$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b96f1b3-5c7a-41a6-ac5b-116289fe143d.roa File: 1b96f1b3-5c7a-41a6-ac5b-116289fe143d.roa (raw, json) Hash identifier: Mzvw8LhSyQU1s97zxhThE7HDB4x08jiK+Tv3Uenr2qg= Subject key identifier: DA:08:00:0C:24:3F:3E:C4:03:B1:01:BD:56:C2:E3:3F:55:F8:91:17 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5DAB22AAAC57C3DCDF87998FAB2A0712BCE8FADD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b96f1b3-5c7a-41a6-ac5b-116289fe143d.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:b080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:ab:22:aa:ac:57:c3:dc:df:87:99:8f:ab:2a:07:12:bc:e8:fa:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:54:cf:3c:57:65:11:1b:ed:ec:ff:50:93:9a: fe:f6:7e:d2:f6:43:d2:74:a4:af:f1:c6:80:0d:bb: 8d:7b:27:d3:29:8e:3b:41:66:a9:b4:36:34:6b:f1: 32:ca:c7:2c:40:48:f1:9e:3d:9c:c7:04:97:c3:0e: 5e:b6:81:1e:5b:26:00:7f:ef:34:99:ee:de:46:9e: af:83:d8:b9:05:32:5c:b8:29:00:e3:5a:d7:9c:9e: ed:f2:25:ba:45:f5:6f:40:b0:e6:67:b5:46:95:1b: 66:46:a3:9c:59:1f:55:cc:7c:ab:08:e6:72:af:d1: 24:56:5c:2e:42:f6:17:b3:d6:21:47:80:75:18:6e: 9c:b5:10:17:d3:27:49:e2:e6:41:6f:49:69:7f:8a: db:d6:82:b9:e0:50:11:43:aa:0f:94:d7:17:7e:87: 5b:77:e5:b6:13:b2:29:fd:e7:c8:e2:52:d7:15:1e: f8:a3:fd:fa:55:98:05:fb:69:68:dd:3b:64:3d:e0: c4:5e:60:62:9f:95:95:d4:97:5e:f6:4e:e9:89:22: 0b:7f:5d:3c:5d:7f:0c:82:88:53:cc:a9:40:3a:18: b3:71:45:10:1d:2a:80:32:95:23:80:29:e0:1d:d8: f3:79:19:51:d4:bb:f8:69:4d:04:d5:83:f0:65:30: 23:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:08:00:0C:24:3F:3E:C4:03:B1:01:BD:56:C2:E3:3F:55:F8:91:17 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b96f1b3-5c7a-41a6-ac5b-116289fe143d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:b080::/46 Signature Algorithm: sha256WithRSAEncryption 04:2e:28:c6:5e:d3:a0:53:e0:ca:d4:cd:87:b1:b6:f0:0d:ad: be:47:91:c8:20:1a:24:b5:5f:26:28:37:a8:d9:02:3e:11:fe: 94:94:c6:0d:96:86:36:f3:5f:09:73:18:38:62:3b:06:56:0f: 8b:e8:55:c5:f8:68:7e:7e:fc:52:0c:5c:65:8a:1b:f8:d4:fd: 3a:a7:cc:2d:c1:fd:15:28:b3:d0:5d:90:3c:74:27:5f:71:9f: a7:d0:a3:c6:ef:a7:f1:79:1f:b3:b6:09:40:1f:c0:c1:8e:13: 29:a0:fb:89:dc:65:96:60:6c:a5:e8:56:32:d0:be:35:40:d6: a7:2c:da:51:31:07:e7:8f:2a:ff:7c:03:64:1d:59:7d:bb:f5: 29:45:00:3c:4f:4a:52:ce:42:ad:ef:f6:3f:36:52:c9:d1:c6: f9:cd:7f:14:3a:e6:3c:5c:a2:85:a1:88:e1:53:da:af:62:5d: 0e:50:00:95:46:90:6e:af:af:77:38:43:fe:ee:d7:f7:76:52: 41:5d:31:24:1d:ba:ef:3b:ca:0e:c2:5d:8e:28:10:94:66:b1: 50:fa:c8:26:8a:87:74:4d:30:8a:17:b1:77:69:1d:f5:b5:45: cb:77:70:9c:39:da:1a:19:70:3c:06:99:f1:56:79:16:12:5f: d0:05:03:24 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXasiqqxXw9zfh5mPqyoHErzo+t0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYzBiZDhmNWUwMDhmYzViNTJlYTlh YWU5NDZiMzFlN2FmOWM1ZTlhMjU5ZTE2ODgxMjUzZTZmZjk5YjExZmVjMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFTPPFdlERvt7P9Qk5r+9n7S9kPS dKSv8caADbuNeyfTKY47QWaptDY0a/EyyscsQEjxnj2cxwSXww5etoEeWyYAf+80 me7eRp6vg9i5BTJcuCkA41rXnJ7t8iW6RfVvQLDmZ7VGlRtmRqOcWR9VzHyrCOZy r9EkVlwuQvYXs9YhR4B1GG6ctRAX0ydJ4uZBb0lpf4rb1oK54FARQ6oPlNcXfodb d+W2E7Ip/efI4lLXFR74o/36VZgF+2lo3TtkPeDEXmBin5WV1Jde9k7piSILf108 XX8MgohTzKlAOhizcUUQHSqAMpUjgCngHdjzeRlR1Lv4aU0E1YPwZTAjewIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNoIAAwkPz7EA7EBvVbC4z9V+JEXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiOTZmMWIzLTVjN2EtNDFhNi1hYzViLTExNjI4OWZlMTQzZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+7CAMA0GCSqGSIb3DQEBCwUAA4IBAQAELijGXtOgU+DK1M2H sbbwDa2+R5HIIBoktV8mKDeo2QI+Ef6UlMYNloY2818Jcxg4YjsGVg+L6FXF+Gh+ fvxSDFxlihv41P06p8wtwf0VKLPQXZA8dCdfcZ+n0KPG76fxeR+ztglAH8DBjhMp oPuJ3GWWYGyl6FYy0L41QNanLNpRMQfnjyr/fANkHVl9u/UpRQA8T0pSzkKt7/Y/ NlLJ0cb5zX8UOuY8XKKFoYjhU9qvYl0OUACVRpBur693OEP+7tf3dlJBXTEkHbrv O8oOwl2OKBCUZrFQ+sgmiod0TTCKF7F3aR31tUXLd3CcOdoaGXA8BpnxVnkWEl/Q BQMk -----END CERTIFICATE-----Generated at Wed Feb 5 04:08:38 2025 by rpki-client