$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fc41a047-335b-4f07-bd4d-51cf61bfc33f.roa File: fc41a047-335b-4f07-bd4d-51cf61bfc33f.roa (raw, json) Hash identifier: z5hsLRDYkn3vHp8fdYjI4K7QZnhgd72Up9xtEP1oUf0= Subject key identifier: 63:08:94:87:59:0B:7E:64:73:14:BD:2F:CA:89:5D:44:A6:03:96:10 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 68D3401429FD8F62DECC6DD661EA3480DDF614A8 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fc41a047-335b-4f07-bd4d-51cf61bfc33f.roa Signing time: Fri 22 Nov 2024 00:00:00 +0000 ROA not before: Fri 22 Nov 2024 00:00:00 +0000 ROA not after: Fri 27 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000::/24 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:31:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:d3:40:14:29:fd:8f:62:de:cc:6d:d6:61:ea:34:80:dd:f6:14:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 22 00:00:00 2024 GMT Not After : Dec 27 23:59:59 2024 GMT Subject: serialNumber=1585fddca100a0df58035a2dcb2b7555c5cc44b05d23497adb57f847e68ee4ef, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:01:1f:1b:83:ad:4f:ad:2e:92:b6:0e:92:88: 96:31:89:b5:2b:c0:6f:ab:e3:71:dd:dd:8b:95:ea: 0e:34:cd:1f:93:37:ad:04:02:ca:c6:d0:85:1b:76: 38:ba:6d:a0:c6:4a:ab:8d:e3:44:61:0a:75:6b:99: 8c:5e:3f:84:d8:26:81:00:7c:fc:3c:0b:b4:fc:b7: 5b:55:7f:47:be:a7:c6:34:8b:41:54:97:ac:75:d1: 8a:4c:35:73:2b:d8:59:46:9a:9f:90:84:06:eb:f3: 53:bb:6c:ca:35:5a:be:04:52:10:d3:27:ce:ed:28: 1c:b1:2f:9b:28:ab:ed:fd:5b:8b:9b:e5:33:27:ae: 13:5e:9c:19:71:d7:e3:67:e6:12:55:65:26:3a:e1: a6:8a:17:c7:f6:59:e5:80:9b:34:a3:45:e7:4e:07: a3:a7:3f:65:32:18:ff:1a:69:47:76:ee:f5:c4:c0: c9:e7:91:f1:f1:db:e1:a8:cc:20:03:9f:06:70:de: cb:d5:bf:2c:b8:58:3f:f9:4f:dc:23:6b:bd:18:47: 1f:ff:dd:bc:03:12:19:0b:f8:ea:71:22:54:c0:1b: a8:31:31:e8:87:7d:6a:4e:40:64:9b:04:9e:e5:ae: 65:22:49:57:cd:24:d6:e3:28:b7:17:b0:af:e3:d9: 99:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:08:94:87:59:0B:7E:64:73:14:BD:2F:CA:89:5D:44:A6:03:96:10 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fc41a047-335b-4f07-bd4d-51cf61bfc33f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000::/24 Signature Algorithm: sha256WithRSAEncryption 1a:38:4f:10:78:9e:fb:ad:15:d1:cf:f0:d9:d3:5c:ba:72:f7: b5:23:4a:be:43:4a:be:f9:24:c8:d4:7d:42:71:c9:2a:67:dc: 5b:bd:f9:69:e5:fc:01:8a:45:bf:d1:b9:61:8d:5d:72:36:26: c0:97:3f:ed:03:2d:3a:58:5a:07:5d:54:14:a4:f6:4d:b2:a8: d0:2b:3a:0f:14:9f:5a:9a:4d:91:c3:1f:93:87:b0:5a:af:98: 29:25:4c:3a:24:32:88:77:8e:e7:90:65:b5:df:1d:cc:70:a1: ba:14:0a:c0:72:a2:0a:12:8e:0b:dc:f8:97:76:09:17:1b:d8: 5c:90:28:e4:d5:e0:db:f8:c0:e3:46:ed:b3:f8:bd:ed:fb:9f: 70:32:66:e1:b0:6e:fa:05:8a:a9:05:ce:90:8f:1b:a7:49:e0: bf:49:11:32:72:2d:c1:c9:e5:6b:29:41:f4:11:5a:a2:24:db: 69:9b:57:43:ec:09:0a:55:d8:f1:68:ca:04:19:c4:81:63:a4: 0b:ab:60:c6:65:95:9d:fa:e5:c8:f6:3d:fe:56:06:3c:3c:82: a4:f1:8b:fa:f6:96:57:02:88:f6:a4:8c:8c:7c:71:18:eb:ee: 1b:cf:78:c8:56:48:68:a7:c9:22:7b:e5:75:90:49:9b:f2:1c: 2c:c7:83:df -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUaNNAFCn9j2LezG3WYeo0gN32FKgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTEyMjAwMDAwMFoX DTI0MTIyNzIzNTk1OVowejFJMEcGA1UEBRNAMTU4NWZkZGNhMTAwYTBkZjU4MDM1 YTJkY2IyYjc1NTVjNWNjNDRiMDVkMjM0OTdhZGI1N2Y4NDdlNjhlZTRlZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAEfG4OtT60ukrYOkoiWMYm1K8Bv q+Nx3d2LleoONM0fkzetBALKxtCFG3Y4um2gxkqrjeNEYQp1a5mMXj+E2CaBAHz8 PAu0/LdbVX9HvqfGNItBVJesddGKTDVzK9hZRpqfkIQG6/NTu2zKNVq+BFIQ0yfO 7SgcsS+bKKvt/VuLm+UzJ64TXpwZcdfjZ+YSVWUmOuGmihfH9lnlgJs0o0XnTgej pz9lMhj/GmlHdu71xMDJ55Hx8dvhqMwgA58GcN7L1b8suFg/+U/cI2u9GEcf/928 AxIZC/jqcSJUwBuoMTHoh31qTkBkmwSe5a5lIklXzSTW4yi3F7Cv49mZrQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGMIlIdZC35kcxS9L8qJXUSmA5YQMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2ZjNDFhMDQ3LTMzNWItNGYwNy1iZDRkLTUxY2Y2MWJmYzMzZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAAjAGAwQAJA+AMA0GCSqGSIb3DQEBCwUAA4IBAQAaOE8QeJ77rRXRz/DZ01y6 cve1I0q+Q0q++STI1H1CcckqZ9xbvflp5fwBikW/0blhjV1yNibAlz/tAy06WFoH XVQUpPZNsqjQKzoPFJ9amk2Rwx+Th7Bar5gpJUw6JDKId47nkGW13x3McKG6FArA cqIKEo4L3PiXdgkXG9hckCjk1eDb+MDjRu2z+L3t+59wMmbhsG76BYqpBc6Qjxun SeC/SREyci3ByeVrKUH0EVqiJNtpm1dD7AkKVdjxaMoEGcSBY6QLq2DGZZWd+uXI 9j3+VgY8PIKk8Yv69pZXAoj2pIyMfHEY6+4bz3jIVkhop8kie+V1kEmb8hwsx4Pf -----END CERTIFICATE-----Generated at Mon Nov 25 02:47:17 2024 by rpki-client on console-ams.rpki-client.org