$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/184f988b-295a-4289-b75b-7fd138f36664.roa File: 184f988b-295a-4289-b75b-7fd138f36664.roa (raw, json) Hash identifier: cWfEXP17q+AK7DxSvC7kzro2GuQKLsEeXzUBlZl1kX4= Subject key identifier: 97:45:E6:0C:A0:A7:CF:98:9A:52:2B:43:9A:C1:F6:56:E8:2A:31:1D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7DB30DA7298E127D0710373F2E774D4BB5EA74D0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/184f988b-295a-4289-b75b-7fd138f36664.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:b3:0d:a7:29:8e:12:7d:07:10:37:3f:2e:77:4d:4b:b5:ea:74:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:9a:aa:c2:ab:14:59:96:8c:a5:f2:f4:a0:6b: ac:00:1d:f6:26:15:cb:20:a9:eb:74:55:8a:be:99: 64:06:e2:35:7e:57:83:bc:4f:f8:66:65:59:4c:0c: 04:9e:46:11:b4:d8:77:b3:9b:a7:58:ce:57:c1:7f: cf:ad:e5:cb:84:a2:23:1e:d6:04:85:ff:72:f2:58: 78:fa:01:46:07:6c:4e:84:9d:72:f0:7a:9a:b6:65: 32:17:db:dc:d2:8a:eb:c8:3a:b4:5c:fc:2e:8e:cd: c5:8b:dc:fd:68:49:aa:5b:2a:d0:b4:f3:f5:d0:28: e1:d9:7e:44:fc:04:cb:6b:49:53:7e:12:76:c8:b8: 01:da:ba:34:e4:71:3b:70:b2:f0:9b:e0:af:ec:ae: 41:fa:e5:28:28:fd:4f:cc:32:1b:a9:b7:cd:23:fb: 96:4d:5f:e9:d1:b8:97:7b:b0:9d:04:c5:95:2f:0b: 3f:d2:b9:83:d2:d1:52:75:58:97:1b:38:1f:cd:5d: 1b:08:d7:15:b6:93:7c:68:0d:78:25:d5:4b:b8:e0: 9b:4d:7c:85:38:b0:f6:e5:37:5e:f0:29:a7:bd:8d: 71:ce:2b:d9:1a:77:ba:0d:95:75:0b:7f:36:30:b4: 85:18:60:3c:cf:c3:a5:2e:8a:0b:6c:87:c0:60:a4: 24:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:45:E6:0C:A0:A7:CF:98:9A:52:2B:43:9A:C1:F6:56:E8:2A:31:1D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/184f988b-295a-4289-b75b-7fd138f36664.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:9000::/40 Signature Algorithm: sha256WithRSAEncryption 01:ac:0c:e9:66:d2:4d:c0:0c:3b:1f:ac:f6:96:d6:92:d0:14: 4d:2d:84:18:86:20:f7:6a:bb:f9:f1:fc:67:bd:5f:42:b6:59: 9a:09:b0:85:5f:14:a5:4d:ed:ea:d8:da:d0:f4:c7:e5:1f:60: fe:70:24:6d:4d:7a:85:8b:3e:9c:51:a6:64:b1:c0:2b:75:85: c0:5f:f6:29:9b:fa:39:46:fa:7c:73:ba:16:39:3f:ce:c3:ea: f7:44:91:50:cf:72:41:1f:d3:74:4a:5e:e4:24:46:0d:49:0b: 04:3d:ed:32:37:7b:50:b0:4a:60:00:e4:0f:14:b2:49:e3:9d: c9:f4:fd:cf:cb:60:32:e1:3e:5f:01:4c:e3:7a:6d:7c:b4:77: b4:65:91:55:05:7d:95:cb:89:92:f3:b3:9b:2a:a7:19:6c:48: 8d:ac:35:6c:79:29:87:fa:45:cd:c5:1b:89:69:c0:91:d5:3f: b1:86:ce:a6:12:ca:68:db:dd:89:eb:31:4b:92:ee:4a:93:7c: 71:f9:d7:e4:f1:25:ae:1e:38:d4:ce:3e:8e:96:79:54:17:70: 75:bd:d1:a1:39:c1:43:5b:2f:3e:9c:4c:74:2a:6d:4d:bb:26: 68:aa:cd:6a:36:e9:73:0d:15:69:cc:66:97:e0:a7:45:7b:38: 28:f6:04:fd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfbMNpymOEn0HEDc/LndNS7XqdNAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYzVkYWFlZWY0NTJlZDI0ODJiNmQ3 ZGY3NDhjNjRiYWYyZDVhMmM0ZDJmMWE5MTZhMTQyY2JjM2EyY2I1NWY3MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspqqwqsUWZaMpfL0oGusAB32JhXL IKnrdFWKvplkBuI1fleDvE/4ZmVZTAwEnkYRtNh3s5unWM5XwX/PreXLhKIjHtYE hf9y8lh4+gFGB2xOhJ1y8HqatmUyF9vc0orryDq0XPwujs3Fi9z9aEmqWyrQtPP1 0Cjh2X5E/ATLa0lTfhJ2yLgB2ro05HE7cLLwm+Cv7K5B+uUoKP1PzDIbqbfNI/uW TV/p0biXe7CdBMWVLws/0rmD0tFSdViXGzgfzV0bCNcVtpN8aA14JdVLuOCbTXyF OLD25Tde8CmnvY1xzivZGne6DZV1C382MLSFGGA8z8OlLooLbIfAYKQkwQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJdF5gygp8+YmlIrQ5rB9lboKjEdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE4NGY5ODhiLTI5NWEtNDI4OS1iNzViLTdmZDEzOGYzNjY2NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNpAwDQYJKoZIhvcNAQELBQADggEBAAGsDOlm0k3ADDsfrPaW 1pLQFE0thBiGIPdqu/nx/Ge9X0K2WZoJsIVfFKVN7erY2tD0x+UfYP5wJG1NeoWL PpxRpmSxwCt1hcBf9imb+jlG+nxzuhY5P87D6vdEkVDPckEf03RKXuQkRg1JCwQ9 7TI3e1CwSmAA5A8Usknjncn0/c/LYDLhPl8BTON6bXy0d7RlkVUFfZXLiZLzs5sq pxlsSI2sNWx5KYf6Rc3FG4lpwJHVP7GGzqYSymjb3YnrMUuS7kqTfHH51+TxJa4e ONTOPo6WeVQXcHW90aE5wUNbLz6cTHQqbU27JmiqzWo26XMNFWnMZpfgp0V7OCj2 BP0= -----END CERTIFICATE-----Generated at Wed Feb 5 03:46:33 2025 by rpki-client