$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa File: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (raw, json) Hash identifier: OkljDSZCNw+GbS/Theo4Zf3DAACZ58Yvb2IIyx4cpVg= Subject key identifier: 00:C0:C4:05:29:A4:07:A9:87:1F:69:95:29:85:AB:9E:7C:32:C2:28 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 50985ED4E24AE21D0430C8096C3648DCEE7693E5 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:98:5e:d4:e2:4a:e2:1d:04:30:c8:09:6c:36:48:dc:ee:76:93:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=fc6d1cda34d3ab46db07ad535ac449335333457e8b82e134176135413b0626e1, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:00:49:fb:87:8e:ef:28:6c:32:e1:56:c9:39: 7b:a4:9b:ba:35:cb:85:49:43:1e:1d:79:0a:f4:7d: 81:38:61:18:23:d0:a1:e6:d7:0c:07:fe:c2:c3:3a: 15:72:cb:df:36:63:f9:ca:93:b4:9f:c1:67:42:fa: d8:1e:b4:be:65:a7:d7:7b:c3:4e:b0:7c:84:8f:00: e6:91:bc:78:bc:9d:22:97:a1:6e:8b:df:98:1c:50: 0c:1e:ed:d7:54:d2:08:dd:15:06:52:e7:62:48:1d: d6:f9:c6:7c:7c:6a:09:a2:dd:56:3d:41:ac:b9:53: 66:86:37:ef:8e:92:d9:b5:71:08:47:d6:6f:b8:d1: d6:48:e8:20:ac:40:43:08:c8:21:99:8f:37:b4:77: fb:9a:e1:cb:18:a2:22:4b:1e:10:c9:fe:9d:2c:5c: 8f:3f:09:ca:c5:73:37:fa:cc:3f:1a:b1:73:2b:64: e3:b2:d1:35:ad:46:dd:0c:ef:5c:ef:7d:0d:8a:5f: 80:d5:6b:be:f1:10:37:7b:71:1a:ce:27:bc:84:3b: 15:48:a9:8e:66:bd:eb:f1:20:31:48:71:7b:60:1a: 9c:0d:83:12:6f:29:55:56:04:80:cc:73:d8:8f:50: 21:89:08:41:a3:a9:5e:b3:6b:13:59:5e:62:9d:aa: 5d:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:C0:C4:05:29:A4:07:A9:87:1F:69:95:29:85:AB:9E:7C:32:C2:28 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fe:4000::/40 Signature Algorithm: sha256WithRSAEncryption b7:2f:3a:fe:4a:17:ad:25:7e:89:05:07:a4:5c:21:ad:83:12: e5:24:f0:86:56:87:56:ce:a8:cf:9b:03:d6:85:0e:9d:b9:d9: 79:11:c7:c0:d8:eb:8a:ee:08:e7:ca:ac:f9:81:90:b8:a7:62: 6f:93:73:d9:9c:ca:6a:8e:c2:25:06:cb:44:7c:6d:56:a2:d7: 4a:a0:57:48:5a:8a:ea:9d:12:90:22:05:a2:65:95:0a:b3:a0: 48:7d:7a:de:86:93:93:52:48:3b:63:17:23:f1:86:b7:db:0a: c7:bd:5e:11:c3:05:ee:d2:9e:a0:66:bd:30:55:4e:1b:3d:a9: 9b:af:a0:66:7b:f4:55:a6:b5:c3:3a:e3:4e:60:37:9f:e8:fa: b5:8c:20:2f:76:6b:9e:33:f4:00:f5:a7:4e:fe:c7:3a:ec:4e: 7d:d3:1e:87:18:77:06:2e:79:2b:7d:4b:ad:b9:62:00:35:13: b8:4b:6d:6b:da:f6:46:57:fa:39:e5:a6:82:ad:fc:ea:fd:92: 5d:15:fa:7c:92:39:20:ae:40:15:f4:80:e5:2f:dd:5a:fa:e1: 4e:92:19:3b:75:f5:1c:14:a4:9d:62:cf:7a:e9:43:cc:08:ae: 30:46:bd:e7:e5:70:b5:48:78:e1:9c:fb:c2:61:05:86:bc:61: 09:d5:f8:6e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUJhe1OJK4h0EMMgJbDZI3O52k+UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAZmM2ZDFjZGEzNGQzYWI0NmRiMDdh ZDUzNWFjNDQ5MzM1MzMzNDU3ZThiODJlMTM0MTc2MTM1NDEzYjA2MjZlMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQBJ+4eO7yhsMuFWyTl7pJu6NcuF SUMeHXkK9H2BOGEYI9Ch5tcMB/7CwzoVcsvfNmP5ypO0n8FnQvrYHrS+ZafXe8NO sHyEjwDmkbx4vJ0il6Fui9+YHFAMHu3XVNII3RUGUudiSB3W+cZ8fGoJot1WPUGs uVNmhjfvjpLZtXEIR9ZvuNHWSOggrEBDCMghmY83tHf7muHLGKIiSx4Qyf6dLFyP PwnKxXM3+sw/GrFzK2TjstE1rUbdDO9c730Nil+A1Wu+8RA3e3Eazie8hDsVSKmO Zr3r8SAxSHF7YBqcDYMSbylVVgSAzHPYj1AhiQhBo6les2sTWV5inapdbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFADAxAUppAephx9plSmFq558MsIoMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M4ODZmZGNjLWQ5YzQtNDg1YS1hOTQxLTdhYTJjN2QwOTNlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/kAwDQYJKoZIhvcNAQELBQADggEBALcvOv5KF60lfokFB6Rc Ia2DEuUk8IZWh1bOqM+bA9aFDp252XkRx8DY64ruCOfKrPmBkLinYm+Tc9mcymqO wiUGy0R8bVai10qgV0haiuqdEpAiBaJllQqzoEh9et6Gk5NSSDtjFyPxhrfbCse9 XhHDBe7SnqBmvTBVThs9qZuvoGZ79FWmtcM6405gN5/o+rWMIC92a54z9AD1p07+ xzrsTn3THocYdwYueSt9S625YgA1E7hLbWva9kZX+jnlpoKt/Or9kl0V+nySOSCu QBX0gOUv3Vr64U6SGTt19RwUpJ1iz3rpQ8wIrjBGveflcLVIeOGc+8JhBYa8YQnV +G4= -----END CERTIFICATE-----Generated at Fri Nov 22 01:34:50 2024 by rpki-client on console-ams.rpki-client.org