$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: TK2aGI7qMz/8ROO/M+MaYuL1mDwCJvIJEL6TDRYPdg8= Subject key identifier: B3:5D:21:51:21:DA:27:4D:B0:8C:97:A2:2A:C5:CE:07:56:44:48:59 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0F1496D3E97F6DBD2324A642E4D8ABF1860D0517 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Fri 22 Nov 2024 00:00:00 +0000 ROA not before: Fri 22 Nov 2024 00:00:00 +0000 ROA not after: Fri 27 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:14:96:d3:e9:7f:6d:bd:23:24:a6:42:e4:d8:ab:f1:86:0d:05:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 22 00:00:00 2024 GMT Not After : Dec 27 23:59:59 2024 GMT Subject: serialNumber=3d1a03e9d95cadf239e68ac7cdb47bc4a389cc73e025f435206a36f6f9a7b3f5, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:37:b3:2c:68:d0:1c:2d:5e:2d:20:5c:1e:17: f6:45:c8:29:65:18:a0:d0:21:de:d5:fb:44:49:ab: 53:36:21:0c:02:b9:82:92:02:c4:0f:bc:28:49:0f: 4b:7d:82:c2:86:45:3b:8c:76:67:6c:42:40:e3:b8: 73:31:82:95:5a:16:4e:57:6b:16:36:b0:2a:70:ba: 1a:32:03:ae:ad:ba:c4:fa:24:53:e6:78:f1:90:b6: f6:c1:19:aa:d5:bd:91:f6:54:02:7b:0f:4f:e1:55: 39:22:c1:15:11:4a:f8:a9:df:45:94:ba:23:83:cd: cf:60:5b:24:5f:6b:60:97:9f:f9:5f:2c:a4:de:1c: 44:a6:09:3e:e8:86:b4:a9:93:63:9f:f9:d0:aa:2e: 2c:ec:9c:75:60:6e:54:52:e4:95:76:b6:2e:a7:2c: 09:eb:27:c6:b2:8f:5a:b1:67:57:3c:96:4d:3f:f2: 1e:f8:33:70:21:fe:75:9a:25:b7:e2:65:eb:f2:86: 69:e3:79:10:5e:36:7a:c2:60:e4:32:a9:09:a4:d4: 24:72:3d:0b:d8:e3:4b:89:af:c8:5a:34:bd:e9:66: b8:15:1b:ba:9a:80:c8:14:fa:d8:bb:2a:c9:3f:b6: 9b:7b:fd:df:2a:f2:b7:14:f8:54:ef:04:1d:7a:4e: 8e:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:5D:21:51:21:DA:27:4D:B0:8C:97:A2:2A:C5:CE:07:56:44:48:59 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption 25:00:73:54:86:09:fe:4e:08:93:29:ca:fb:d2:8f:14:99:27: 5d:fc:0e:50:ad:72:bc:f6:97:c4:bf:7c:a9:a9:a5:ea:12:48: 26:70:3a:6e:2b:a9:0e:40:74:ce:0f:ec:17:a1:e5:53:f3:12: 09:38:8c:29:95:06:4b:fa:17:c0:8f:f8:2d:d1:8e:2b:f9:62: b1:4d:ad:b7:d9:94:70:83:66:64:fb:ba:b9:f7:69:f5:08:f5: ca:60:e2:55:fe:73:54:0c:7e:f2:ea:b3:5a:fe:02:e4:7c:4a: b5:e3:29:09:46:35:17:c7:15:d5:a6:87:1e:6d:1b:31:99:a3: 94:c1:3d:f5:54:01:cd:2b:2e:f1:24:18:59:a9:33:13:37:58: 0f:91:70:fc:12:6c:b9:96:24:3f:46:fc:9e:d2:9d:36:83:31: 53:fb:66:38:24:f7:05:fc:ca:56:ef:30:8d:82:03:6d:71:5b: 5c:13:09:78:ac:85:45:77:68:2d:ce:4c:80:a9:42:be:e9:c5: d7:3a:9c:eb:bf:72:3a:7b:7a:2e:77:64:5b:ae:1b:e5:00:dd: c2:90:1c:a3:7f:6d:ae:12:dd:9c:42:da:cd:51:cb:1d:d7:3d: 8d:2b:3a:70:56:2c:2d:43:01:01:6b:8f:e8:98:b7:c0:ca:e4: 40:97:61:47 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDxSW0+l/bb0jJKZC5Nir8YYNBRcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTEyMjAwMDAwMFoX DTI0MTIyNzIzNTk1OVowejFJMEcGA1UEBRNAM2QxYTAzZTlkOTVjYWRmMjM5ZTY4 YWM3Y2RiNDdiYzRhMzg5Y2M3M2UwMjVmNDM1MjA2YTM2ZjZmOWE3YjNmNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jezLGjQHC1eLSBcHhf2RcgpZRig 0CHe1ftESatTNiEMArmCkgLED7woSQ9LfYLChkU7jHZnbEJA47hzMYKVWhZOV2sW NrAqcLoaMgOurbrE+iRT5njxkLb2wRmq1b2R9lQCew9P4VU5IsEVEUr4qd9FlLoj g83PYFskX2tgl5/5Xyyk3hxEpgk+6Ia0qZNjn/nQqi4s7Jx1YG5UUuSVdrYupywJ 6yfGso9asWdXPJZNP/Ie+DNwIf51miW34mXr8oZp43kQXjZ6wmDkMqkJpNQkcj0L 2ONLia/IWjS96Wa4FRu6moDIFPrYuyrJP7abe/3fKvK3FPhU7wQdek6O1QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLNdIVEh2idNsIyXoirFzgdWREhZMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBACUAc1SGCf5OCJMpyvvS jxSZJ138DlCtcrz2l8S/fKmppeoSSCZwOm4rqQ5AdM4P7Beh5VPzEgk4jCmVBkv6 F8CP+C3Rjiv5YrFNrbfZlHCDZmT7urn3afUI9cpg4lX+c1QMfvLqs1r+AuR8SrXj KQlGNRfHFdWmhx5tGzGZo5TBPfVUAc0rLvEkGFmpMxM3WA+RcPwSbLmWJD9G/J7S nTaDMVP7Zjgk9wX8ylbvMI2CA21xW1wTCXishUV3aC3OTICpQr7pxdc6nOu/cjp7 ei53ZFuuG+UA3cKQHKN/ba4S3ZxC2s1Ryx3XPY0rOnBWLC1DAQFrj+iYt8DK5ECX YUc= -----END CERTIFICATE-----Generated at Fri Nov 22 01:34:50 2024 by rpki-client on console-ams.rpki-client.org