$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/65f60eb5-aea2-48c7-83e9-3e1305e6dbea.roa File: 65f60eb5-aea2-48c7-83e9-3e1305e6dbea.roa (raw, json) Hash identifier: ynx17mt8h346GlOCZeqwNitzXr8FhcZiKfTGjzZPKG0= Subject key identifier: 64:DB:8F:D8:67:B9:1A:85:45:FE:D1:66:BD:0A:FD:0E:B0:79:E7:13 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 70D3FA9D5714C474B2AC24FD4648476BA55E4E92 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/65f60eb5-aea2-48c7-83e9-3e1305e6dbea.roa Signing time: Tue 12 Mar 2024 00:00:00 +0000 ROA not before: Tue 12 Mar 2024 00:00:00 +0000 ROA not after: Tue 16 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Mar 2024 03:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:d3:fa:9d:57:14:c4:74:b2:ac:24:fd:46:48:47:6b:a5:5e:4e:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Mar 12 00:00:00 2024 GMT Not After : Apr 16 23:59:59 2024 GMT Subject: serialNumber=ea45ed6cb0a897febd89a93563a2b26981c47cec34a93159ec85fbfe43b44efe, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:d5:71:b0:ff:45:f4:ef:c9:74:9b:ca:b3:24: c8:4d:a9:32:e1:f1:b5:1b:a6:f3:34:07:da:4e:64: e3:03:17:17:86:d7:8e:cc:0a:0a:9a:b4:bf:c4:d5: a1:38:37:2f:6e:66:e7:06:91:9d:26:c4:c5:a5:02: bc:bc:f9:95:d4:56:2d:3a:55:81:36:75:21:bf:64: cb:46:9d:89:20:52:4e:83:ed:d4:39:be:14:2e:61: a7:60:ab:39:19:28:f1:f3:10:1d:ba:54:32:6f:69: 02:56:57:cb:4a:dc:94:68:f8:49:9a:84:fd:c5:06: eb:e6:80:7c:d2:8a:c1:e9:d5:c2:9b:05:03:23:3a: ba:eb:65:79:79:8c:a3:4b:6d:82:ef:78:cb:1f:21: 2a:48:38:bb:b1:d1:09:b0:58:64:c6:c2:1f:43:6f: 36:95:cc:ec:1d:5a:5a:90:fc:39:de:f6:34:06:07: 66:0d:a2:12:c8:f2:79:82:b2:d4:fc:4a:81:2a:60: f9:83:7d:d0:3a:48:71:12:80:6f:cc:f8:06:05:e3: 6e:76:d2:23:0f:18:39:bd:2c:3a:25:26:e4:4a:c3: a3:57:91:04:22:e5:b4:c3:1f:e1:c9:87:54:6d:d3: d8:17:59:ab:7f:c2:c6:32:d1:d1:a9:a6:62:f3:89: 20:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:DB:8F:D8:67:B9:1A:85:45:FE:D1:66:BD:0A:FD:0E:B0:79:E7:13 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/65f60eb5-aea2-48c7-83e9-3e1305e6dbea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/36 Signature Algorithm: sha256WithRSAEncryption ad:f2:2d:4d:1f:6b:6c:86:86:39:b4:1a:f4:17:c8:f7:7d:70: b6:44:fa:0d:79:c6:ff:fe:fd:33:47:a9:5a:7f:19:0b:15:cb: 93:07:d3:b4:63:82:7a:f4:1f:df:45:72:20:39:fe:12:e1:1b: 22:e0:2a:a3:4d:aa:75:a5:8d:b5:f6:c6:ac:cd:33:34:b1:94: fd:94:c6:7b:bc:4c:9b:e3:07:ac:96:80:7d:1e:d1:24:9a:3d: d6:9e:50:9f:83:14:2f:14:17:63:20:d6:78:91:bc:9a:cc:f1: 51:0a:9d:58:65:00:51:a1:4f:54:2a:4a:9e:15:2a:cb:34:e7: 1d:7a:d8:ff:e7:e7:c5:f2:bd:10:2e:c9:fd:6e:cd:2a:93:58: 80:df:07:bf:32:12:ee:e0:47:3e:66:7d:39:00:43:73:40:94: 63:2d:f8:b6:d9:43:bb:4f:6d:0a:30:21:d5:60:bd:bf:62:cb: 28:ee:25:7d:49:2d:6f:b1:5f:97:52:c1:cf:c2:be:0e:3e:7e: 76:d7:61:0d:70:40:aa:19:26:55:15:72:df:47:c5:11:03:a8: 62:a6:5a:7a:d0:55:fd:2c:de:5e:8a:1e:9d:69:61:b2:c3:88: 72:24:ea:86:e4:ff:2f:f3:a2:8d:2d:4c:1c:0e:10:83:4f:d5: 6d:42:6a:9e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcNP6nVcUxHSyrCT9RkhHa6VeTpIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDMxMjAwMDAwMFoX DTI0MDQxNjIzNTk1OVowejFJMEcGA1UEBRNAZWE0NWVkNmNiMGE4OTdmZWJkODlh OTM1NjNhMmIyNjk4MWM0N2NlYzM0YTkzMTU5ZWM4NWZiZmU0M2I0NGVmZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdVxsP9F9O/JdJvKsyTITaky4fG1 G6bzNAfaTmTjAxcXhteOzAoKmrS/xNWhODcvbmbnBpGdJsTFpQK8vPmV1FYtOlWB NnUhv2TLRp2JIFJOg+3UOb4ULmGnYKs5GSjx8xAdulQyb2kCVlfLStyUaPhJmoT9 xQbr5oB80orB6dXCmwUDIzq662V5eYyjS22C73jLHyEqSDi7sdEJsFhkxsIfQ282 lczsHVpakPw53vY0BgdmDaISyPJ5grLU/EqBKmD5g33QOkhxEoBvzPgGBeNudtIj Dxg5vSw6JSbkSsOjV5EEIuW0wx/hyYdUbdPYF1mrf8LGMtHRqaZi84kgTwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGTbj9hnuRqFRf7RZr0K/Q6weecTMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzY1ZjYwZWI1LWFlYTItNDhjNy04M2U5LTNlMTMwNWU2ZGJlYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAK3yLU0fa2yGhjm0GvQX yPd9cLZE+g15xv/+/TNHqVp/GQsVy5MH07Rjgnr0H99FciA5/hLhGyLgKqNNqnWl jbX2xqzNMzSxlP2Uxnu8TJvjB6yWgH0e0SSaPdaeUJ+DFC8UF2Mg1niRvJrM8VEK nVhlAFGhT1QqSp4VKss05x162P/n58XyvRAuyf1uzSqTWIDfB78yEu7gRz5mfTkA Q3NAlGMt+LbZQ7tPbQowIdVgvb9iyyjuJX1JLW+xX5dSwc/Cvg4+fnbXYQ1wQKoZ JlUVct9HxREDqGKmWnrQVf0s3l6KHp1pYbLDiHIk6obk/y/zoo0tTBwOEINP1W1C ap4= -----END CERTIFICATE-----Generated at Wed Mar 27 15:59:30 2024 by rpki-client on console-fra.rpki-client.org