$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f8620d2a-ea0f-46ef-a270-0f639f977882.roa File: f8620d2a-ea0f-46ef-a270-0f639f977882.roa (raw, json) Hash identifier: rilpxeTrpfsbkbi04CMvN2zYBzbGhvOuzDm+yRTpkbY= Subject key identifier: 63:D1:12:CA:93:6A:29:E0:42:32:A3:21:F7:D8:0B:F9:51:9A:6C:13 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2251E107143C5565A60FBC65669FC04AA1BE8130 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f8620d2a-ea0f-46ef-a270-0f639f977882.roa Signing time: Fri 22 Nov 2024 00:00:00 +0000 ROA not before: Fri 22 Nov 2024 00:00:00 +0000 ROA not after: Fri 27 Dec 2024 23:59:59 +0000 asID: 8987 IP address blocks: 240f:8000::/24 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:51:e1:07:14:3c:55:65:a6:0f:bc:65:66:9f:c0:4a:a1:be:81:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 22 00:00:00 2024 GMT Not After : Dec 27 23:59:59 2024 GMT Subject: serialNumber=7c824721bebc5b8f56adf36a0741b8f91320a6cc0a9f62078f51fdcde0efdefe, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ec:66:88:dc:99:23:7f:9b:4b:00:d0:ce:f0: 96:d2:10:c4:62:be:7d:dc:a1:fd:4b:d3:76:9f:05: 08:d9:b7:cd:56:23:e6:0e:47:0d:ba:93:2b:ec:da: 17:f9:ca:78:a7:fa:ae:4c:22:57:52:9b:bd:d5:33: 20:fe:5a:75:f1:16:90:16:1a:87:f1:83:8b:b1:56: b4:9e:04:54:a6:6f:e1:b4:3e:7c:4f:c9:3e:55:45: 0e:7f:cc:4f:83:7a:24:a2:5c:0b:a6:1b:e6:2a:c5: fd:4d:b8:fa:c3:0c:30:ba:30:ea:de:d2:ce:4e:e1: 5c:d6:f8:8d:9f:6d:98:5a:4c:6e:f3:fd:7f:f1:fa: 78:b6:66:fd:e3:ad:68:25:23:e7:5e:62:0d:b8:50: 4e:3f:6d:83:81:cf:93:cf:ff:9a:1c:b2:ca:9f:83: da:8f:7a:26:16:b8:86:97:68:38:16:a6:b3:2c:1a: 54:6c:a1:11:db:c8:bd:1d:d6:d4:a0:dc:a4:21:06: f2:5a:51:eb:46:bc:0a:2d:e2:ce:df:39:cf:ad:49: 1b:25:00:26:5a:ac:c6:4c:ca:51:31:81:70:a2:6a: 79:24:da:96:8a:7e:12:c6:49:5f:d3:bf:5f:df:fd: 0d:50:4b:15:97:f6:39:a2:53:a8:fc:05:8f:b9:6b: 77:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:D1:12:CA:93:6A:29:E0:42:32:A3:21:F7:D8:0B:F9:51:9A:6C:13 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f8620d2a-ea0f-46ef-a270-0f639f977882.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000::/24 Signature Algorithm: sha256WithRSAEncryption 6a:18:41:62:5b:19:a7:b3:f5:92:ad:83:a6:42:35:e9:2a:a5: 56:5b:5b:0c:55:ad:44:b7:f6:9f:28:92:cb:8a:35:fd:81:40: 70:19:8b:c9:c2:e0:18:5a:e2:37:8a:0f:4a:b4:5f:bf:10:1e: bf:e8:30:64:92:43:a2:fc:57:41:f6:51:6d:f6:9a:be:4d:a1: 91:4b:22:73:30:46:8d:ab:4f:14:79:5e:8c:ee:ac:c9:b3:c1: bc:e7:43:ea:11:08:e8:dd:d4:fb:68:b2:72:61:e7:59:0e:7d: a8:37:27:fd:02:82:a9:da:26:d1:cc:1d:9e:52:9e:bc:9d:96: c9:07:99:3c:22:18:0c:60:a6:61:dd:0a:3a:af:73:13:b7:32: 9f:3a:10:70:4c:52:8f:7a:b2:20:e3:54:3d:99:89:a8:67:ac: 0f:c3:dc:21:66:2e:2f:bb:29:57:94:9a:31:ac:ac:5b:e2:a1: 6c:e8:ad:40:80:8f:b3:eb:c8:4c:cb:5b:d0:fe:58:8c:67:c9: 67:c8:11:af:c1:c2:94:05:7a:3d:46:0e:22:73:59:74:97:a7: 26:0d:22:1f:2e:49:8a:45:42:72:6a:e8:f4:b7:e2:61:4e:d6: b2:8a:66:ac:bc:09:22:65:d8:c8:eb:f0:7f:e6:5c:b8:42:93: 81:40:c9:69 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUIlHhBxQ8VWWmD7xlZp/ASqG+gTAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTEyMjAwMDAwMFoX DTI0MTIyNzIzNTk1OVowejFJMEcGA1UEBRNAN2M4MjQ3MjFiZWJjNWI4ZjU2YWRm MzZhMDc0MWI4ZjkxMzIwYTZjYzBhOWY2MjA3OGY1MWZkY2RlMGVmZGVmZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuxmiNyZI3+bSwDQzvCW0hDEYr59 3KH9S9N2nwUI2bfNViPmDkcNupMr7NoX+cp4p/quTCJXUpu91TMg/lp18RaQFhqH 8YOLsVa0ngRUpm/htD58T8k+VUUOf8xPg3okolwLphvmKsX9Tbj6wwwwujDq3tLO TuFc1viNn22YWkxu8/1/8fp4tmb9461oJSPnXmINuFBOP22Dgc+Tz/+aHLLKn4Pa j3omFriGl2g4FqazLBpUbKER28i9HdbUoNykIQbyWlHrRrwKLeLO3znPrUkbJQAm WqzGTMpRMYFwomp5JNqWin4Sxklf079f3/0NUEsVl/Y5olOo/AWPuWt3VwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGPREsqTaingQjKjIffYC/lRmmwTMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2Y4NjIwZDJhLWVhMGYtNDZlZi1hMjcwLTBmNjM5Zjk3Nzg4Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAAjAGAwQAJA+AMA0GCSqGSIb3DQEBCwUAA4IBAQBqGEFiWxmns/WSrYOmQjXp KqVWW1sMVa1Et/afKJLLijX9gUBwGYvJwuAYWuI3ig9KtF+/EB6/6DBkkkOi/FdB 9lFt9pq+TaGRSyJzMEaNq08UeV6M7qzJs8G850PqEQjo3dT7aLJyYedZDn2oNyf9 AoKp2ibRzB2eUp68nZbJB5k8IhgMYKZh3Qo6r3MTtzKfOhBwTFKPerIg41Q9mYmo Z6wPw9whZi4vuylXlJoxrKxb4qFs6K1AgI+z68hMy1vQ/liMZ8lnyBGvwcKUBXo9 Rg4ic1l0l6cmDSIfLkmKRUJyauj0t+JhTtayimasvAkiZdjI6/B/5ly4QpOBQMlp -----END CERTIFICATE-----Generated at Fri Nov 22 01:34:50 2024 by rpki-client on console-ams.rpki-client.org