$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0fdd5bd4-d5a4-40d2-8a1b-6a006f1a5b1e.roa File: 0fdd5bd4-d5a4-40d2-8a1b-6a006f1a5b1e.roa (raw, json) Hash identifier: MWojc/cxPpfnojR3JkVTmi725rdGBEWKsW0qPgKAh5E= Subject key identifier: 78:57:18:5F:09:68:84:70:24:F3:44:25:1C:01:1B:BF:BF:90:7A:46 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 23DA3136E9F361615463510F069EB73920B70425 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0fdd5bd4-d5a4-40d2-8a1b-6a006f1a5b1e.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:e0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:da:31:36:e9:f3:61:61:54:63:51:0f:06:9e:b7:39:20:b7:04:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:77:b4:6b:ce:f2:c1:88:cd:4d:6d:73:cd:35: 06:48:f2:6b:5a:fe:3b:98:1d:61:f3:1e:1e:80:27: 79:d8:a3:e7:6b:84:e2:74:39:2d:68:78:ae:79:46: 03:39:99:bc:e6:58:53:ec:70:02:6c:54:66:0b:20: a7:54:a7:d2:1a:91:ce:b2:3f:15:13:e9:33:20:51: 75:f4:2e:d6:81:d7:21:8a:ea:30:2b:8a:bc:b1:0e: 7c:5a:24:0a:5d:3d:2d:cd:49:d8:ef:54:c2:40:07: 10:ad:25:2a:e1:c2:0f:ff:b3:13:80:bf:57:dd:ad: 02:63:f5:3e:26:f3:53:4a:97:aa:47:5f:c2:9c:69: d8:1a:ac:2c:1b:3f:8d:f1:ac:99:76:44:58:bb:e1: 26:f0:b8:59:9f:ba:09:d4:ac:d4:d3:a0:2f:fd:43: c6:8c:fc:0e:93:2e:76:24:97:b6:bb:e7:75:87:ce: 58:02:12:61:4e:85:96:84:30:c7:b0:74:6f:22:ba: bb:85:50:08:2c:27:bb:88:d2:1d:f7:3f:94:ad:c0: 95:17:9f:92:cb:8e:71:50:00:84:8e:c3:7a:42:2d: ad:8f:44:f4:bb:4d:62:aa:83:ee:19:d8:87:8b:e4: 7d:3f:64:02:0e:50:9b:bf:91:1a:2b:e7:ed:3e:2a: c6:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:57:18:5F:09:68:84:70:24:F3:44:25:1C:01:1B:BF:BF:90:7A:46 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0fdd5bd4-d5a4-40d2-8a1b-6a006f1a5b1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:e0c0::/46 Signature Algorithm: sha256WithRSAEncryption 0d:fd:07:f5:c7:fb:93:92:0d:16:7b:9d:27:2b:7c:c5:29:01: fe:74:50:00:0d:ca:d3:90:20:b6:ba:a0:b2:4e:f5:80:4f:02: d1:e8:72:84:0b:33:b9:31:39:71:c8:29:31:b2:e6:4b:a0:bb: f1:df:a0:63:f2:ee:9d:a0:b1:6c:62:e9:e1:17:22:c6:1a:2f: e6:fb:e1:47:f9:06:f9:51:39:1a:f1:73:9b:18:dd:a8:3e:86: ff:5c:ab:7d:64:f7:ae:8b:ea:77:ad:e3:be:95:c2:a0:70:85: 0d:c0:13:70:d7:45:b8:22:5c:ac:bf:c6:2c:39:d8:b9:5f:8d: 78:73:db:2b:19:d9:00:d2:2d:55:65:04:25:3f:38:57:1c:bd: f4:29:69:f5:8a:25:fe:a3:2d:db:f8:f0:94:97:eb:2d:7a:a0: ea:bb:22:90:50:ad:02:14:05:8d:89:dc:b8:b0:29:62:06:91: 65:84:20:82:59:f4:a5:06:b3:f8:60:5e:6c:5d:eb:af:2a:56: f2:88:94:fa:d8:f5:1a:0c:35:60:4d:e6:1c:9a:f7:d4:f4:d2: 64:19:21:d8:9d:a6:2b:4c:b5:ab:b8:7f:c7:eb:87:65:29:a9: 18:d3:9b:3e:8f:de:9f:bd:ab:3d:35:9c:a0:7c:6a:2a:c7:c9: 8b:32:19:f6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUI9oxNunzYWFUY1EPBp63OSC3BCUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANzkwMDkyZDE4NDQxNmI4ZGIwMWY1 ZDZmMDk2Y2NhODZjMjk1ZjI0ZDBmYjg4ZDc0MGE2NDYzYzdhODgwM2MzYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAune0a87ywYjNTW1zzTUGSPJrWv47 mB1h8x4egCd52KPna4TidDktaHiueUYDOZm85lhT7HACbFRmCyCnVKfSGpHOsj8V E+kzIFF19C7WgdchiuowK4q8sQ58WiQKXT0tzUnY71TCQAcQrSUq4cIP/7MTgL9X 3a0CY/U+JvNTSpeqR1/CnGnYGqwsGz+N8ayZdkRYu+Em8LhZn7oJ1KzU06Av/UPG jPwOky52JJe2u+d1h85YAhJhToWWhDDHsHRvIrq7hVAILCe7iNId9z+UrcCVF5+S y45xUACEjsN6Qi2tj0T0u01iqoPuGdiHi+R9P2QCDlCbv5EaK+ftPirGQwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHhXGF8JaIRwJPNEJRwBG7+/kHpGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBmZGQ1YmQ0LWQ1YTQtNDBkMi04YTFiLTZhMDA2ZjFhNWIxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaeDAMA0GCSqGSIb3DQEBCwUAA4IBAQAN/Qf1x/uTkg0We50n K3zFKQH+dFAADcrTkCC2uqCyTvWATwLR6HKECzO5MTlxyCkxsuZLoLvx36Bj8u6d oLFsYunhFyLGGi/m++FH+Qb5UTka8XObGN2oPob/XKt9ZPeui+p3reO+lcKgcIUN wBNw10W4Ilysv8YsOdi5X414c9srGdkA0i1VZQQlPzhXHL30KWn1iiX+oy3b+PCU l+steqDquyKQUK0CFAWNidy4sCliBpFlhCCCWfSlBrP4YF5sXeuvKlbyiJT62PUa DDVgTeYcmvfU9NJkGSHYnaYrTLWruH/H64dlKakY05s+j96fvas9NZygfGoqx8mL Mhn2 -----END CERTIFICATE-----Generated at Wed Feb 5 03:59:00 2025 by rpki-client