$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa File: 1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa (raw, json) Hash identifier: /YUVNtC1ish113REMmeSxXilFecxZ4Mrt5I6U6DuCWQ= Subject key identifier: 02:D5:C8:FD:A1:0B:4A:AA:2B:19:CC:14:45:D8:C3:DE:49:F5:D8:FD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3F01163B0645AD617CD8D49019BF9A2B98418FEE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:01:16:3b:06:45:ad:61:7c:d8:d4:90:19:bf:9a:2b:98:41:8f:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:de:7d:11:e8:38:e0:67:18:e4:d2:5c:7d:19: 09:3d:80:1d:99:64:6f:f6:66:67:5f:68:e6:70:9e: b1:b2:fd:42:2e:be:2f:39:c8:97:f0:e9:c2:ed:8c: 4b:56:82:44:80:62:81:b5:d0:ee:d6:27:74:ad:af: ab:e6:2b:ec:e2:1b:4d:c8:a6:97:d0:bb:e1:74:ad: a8:28:cc:fe:8f:80:14:8e:8d:65:dc:5b:71:fe:2c: e1:6c:fc:67:9d:25:0f:6a:89:a1:d9:0b:22:65:ad: 35:85:89:a6:f9:90:8f:c1:b9:a0:a0:6c:18:ca:02: 07:4c:a1:51:cf:4e:a3:a3:20:7a:7b:09:b5:2a:6e: 0f:0d:be:5d:8c:0c:d0:0e:e0:95:cf:00:90:f7:ce: 22:81:65:ea:38:6f:00:ff:b6:97:32:e9:8b:04:14: bc:44:b1:e2:4a:02:ab:4b:90:3a:85:0c:af:57:68: 27:15:32:db:3c:ae:d3:c7:42:6b:28:9c:70:a7:91: f2:5d:ac:50:a3:d5:03:14:f3:4f:9e:cd:af:7d:4c: b5:e7:04:89:9e:66:4c:3d:c4:d9:93:59:98:2a:d3: 6a:be:97:3c:f3:56:43:90:c8:9f:ee:a8:72:bf:35: 88:be:8f:ea:0f:38:7a:b1:84:a0:d6:0d:3e:30:cb: de:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:D5:C8:FD:A1:0B:4A:AA:2B:19:CC:14:45:D8:C3:DE:49:F5:D8:FD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:4020::/48 Signature Algorithm: sha256WithRSAEncryption c6:ab:07:8b:71:70:11:0c:96:7d:fe:0f:3c:52:b2:46:b8:c9: 9e:20:02:51:89:be:8d:71:d0:ce:ea:95:39:96:bf:39:ca:e6: d6:ea:48:2c:c6:b8:e4:9c:43:f6:32:fb:82:b7:34:79:47:c6: f1:72:b2:eb:3b:f2:a0:81:d5:3c:e9:67:4a:8d:9a:bd:02:b5: 00:3a:52:c6:cd:db:b7:51:c3:3c:2d:b6:80:6b:f3:bd:49:38: c5:f9:85:65:76:c6:44:b9:17:ce:97:90:bd:c1:d2:ec:4c:88: f5:42:1e:81:c3:5c:75:b3:c6:e7:d5:51:cb:27:51:d5:4b:ac: fa:bf:ab:fa:cd:73:72:9d:25:bc:48:8b:30:40:a8:c6:13:c8: 23:8b:f7:cb:b1:e6:53:dd:f1:73:ba:42:ce:98:05:09:9d:60: d4:51:45:cb:70:da:37:1a:d8:74:0d:a0:98:12:93:f1:20:5d: 2f:ef:d0:8b:d9:c4:cf:7f:b5:32:7e:52:64:02:b0:ee:fc:0f: 09:21:14:50:b1:6d:da:fe:61:e8:21:b7:69:a1:4f:44:08:43: 7f:80:3f:d6:f5:36:c0:09:1b:72:46:b8:78:bf:9e:be:51:48: 37:02:8f:64:10:b3:21:dd:a8:90:aa:3b:83:fd:ce:93:20:b1: 43:34:ad:09 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPwEWOwZFrWF82NSQGb+aK5hBj+4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAODQ0ZDViOTY3NGU4MzIzYWQwOTcw MGMwM2FhM2JjYWU3NGUyMmNmZDQyNmJlYzlkYWQ3NjA2YWZiZWMyNDliMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt59Eeg44GcY5NJcfRkJPYAdmWRv 9mZnX2jmcJ6xsv1CLr4vOciX8OnC7YxLVoJEgGKBtdDu1id0ra+r5ivs4htNyKaX 0LvhdK2oKMz+j4AUjo1l3Ftx/izhbPxnnSUPaomh2QsiZa01hYmm+ZCPwbmgoGwY ygIHTKFRz06joyB6ewm1Km4PDb5djAzQDuCVzwCQ984igWXqOG8A/7aXMumLBBS8 RLHiSgKrS5A6hQyvV2gnFTLbPK7Tx0JrKJxwp5HyXaxQo9UDFPNPns2vfUy15wSJ nmZMPcTZk1mYKtNqvpc881ZDkMif7qhyvzWIvo/qDzh6sYSg1g0+MMverQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFALVyP2hC0qqKxnMFEXYw95J9dj9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE1ODJlZTBkLTExZWEtNDQ5NS05N2U1LTBlZDgyNWJhOGVlMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8kAgMA0GCSqGSIb3DQEBCwUAA4IBAQDGqweLcXARDJZ9/g88 UrJGuMmeIAJRib6NcdDO6pU5lr85yubW6kgsxrjknEP2MvuCtzR5R8bxcrLrO/Kg gdU86WdKjZq9ArUAOlLGzdu3UcM8LbaAa/O9STjF+YVldsZEuRfOl5C9wdLsTIj1 Qh6Bw1x1s8bn1VHLJ1HVS6z6v6v6zXNynSW8SIswQKjGE8gji/fLseZT3fFzukLO mAUJnWDUUUXLcNo3Gth0DaCYEpPxIF0v79CL2cTPf7UyflJkArDu/A8JIRRQsW3a /mHoIbdpoU9ECEN/gD/W9TbACRtyRrh4v56+UUg3Ao9kELMh3aiQqjuD/c6TILFD NK0J -----END CERTIFICATE-----Generated at Wed Feb 5 03:53:25 2025 by rpki-client