$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084c90dd-efab-414c-a838-24ba0e1082e3.roa File: 084c90dd-efab-414c-a838-24ba0e1082e3.roa (raw, json) Hash identifier: oxHePxsj5YixfWnxK/2qZQ/2Fx+mqQx8p6WNOtlUxEQ= Subject key identifier: 3C:8F:86:25:15:3F:0C:31:D2:BE:DE:7C:DB:8E:12:83:36:86:35:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4FC07EAB38395A234004C772B1B3C09A82781DE6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084c90dd-efab-414c-a838-24ba0e1082e3.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:4880::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:c0:7e:ab:38:39:5a:23:40:04:c7:72:b1:b3:c0:9a:82:78:1d:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:47:52:0b:53:98:9f:16:98:1c:dc:d3:ed:4b: 44:36:1d:b4:2c:cc:4d:05:1f:ab:11:66:50:e0:89: 9a:2f:6e:a7:f7:4c:62:58:b3:b1:98:2c:9a:7a:3d: 1a:ea:2c:58:1e:12:28:29:e1:75:b7:e8:58:d3:67: 5a:fa:3b:d0:6a:c0:b3:87:25:a4:34:e8:0a:aa:49: e0:d0:19:79:db:46:e1:bf:63:db:5f:62:77:e8:b8: 35:a0:9a:00:ec:9a:7b:95:bf:d2:34:9b:f7:d4:0c: ff:62:5b:a7:6c:e1:3e:8b:13:c9:c5:53:3c:fd:f0: 69:52:d5:ae:8c:96:28:3c:dd:11:8a:fa:29:70:88: 92:82:95:dc:85:e9:c2:b8:06:fc:5d:4a:9f:c2:01: c4:27:57:94:da:d6:4b:68:61:3c:dd:d7:b3:a4:83: a2:7d:ad:02:e6:ab:29:68:1d:84:ab:c2:61:6b:d9: a8:3f:b4:58:ef:4c:54:ea:ec:1c:20:a0:4b:b7:71: 35:47:53:51:88:c0:40:30:9c:6e:0c:51:00:88:e5: c7:ae:0a:05:d9:de:a4:c2:e8:4f:6b:e9:3c:cd:4c: 94:e7:5e:6f:0a:b7:75:54:a2:ca:2b:fd:57:69:71: 28:36:88:d3:26:c1:b8:93:d2:a7:ca:8f:f7:06:07: a8:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:8F:86:25:15:3F:0C:31:D2:BE:DE:7C:DB:8E:12:83:36:86:35:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084c90dd-efab-414c-a838-24ba0e1082e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:4880::/46 Signature Algorithm: sha256WithRSAEncryption 74:44:58:1c:1a:e7:e2:c2:bf:9f:42:84:cd:b1:e4:f8:b7:ac: 3a:b8:2b:1a:da:b0:85:e8:e0:f6:ca:f3:ea:70:6a:bd:ed:b2: da:e2:c0:5a:a1:c8:01:35:f6:26:de:41:5e:d6:8a:b1:d0:50: 2b:3f:f9:24:91:53:49:d1:0b:e6:4d:04:e2:c8:e6:8e:2f:e4: 30:db:ca:4a:bc:04:b3:7e:1f:de:ae:b6:ff:c0:c3:8b:56:0e: 27:e3:79:89:2f:76:4e:e6:d6:d3:54:6d:eb:60:20:50:10:71: d6:cd:f6:1e:2f:19:d4:17:42:a8:ec:06:43:17:f1:d7:f0:d5: 1f:93:28:c9:e4:ef:11:88:59:d7:38:b8:86:18:84:ff:7f:93: d1:b4:d3:99:6f:95:56:12:63:81:8c:b2:9e:cc:cb:9b:62:9d: 2b:32:f2:6b:a9:e1:c4:a4:17:53:50:98:5c:55:0d:cc:19:89: d2:49:2b:07:a0:3e:bf:a6:32:c6:ed:fa:45:37:1e:9d:93:b7: de:54:6d:e9:04:f9:bb:ce:d1:90:dc:b3:e7:7d:8a:9f:5c:73: 20:88:06:01:c3:ba:f3:b8:f4:db:6c:f5:f7:26:e8:41:c4:3f: f3:f2:93:57:29:1d:02:f4:75:4b:b9:a3:9a:ba:57:d6:c9:b8: 91:e5:9e:ae -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUT8B+qzg5WiNABMdysbPAmoJ4HeYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAOWRiZGRhZDNlZGU0YTk4MjkxZWM1 NjgzN2VjN2NkM2I0ZGRjMGJiNmIzMDgzMzEyYTRkYjRhNzM5OWQ1MWY4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEdSC1OYnxaYHNzT7UtENh20LMxN BR+rEWZQ4ImaL26n90xiWLOxmCyaej0a6ixYHhIoKeF1t+hY02da+jvQasCzhyWk NOgKqkng0Bl520bhv2PbX2J36Lg1oJoA7Jp7lb/SNJv31Az/YlunbOE+ixPJxVM8 /fBpUtWujJYoPN0RivopcIiSgpXchenCuAb8XUqfwgHEJ1eU2tZLaGE83dezpIOi fa0C5qspaB2Eq8Jha9moP7RY70xU6uwcIKBLt3E1R1NRiMBAMJxuDFEAiOXHrgoF 2d6kwuhPa+k8zUyU515vCrd1VKLKK/1XaXEoNojTJsG4k9Knyo/3BgeojwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDyPhiUVPwwx0r7efNuOEoM2hjV/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4NGM5MGRkLWVmYWItNDE0Yy1hODM4LTI0YmEwZTEwODJlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba90iAMA0GCSqGSIb3DQEBCwUAA4IBAQB0RFgcGufiwr+fQoTN seT4t6w6uCsa2rCF6OD2yvPqcGq97bLa4sBaocgBNfYm3kFe1oqx0FArP/kkkVNJ 0QvmTQTiyOaOL+Qw28pKvASzfh/errb/wMOLVg4n43mJL3ZO5tbTVG3rYCBQEHHW zfYeLxnUF0Ko7AZDF/HX8NUfkyjJ5O8RiFnXOLiGGIT/f5PRtNOZb5VWEmOBjLKe zMubYp0rMvJrqeHEpBdTUJhcVQ3MGYnSSSsHoD6/pjLG7fpFNx6dk7feVG3pBPm7 ztGQ3LPnfYqfXHMgiAYBw7rzuPTbbPX3JuhBxD/z8pNXKR0C9HVLuaOaulfWybiR 5Z6u -----END CERTIFICATE-----Generated at Wed Feb 5 03:52:42 2025 by rpki-client