$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa File: 57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa (raw, json) Hash identifier: s3V9ICvVfFSxfhWulbCUc5JWyM46vebkWn6bKAHi9pQ= Subject key identifier: 6D:70:25:47:25:D5:6B:0B:C7:BE:1E:29:62:B1:09:EB:EA:54:B5:C1 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3223124DA2DBFCEA4A8F428B0709EE9B30DACE17 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:23:12:4d:a2:db:fc:ea:4a:8f:42:8b:07:09:ee:9b:30:da:ce:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=4016cf4f9f6ede48d2cc811ef003d409e5544c73a412148334022a1d7405ea51, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:7f:1c:0e:08:fc:49:1f:a4:1c:a9:fe:f1:59: c3:4e:18:0b:f0:cf:3b:1c:10:8b:e9:2e:66:ff:51: 75:70:6d:7f:aa:f2:46:6c:f3:30:6c:38:c1:81:41: e0:53:89:d8:34:3e:42:ba:15:0b:83:87:e3:06:e2: 88:b4:20:1e:80:19:3a:36:1f:b5:a1:79:7e:79:6e: 0a:cb:63:0b:0a:e4:38:25:06:6a:63:9e:dc:61:30: 28:74:a7:92:7d:95:ce:ee:47:ce:35:1b:20:21:d9: 80:4e:10:f3:dc:f3:e7:43:49:c2:6f:05:b0:fc:79: 2a:9b:7a:be:4d:f4:00:6d:ce:c9:c9:55:18:1e:83: 9b:64:39:64:de:62:66:2f:23:1f:b3:0f:f7:73:e7: 4b:bb:c1:99:c7:d5:83:fd:7e:f3:c6:23:1f:1e:0e: c4:3b:40:db:bd:8e:17:cc:db:72:d5:47:0f:76:20: 25:ec:82:04:15:b9:36:13:1a:73:3c:4c:5c:f4:5b: 70:a4:8f:6b:26:3b:90:dd:98:5b:78:08:34:b1:ae: 1e:0d:7f:e1:00:22:d5:6f:9a:ec:56:12:d8:72:9c: 01:24:94:d0:6a:66:31:6c:8c:fd:8a:2d:51:1e:eb: 9f:df:32:30:31:a2:14:6a:72:35:07:fb:c8:c9:ec: 13:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:70:25:47:25:D5:6B:0B:C7:BE:1E:29:62:B1:09:EB:EA:54:B5:C1 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:8000::/40 Signature Algorithm: sha256WithRSAEncryption 26:64:a4:14:1b:20:5a:28:18:8b:95:be:b6:f0:b2:a9:b9:e2: 23:91:fc:9b:4b:50:12:3f:91:bd:1b:ef:9c:a6:67:1f:39:fd: 3f:6e:e6:89:4b:0b:2e:1e:db:68:44:fe:b5:6f:46:da:df:a4: 63:00:aa:96:a0:fa:21:c1:18:42:10:d0:a0:b5:1c:bd:c9:eb: b5:42:6b:3c:77:b0:79:78:60:69:3e:18:07:31:bc:17:b9:4c: dd:6d:fa:3e:71:90:55:ff:a4:2c:73:97:f8:16:ff:d9:d6:d2: cb:36:a7:86:98:80:2f:45:09:85:15:82:8e:5d:1d:db:47:0a: 6c:48:cf:55:d7:bf:e7:54:5f:d0:3f:04:97:e4:cc:d0:82:88: 57:e8:54:77:19:e1:aa:dc:70:bc:1c:71:f1:ff:76:93:ea:c9: 5c:55:1a:a8:49:7a:83:47:b9:c3:b5:c2:a9:7a:0a:36:33:00: 05:e7:82:d3:ef:13:26:c3:2a:41:eb:9b:c6:5e:43:eb:2b:cb: 2f:b6:35:8c:50:19:62:23:d0:33:6d:ae:1e:1e:d8:08:38:4a: 5d:40:16:ff:61:93:49:bb:dd:d9:42:7d:ab:ba:37:dc:b7:88: ec:49:5e:84:8b:5d:a9:2d:0d:04:dc:3e:be:39:dd:ae:ed:09: ab:b9:18:a0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMiMSTaLb/OpKj0KLBwnumzDazhcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNANDAxNmNmNGY5ZjZlZGU0OGQyY2M4 MTFlZjAwM2Q0MDllNTU0NGM3M2E0MTIxNDgzMzQwMjJhMWQ3NDA1ZWE1MTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwn8cDgj8SR+kHKn+8VnDThgL8M87 HBCL6S5m/1F1cG1/qvJGbPMwbDjBgUHgU4nYND5CuhULg4fjBuKItCAegBk6Nh+1 oXl+eW4Ky2MLCuQ4JQZqY57cYTAodKeSfZXO7kfONRsgIdmAThDz3PPnQ0nCbwWw /Hkqm3q+TfQAbc7JyVUYHoObZDlk3mJmLyMfsw/3c+dLu8GZx9WD/X7zxiMfHg7E O0DbvY4XzNty1UcPdiAl7IIEFbk2ExpzPExc9FtwpI9rJjuQ3ZhbeAg0sa4eDX/h ACLVb5rsVhLYcpwBJJTQamYxbIz9ii1RHuuf3zIwMaIUanI1B/vIyewTCQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG1wJUcl1WsLx74eKWKxCevqVLXBMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU3Zjg0MzNjLWYxNjItNGIxMC04NTI3LWZiZjdjZGJiNmFhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+IAwDQYJKoZIhvcNAQELBQADggEBACZkpBQbIFooGIuVvrbw sqm54iOR/JtLUBI/kb0b75ymZx85/T9u5olLCy4e22hE/rVvRtrfpGMAqpag+iHB GEIQ0KC1HL3J67VCazx3sHl4YGk+GAcxvBe5TN1t+j5xkFX/pCxzl/gW/9nW0ss2 p4aYgC9FCYUVgo5dHdtHCmxIz1XXv+dUX9A/BJfkzNCCiFfoVHcZ4arccLwccfH/ dpPqyVxVGqhJeoNHucO1wql6CjYzAAXngtPvEybDKkHrm8ZeQ+sryy+2NYxQGWIj 0DNtrh4e2Ag4Sl1AFv9hk0m73dlCfau6N9y3iOxJXoSLXaktDQTcPr453a7tCau5 GKA= -----END CERTIFICATE-----Generated at Fri Nov 22 01:34:50 2024 by rpki-client on console-ams.rpki-client.org