$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: OAkrSpeLWi54sMxYczLg0jhIyoywxuM8RQQ50KDfX00= Subject key identifier: DF:BB:EB:3D:AA:8E:BB:94:32:0E:D9:70:F1:35:3D:13:C5:56:57:49 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: C6FEE5490D51900310DC83AC76F0794FECBDD2 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Tue 05 Nov 2024 00:00:00 +0000 ROA not before: Tue 05 Nov 2024 00:00:00 +0000 ROA not after: Tue 10 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:23:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: c6:fe:e5:49:0d:51:90:03:10:dc:83:ac:76:f0:79:4f:ec:bd:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Nov 5 00:00:00 2024 GMT Not After : Dec 10 23:59:59 2024 GMT Subject: serialNumber=3c625185e0f2796ac2301c6303f2f3b7cd38b5282e9c749770a5e0361f32426d, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:60:ce:1f:0d:e6:12:c2:25:c6:10:5c:41:d8: d3:66:32:bc:f5:ba:35:36:20:3e:0b:ae:66:fe:81: 91:58:ce:81:d3:66:f5:bd:06:a9:c3:e8:0f:3f:83: 3a:0b:1d:b2:8e:fd:57:6f:fb:4f:ac:ba:0e:2e:d8: ef:41:47:dc:68:c6:0a:ff:78:41:d6:6e:73:f8:2a: 66:43:e0:6a:40:e4:0c:50:b7:11:0f:f6:ad:5c:4c: 0a:21:99:b9:44:48:f8:9a:7a:b8:83:d2:03:e8:b6: 0a:aa:70:d4:84:87:01:5c:b1:34:68:0f:c8:80:b9: 57:58:fb:1f:0e:d4:9e:41:76:bf:60:83:9f:f0:ab: 6b:ed:19:25:51:90:98:2b:4b:0d:65:25:9e:f7:ca: 1f:09:40:96:3f:bc:bc:9a:ef:2c:fa:6a:80:d2:3b: 48:2a:9f:0f:fa:74:a8:5c:85:60:be:20:cf:49:d4: 99:bb:90:78:1d:f1:3b:6d:b7:06:51:5a:c7:27:4f: 56:77:79:2e:04:6c:e8:d1:d9:46:8d:7a:05:ba:26: 34:1e:9c:e9:16:51:53:62:0c:1d:93:2d:d4:0b:1b: 25:80:2c:73:07:7f:0f:4a:05:4d:e2:0e:2f:73:d1: ab:13:80:ac:c1:9a:d4:4a:ea:aa:47:a5:8e:d8:55: a6:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:BB:EB:3D:AA:8E:BB:94:32:0E:D9:70:F1:35:3D:13:C5:56:57:49 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption b6:62:ca:f1:fa:14:22:d9:e8:78:25:06:56:92:09:a0:ef:ca: f5:f0:86:b7:a7:08:b9:7c:a1:61:55:75:3a:8d:96:90:2f:06: ad:7a:5f:16:56:c1:3c:5f:0e:bb:31:86:c5:51:a6:5b:50:21: 4b:d5:c7:4a:aa:60:87:32:cf:7c:f1:cc:d3:16:70:62:35:e5: 06:6f:5a:5b:55:3c:30:54:57:63:53:c3:a6:3a:e2:e6:4d:1d: af:40:9b:17:8f:54:dd:38:5a:4c:06:10:02:29:6b:f9:e4:5e: 53:78:0c:c3:2c:2e:f3:bb:f0:12:10:02:49:b7:16:00:88:4f: 5d:e1:a0:6a:a3:99:db:f1:c1:73:0c:11:f5:18:c4:55:9a:45: 82:d7:3e:65:48:fe:6c:1d:47:6c:8a:3f:3c:8b:7a:e2:ca:a6: 62:fe:59:26:1c:01:fe:74:17:5b:9c:fa:53:0a:4c:93:c6:be: ae:30:1f:c4:fa:ae:c1:9e:2d:60:ef:29:d1:b9:e6:62:89:5b: 2d:21:57:cf:d7:c2:0a:c5:92:40:1d:a2:b1:db:93:08:bc:fd: 74:3d:87:ba:f2:c4:01:2a:d2:5b:06:43:7b:13:7a:ea:f3:f9: 5b:25:85:9d:48:70:20:76:e4:66:92:eb:20:37:86:6f:e4:35: d9:6c:69:8a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAMb+5UkNUZADENyDrHbweU/svdIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEwNTAwMDAwMFoX DTI0MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAM2M2MjUxODVlMGYyNzk2YWMyMzAx YzYzMDNmMmYzYjdjZDM4YjUyODJlOWM3NDk3NzBhNWUwMzYxZjMyNDI2ZDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWDOHw3mEsIlxhBcQdjTZjK89bo1 NiA+C65m/oGRWM6B02b1vQapw+gPP4M6Cx2yjv1Xb/tPrLoOLtjvQUfcaMYK/3hB 1m5z+CpmQ+BqQOQMULcRD/atXEwKIZm5REj4mnq4g9ID6LYKqnDUhIcBXLE0aA/I gLlXWPsfDtSeQXa/YIOf8Ktr7RklUZCYK0sNZSWe98ofCUCWP7y8mu8s+mqA0jtI Kp8P+nSoXIVgviDPSdSZu5B4HfE7bbcGUVrHJ09Wd3kuBGzo0dlGjXoFuiY0Hpzp FlFTYgwdky3UCxslgCxzB38PSgVN4g4vc9GrE4CswZrUSuqqR6WO2FWm6QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN+76z2qjruUMg7ZcPE1PRPFVldJMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQC2Ysrx+hQi2eh4JQZW kgmg78r18Ia3pwi5fKFhVXU6jZaQLwatel8WVsE8Xw67MYbFUaZbUCFL1cdKqmCH Ms988czTFnBiNeUGb1pbVTwwVFdjU8OmOuLmTR2vQJsXj1TdOFpMBhACKWv55F5T eAzDLC7zu/ASEAJJtxYAiE9d4aBqo5nb8cFzDBH1GMRVmkWC1z5lSP5sHUdsij88 i3riyqZi/lkmHAH+dBdbnPpTCkyTxr6uMB/E+q7Bni1g7ynRueZiiVstIVfP18IK xZJAHaKx25MIvP10PYe68sQBKtJbBkN7E3rq8/lbJYWdSHAgduRmkusgN4Zv5DXZ bGmK -----END CERTIFICATE-----Generated at Fri Nov 22 02:08:48 2024 by rpki-client on console-fra.rpki-client.org