$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa File: 005a9212-fea0-4bc0-be12-084b81124b8f.roa (raw, json) Hash identifier: y+0rRXb95AEMp9SOfYxUUlTxxLQ/V9cbZLDQeZl2+Gs= Subject key identifier: F5:4D:2F:C7:C2:70:5D:87:04:88:2D:00:E1:EA:64:FF:B8:95:BE:CB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1A5483899710C42717DD54F9B00B07D109717964 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:7040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:54:83:89:97:10:c4:27:17:dd:54:f9:b0:0b:07:d1:09:71:79:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:82:04:5f:51:23:15:ad:5c:52:4c:6b:5d:21:d4: 62:4a:96:86:50:cd:6f:16:c6:7f:57:29:8c:80:43: dd:4a:5f:fe:00:72:c7:83:d0:19:5f:27:63:ab:08: b4:ca:4a:54:da:48:a7:1b:f1:15:95:35:52:83:6e: 15:8d:a8:53:6c:49:4c:6c:30:f9:49:ec:d9:05:a2: 89:a0:7c:db:e7:81:00:88:d1:34:e8:be:43:e9:e1: 14:ae:55:79:a3:61:5d:53:0f:28:f1:c0:23:6f:23: 44:39:5c:1f:3f:39:52:50:9e:a2:d0:1b:28:c7:87: 30:81:50:69:3b:73:73:14:99:d8:b5:ce:e3:5f:94: e3:32:72:5c:ea:ff:e2:7f:87:24:e7:1c:09:7c:53: ab:82:c7:89:81:c5:1c:16:75:96:cb:3b:81:00:55: 58:62:43:92:a6:fa:fc:1f:c4:59:1f:8c:72:1c:8c: a3:b4:59:4b:05:ff:f4:6a:9d:aa:33:20:35:e2:42: f7:2b:8a:57:0e:93:a6:01:71:99:f3:1d:f8:d7:1c: c2:0b:6b:7d:a0:17:e4:06:77:98:43:b0:2a:0f:9d: 9a:fa:01:c7:c8:66:bb:fb:b2:53:26:f4:db:db:22: 9e:6a:63:f2:95:95:3b:72:61:35:cc:23:27:86:22: de:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:4D:2F:C7:C2:70:5D:87:04:88:2D:00:E1:EA:64:FF:B8:95:BE:CB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:7040::/48 Signature Algorithm: sha256WithRSAEncryption 7e:16:65:8d:9e:bc:8d:e8:e7:9c:35:01:38:21:d9:ce:c5:27: 66:e4:9b:4d:a5:da:e5:75:4d:43:ce:7c:e5:79:f2:9c:12:26: 37:6b:f1:83:09:8a:be:99:1b:e4:69:fd:ce:fa:6c:88:f9:a3: 22:88:22:a6:df:86:48:da:ff:9d:57:89:d8:f1:79:e1:32:1e: b5:9a:60:b3:09:10:25:e7:de:8c:13:83:9f:2c:7c:cf:31:9f: ef:6b:c8:19:4f:9b:ec:ab:15:56:8d:55:1b:09:02:37:82:45: 60:1e:10:ab:e3:86:72:33:31:88:e4:97:4b:f3:81:85:31:c9: 43:0a:ca:07:53:12:12:ee:72:e8:30:b7:f4:26:38:21:79:96: de:77:34:1b:80:3a:fd:8f:4d:eb:80:8a:b3:05:17:e7:0d:9d: e7:4f:9a:e3:fd:fe:d7:a5:f2:06:8a:74:6c:63:fb:a3:32:af: 39:28:4a:48:04:3d:7a:8b:42:5e:53:bc:f5:25:b0:02:0a:58: 1f:cb:a6:11:d5:14:8e:1a:90:37:bc:bc:41:2a:51:9f:14:18: f4:d6:ff:9d:81:73:7d:f3:8c:0f:84:16:b5:0d:3b:a9:3c:a7: cf:55:c3:68:df:84:98:4d:80:7f:d5:67:09:11:2e:08:56:1a: e4:e1:f8:fc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGlSDiZcQxCcX3VT5sAsH0QlxeWQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNAY2UzNjViYTQwOTM2NDk5ODg3Nzlj ODQ4NGY4NjAyMGEwNmU4ODY4MmJmNjRlNDJmNTQ2MThkNDZhMTQ2NGZlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggRfUSMVrVxSTGtdIdRiSpaGUM1v FsZ/VymMgEPdSl/+AHLHg9AZXydjqwi0ykpU2kinG/EVlTVSg24VjahTbElMbDD5 SezZBaKJoHzb54EAiNE06L5D6eEUrlV5o2FdUw8o8cAjbyNEOVwfPzlSUJ6i0Bso x4cwgVBpO3NzFJnYtc7jX5TjMnJc6v/if4ck5xwJfFOrgseJgcUcFnWWyzuBAFVY YkOSpvr8H8RZH4xyHIyjtFlLBf/0ap2qMyA14kL3K4pXDpOmAXGZ8x341xzCC2t9 oBfkBneYQ7AqD52a+gHHyGa7+7JTJvTb2yKeamPylZU7cmE1zCMnhiLe+wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPVNL8fCcF2HBIgtAOHqZP+4lb7LMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwNWE5MjEyLWZlYTAtNGJjMC1iZTEyLTA4NGI4MTEyNGI4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAHBAMA0GCSqGSIb3DQEBCwUAA4IBAQB+FmWNnryN6OecNQE4 IdnOxSdm5JtNpdrldU1DznzlefKcEiY3a/GDCYq+mRvkaf3O+myI+aMiiCKm34ZI 2v+dV4nY8XnhMh61mmCzCRAl596ME4OfLHzPMZ/va8gZT5vsqxVWjVUbCQI3gkVg HhCr44ZyMzGI5JdL84GFMclDCsoHUxIS7nLoMLf0JjgheZbedzQbgDr9j03rgIqz BRfnDZ3nT5rj/f7XpfIGinRsY/ujMq85KEpIBD16i0JeU7z1JbACClgfy6YR1RSO GpA3vLxBKlGfFBj01v+dgXN984wPhBa1DTupPKfPVcNo34SYTYB/1WcJES4IVhrk 4fj8 -----END CERTIFICATE-----Generated at Wed Feb 5 03:59:01 2025 by rpki-client