$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ba324b4e-d4cd-4df6-a846-89610642c7ba.roa File: ba324b4e-d4cd-4df6-a846-89610642c7ba.roa (raw, json) Hash identifier: AYIOOFzyHkjmn1KR42TyKNsWLrZotsyrl9YW4tADQpI= Subject key identifier: 1C:9A:C3:38:0C:E5:0A:E5:F0:2B:F9:5A:F4:46:E3:BC:FE:CC:D3:2E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4C4EB5AF55194C22C1B3E5C1033AC1AA4739D049 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ba324b4e-d4cd-4df6-a846-89610642c7ba.roa Signing time: Fri 22 Nov 2024 00:00:00 +0000 ROA not before: Fri 22 Nov 2024 00:00:00 +0000 ROA not after: Fri 27 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fc:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:4e:b5:af:55:19:4c:22:c1:b3:e5:c1:03:3a:c1:aa:47:39:d0:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 22 00:00:00 2024 GMT Not After : Dec 27 23:59:59 2024 GMT Subject: serialNumber=91609cbf7ca9e20be925856b8db5aebf3e1401cd6e7849d5e781dd0d828f904d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:fb:87:17:55:4c:07:49:5c:5a:6d:e2:40:90: 26:83:86:9f:6e:73:81:22:0f:b9:3c:fd:32:06:43: 39:29:a4:99:b9:80:af:9f:eb:a8:03:ad:fc:a0:4b: d9:a2:57:61:0a:d1:02:85:7e:47:16:b9:08:5f:c9: 34:84:5e:5d:0c:8d:61:9e:af:56:38:75:99:4c:96: 45:88:b4:02:d9:68:2f:9b:26:21:e7:45:4a:86:ed: bc:a2:43:e5:76:83:c1:04:16:08:d4:75:b8:ae:a3: a7:49:41:03:4c:1b:6e:99:52:8b:ae:36:de:93:7a: 11:b8:9b:3b:9c:5c:71:34:6f:9c:8c:50:58:9f:c7: 1a:fe:6d:0d:12:ac:39:3a:a7:3f:c0:09:23:79:00: b4:bc:c3:05:bc:6c:a2:7f:ff:4e:8b:f7:ea:a1:2c: 13:1b:5c:d4:40:08:10:cb:27:a5:b4:49:1c:c2:e5: 5b:0f:77:d1:5b:80:5f:63:1b:0a:13:18:e2:75:5c: 58:63:7d:43:25:70:5a:a3:ec:23:bc:6b:42:45:47: 87:ba:43:fe:4e:73:af:77:dd:9f:4d:d6:d9:d5:25: 4e:c6:25:0e:a6:17:45:dc:fc:e7:7e:75:c3:e3:b8: 90:45:04:ce:33:c9:fa:e7:33:bd:97:a1:7c:be:e2: fb:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:9A:C3:38:0C:E5:0A:E5:F0:2B:F9:5A:F4:46:E3:BC:FE:CC:D3:2E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ba324b4e-d4cd-4df6-a846-89610642c7ba.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fc:4000::/40 Signature Algorithm: sha256WithRSAEncryption 25:c8:43:7d:48:35:5d:84:c6:f5:d5:58:24:30:d6:a4:67:68: a7:e6:dc:0d:de:1e:d5:1d:f7:05:f4:a3:ef:99:22:6c:76:13: 05:44:18:1d:53:65:6c:96:15:69:da:64:50:47:d9:b6:79:e9: 6d:7f:14:a1:c7:a5:5f:16:6a:b0:02:58:bf:84:f4:b1:69:fb: 5c:9e:51:32:07:8b:a0:72:99:5e:51:f3:55:6c:4a:4d:4f:51: 3d:56:65:9b:fd:87:7d:f1:63:86:c7:d1:e8:f4:c4:c9:34:0b: 5a:51:16:d0:d4:40:10:39:46:bf:fb:6b:8e:de:73:35:29:11: 0f:05:2d:f7:20:44:f2:5d:0f:28:1a:00:59:ec:bf:50:ca:5a: d1:54:52:d4:2f:07:e5:23:98:4c:9c:65:0f:73:2a:31:9f:06: 7f:45:1f:98:83:13:23:4c:44:fe:17:a6:3a:89:77:a3:3d:1c: f9:da:a0:ea:2d:c4:91:18:3b:55:ef:f6:be:60:81:83:17:48: 9e:db:a0:a3:e1:e4:fd:69:9d:f0:4c:4e:00:0f:ac:75:f1:3d: 9b:5c:11:1e:27:7f:ee:6d:d2:e7:91:e1:36:e6:26:eb:c1:19: f2:6e:25:c0:86:6a:f8:b2:56:cc:2a:3a:a5:10:b4:59:05:27: 26:29:cc:36 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTE61r1UZTCLBs+XBAzrBqkc50EkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTEyMjAwMDAwMFoX DTI0MTIyNzIzNTk1OVowejFJMEcGA1UEBRNAOTE2MDljYmY3Y2E5ZTIwYmU5MjU4 NTZiOGRiNWFlYmYzZTE0MDFjZDZlNzg0OWQ1ZTc4MWRkMGQ4MjhmOTA0ZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPuHF1VMB0lcWm3iQJAmg4afbnOB Ig+5PP0yBkM5KaSZuYCvn+uoA638oEvZoldhCtEChX5HFrkIX8k0hF5dDI1hnq9W OHWZTJZFiLQC2WgvmyYh50VKhu28okPldoPBBBYI1HW4rqOnSUEDTBtumVKLrjbe k3oRuJs7nFxxNG+cjFBYn8ca/m0NEqw5Oqc/wAkjeQC0vMMFvGyif/9Oi/fqoSwT G1zUQAgQyyeltEkcwuVbD3fRW4BfYxsKExjidVxYY31DJXBao+wjvGtCRUeHukP+ TnOvd92fTdbZ1SVOxiUOphdF3PznfnXD47iQRQTOM8n65zO9l6F8vuL7mwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFByawzgM5Qrl8Cv5WvRG47z+zNMuMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2JhMzI0YjRlLWQ0Y2QtNGRmNi1hODQ2LTg5NjEwNjQyYzdiYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/EAwDQYJKoZIhvcNAQELBQADggEBACXIQ31INV2ExvXVWCQw 1qRnaKfm3A3eHtUd9wX0o++ZImx2EwVEGB1TZWyWFWnaZFBH2bZ56W1/FKHHpV8W arACWL+E9LFp+1yeUTIHi6BymV5R81VsSk1PUT1WZZv9h33xY4bH0ej0xMk0C1pR FtDUQBA5Rr/7a47eczUpEQ8FLfcgRPJdDygaAFnsv1DKWtFUUtQvB+UjmEycZQ9z KjGfBn9FH5iDEyNMRP4XpjqJd6M9HPnaoOotxJEYO1Xv9r5ggYMXSJ7boKPh5P1p nfBMTgAPrHXxPZtcER4nf+5t0ueR4TbmJuvBGfJuJcCGaviyVswqOqUQtFkFJyYp zDY= -----END CERTIFICATE-----Generated at Fri Nov 22 02:08:48 2024 by rpki-client on console-fra.rpki-client.org