:23:30:62: 3e:4d:7f:6a:d0:97:b7:20:ad:ac:16:9d:24:a5:a7: 0f:87:2e:36:41:4a:4b:67:ff:62:0e:58:31:a3:e2: 60:ac:85:3e:bf:30:da:6b:41:ea:4f:62:f5:2e:03: ed:46:b0:d8:d6:08:94:f6:ea:bf:f6:97:f9:7f:cd: 25:04:4f:08:0f:12:c7:7b:3b:77:f1:1e:f7:9b:20: c6:59:c5:ec:93:17:52:f6:e9:fb:c3:fe:ef:70:c5: 93:9b:1e:c6:20:1e:7a:bd:02:e0:88:6f:a7:92:bf: 86:fc:c6:a1:e9:15:4f:7e:f0:57:be:b8:fc:e5:3a: 2c:a7:67:9e:32:b9:9a:14:d0:6a:05:38:6c:25:19: 8f:d5:1d:36:46:2a:f3:5f:2c:51:db:1d:af:e9:90: 80:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:19:62:41:49:5C:1B:CB:22:C9:0F:1A:B7:53:9D:CF:3F:9D:52:19 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:8000::/40 Signature Algorithm: sha256WithRSAEncryption ac:02:94:2e:c8:54:fa:d6:9c:88:64:0a:82:cd:ce:3d:cf:6e: 33:fa:03:24:d3:68:9a:b2:fe:a7:94:46:c8:0a:cd:31:32:c7: 99:db:a6:9d:70:0d:98:1b:88:e7:7b:98:41:0a:7b:1e:84:af: 68:31:69:b6:13:74:4c:fd:84:bf:69:ec:96:b9:d8:00:d6:6e: ac:81:3e:d3:91:d3:98:bf:4d:9d:c1:3c:01:74:44:3d:1a:73: 85:5a:01:25:f0:41:2d:41:44:83:3d:7e:19:45:51:42:30:a0: a1:d2:37:fb:fa:ff:53:5a:69:ef:3f:f8:e7:26:a5:80:f7:0d: 0d:cd:42:03:62:a1:1f:f5:05:b7:78:a1:bc:6a:97:83:84:98: 2e:34:af:4d:de:d6:61:e9:23:ac:57:b9:46:22:ce:0a:e0:11: 97:cc:41:6f:46:48:d9:95:ab:ef:82:d6:38:cb:7f:70:a2:a7: 68:44:c7:cc:21:01:9b:40:9b:5d:a8:df:02:8f:94:52:34:b0: 8c:5d:6c:f5:9d:00:8b:7b:1b:3c:93:4e:6d:57:13:05:d1:e0: 17:33:fb:4f:03:c7:a1:c5:8f:34:b3:a8:f6:e7:ec:89:5c:6b: bb:25:5a:0c:ab:60:62:d1:73:8d:5f:83:1c:a3:cc:3e:80:16: d7:98:9f:f6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUF4w3ZZ8DALlmCEr+chgkR7x1HlQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAY2YwYTM3NDkzNTRjNDZiMDMxNWQz MTNmNWUxZTZiMTRkZWQyMDkyNGY1M2Q0YzJmOGY1MDJmOWJjZGEyOWIzODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA598RAOtPL+ElkTPRM3XLOh436K7z 8aUCO0fjFBtb4QPOm5WZd6nmlBXsQi3HElIvpEOZsGap1CdZExc/7lX9X/KBnUNf a2erINKomK4iXMUcm96z9iR+a8t5e1A0WmGTSG1Fx0wjMGI+TX9q0Je3IK2sFp0k pacPhy42QUpLZ/9iDlgxo+JgrIU+vzDaa0HqT2L1LgPtRrDY1giU9uq/9pf5f80l BE8IDxLHezt38R73myDGWcXskxdS9un7w/7vcMWTmx7GIB56vQLgiG+nkr+G/Mah 6RVPfvBXvrj85Tosp2eeMrmaFNBqBThsJRmP1R02RirzXyxR2x2v6ZCAGwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGMZYkFJXBvLIskPGrdTnc8/nVIZMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIyNDdmMzRmLWU1YjEtNDIzYy1hYzBmLTcxNDJhZDg2YmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+YAwDQYJKoZIhvcNAQELBQADggEBAKwClC7IVPrWnIhkCoLN zj3PbjP6AyTTaJqy/qeURsgKzTEyx5nbpp1wDZgbiOd7mEEKex6Er2gxabYTdEz9 hL9p7Ja52ADWbqyBPtOR05i/TZ3BPAF0RD0ac4VaASXwQS1BRIM9fhlFUUIwoKHS N/v6/1Naae8/+OcmpYD3DQ3NQgNioR/1Bbd4obxql4OEmC40r03e1mHpI6xXuUYi zgrgEZfMQW9GSNmVq++C1jjLf3Cip2hEx8whAZtAm12o3wKPlFI0sIxdbPWdAIt7 GzyTTm1XEwXR4Bcz+08Dx6HFjzSzqPbn7Ilca7slWgyrYGLRc41fgxyjzD6AFteY n/Y= -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:21 2024 by rpki-client on console-fra.rpki-client.org