$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa File: 00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa (raw, json) Hash identifier: p+URTlyApB+3nzrhwQ4jvp+FkoiD1VGz0AxQ/VtleqI= Subject key identifier: C8:30:FB:4C:E6:EF:C1:C3:3A:9F:61:87:1D:CC:B1:28:A3:CD:8F:01 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2F8D6E5E850F6D9CE1104B74BEA0366943D8FD1F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa Signing time: Sat 01 Mar 2025 00:20:58 +0000 ROA not before: Sat 01 Mar 2025 00:20:58 +0000 ROA not after: Sat 05 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 17 Mar 2025 16:37:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:8d:6e:5e:85:0f:6d:9c:e1:10:4b:74:be:a0:36:69:43:d8:fd:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 1 00:20:58 2025 GMT Not After : Apr 5 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:67:5a:5b:61:7e:d6:be:23:d9:a2:40:53:ff: 8f:49:83:61:f7:5c:8c:50:ce:d3:1c:91:5a:ac:ee: 4d:05:62:58:4f:de:9a:d8:a5:d9:31:96:23:a2:8b: be:27:c3:4c:af:b5:11:0e:a5:ff:14:5d:dc:1e:14: 55:0b:6e:97:52:8e:2e:2c:3e:1a:9d:51:9f:0e:65: ef:5a:d2:b7:60:c5:35:df:f9:e5:0f:55:f3:77:a5: 7b:9b:8d:e4:e6:63:ea:97:65:a1:df:17:be:a8:96: 7e:d0:f4:51:0b:32:3d:c0:ad:46:05:9f:4a:6d:03: 2a:dc:4f:a9:3a:89:58:ad:a6:14:9e:f0:27:dc:3a: 6b:25:63:6c:7a:c8:72:f6:1b:ef:68:b4:12:2c:eb: 02:bf:9d:45:a4:67:36:21:ba:a8:02:89:2c:0f:6e: 0d:c2:02:cd:17:41:73:d5:dc:e1:14:7a:61:b7:f8: eb:36:34:a4:e4:11:4b:bc:7d:f3:a9:c6:2b:e1:82: 7f:42:e3:47:12:e9:77:5f:6f:74:b3:2a:48:8a:0c: 81:37:87:3b:e7:09:08:62:0c:f3:2f:51:cd:20:54: 0f:cb:0b:e7:66:cd:df:8e:41:2d:36:aa:26:5b:d7: 4c:8f:8b:aa:23:17:90:bf:98:0f:46:83:7e:00:28: da:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:30:FB:4C:E6:EF:C1:C3:3A:9F:61:87:1D:CC:B1:28:A3:CD:8F:01 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:7000::/40 Signature Algorithm: sha256WithRSAEncryption 63:87:bf:27:d8:c6:03:85:26:3d:38:67:cf:ac:39:40:fe:c7: 1f:fa:bb:5d:00:5e:45:d9:de:8b:9a:44:fa:b4:a7:16:ad:49: 3c:35:b3:7d:61:7b:08:b4:75:d5:4a:4e:1a:84:f6:c7:87:18: 5e:c5:8c:15:49:dc:2b:fc:28:cc:55:fe:e3:64:a3:ac:87:8a: b2:a2:d6:2f:a1:3f:cd:6a:25:6e:34:e2:4a:aa:7d:cc:31:6f: 84:8e:89:1a:6f:4b:d4:72:d2:ff:2e:20:08:7e:a3:88:a9:85: e3:41:26:b5:f7:4b:91:0d:41:83:e7:6a:11:ce:fe:d2:c8:4a: d9:33:d6:bb:e2:af:b6:b0:a2:f5:df:1f:73:83:ec:cd:58:d2: 02:8c:87:9f:ec:c0:aa:1a:3a:0a:d4:91:bd:d8:ad:7d:39:f9: 4f:10:f6:22:9d:eb:67:ed:18:fb:47:96:ed:fb:14:64:8d:7d: ff:e6:40:b6:bf:8d:6e:96:9e:89:47:83:2b:db:45:30:28:58: f8:73:59:6b:29:4a:f4:0c:98:24:3d:1e:21:dc:db:5f:9e:57: 02:6f:43:06:11:9e:2c:6f:1e:86:92:02:2b:a9:10:8a:59:6f: cb:a8:78:12:92:d4:d6:b4:c3:95:f7:7c:dd:fc:d9:61:f8:f1: 7e:1a:0d:de -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUL41uXoUPbZzhEEt0vqA2aUPY/R8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMwMTAwMjA1OFoX DTI1MDQwNTIzNTk1OVowejFJMEcGA1UEBRNAYWYyOTUxYTkzMzEwZjU4ZmMwYjAz NTE1MGE0NmU5NzRlNmQwMWUzYmQ2OGY3OWU0YTIzNzQ0N2IzZWFkZDdiNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWdaW2F+1r4j2aJAU/+PSYNh91yM UM7THJFarO5NBWJYT96a2KXZMZYjoou+J8NMr7URDqX/FF3cHhRVC26XUo4uLD4a nVGfDmXvWtK3YMU13/nlD1Xzd6V7m43k5mPql2Wh3xe+qJZ+0PRRCzI9wK1GBZ9K bQMq3E+pOolYraYUnvAn3DprJWNseshy9hvvaLQSLOsCv51FpGc2IbqoAoksD24N wgLNF0Fz1dzhFHpht/jrNjSk5BFLvH3zqcYr4YJ/QuNHEul3X290sypIigyBN4c7 5wkIYgzzL1HNIFQPywvnZs3fjkEtNqomW9dMj4uqIxeQv5gPRoN+ACjagwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMgw+0zm78HDOp9hhx3MsSijzY8BMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwYjJhMmI0LTk5ZGUtNDVhMi1iNWY0LWEwMTYwOWM5OTdmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOHAwDQYJKoZIhvcNAQELBQADggEBAGOHvyfYxgOFJj04Z8+s OUD+xx/6u10AXkXZ3ouaRPq0pxatSTw1s31hewi0ddVKThqE9seHGF7FjBVJ3Cv8 KMxV/uNko6yHirKi1i+hP81qJW404kqqfcwxb4SOiRpvS9Ry0v8uIAh+o4ipheNB JrX3S5ENQYPnahHO/tLIStkz1rvir7awovXfH3OD7M1Y0gKMh5/swKoaOgrUkb3Y rX05+U8Q9iKd62ftGPtHlu37FGSNff/mQLa/jW6WnolHgyvbRTAoWPhzWWspSvQM mCQ9HiHc21+eVwJvQwYRnixvHoaSAiupEIpZb8uoeBKS1Na0w5X3fN382WH48X4a Dd4= -----END CERTIFICATE-----Generated at Thu Mar 13 23:49:17 2025 by rpki-client