$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27a80888-f443-40f4-b37a-77f84a697e07.roa File: 27a80888-f443-40f4-b37a-77f84a697e07.roa (raw, json) Hash identifier: pHhQjSOe5CWAShYQM61tOTaxSSUAInecTtAuykmNTJ4= Subject key identifier: CE:94:3D:09:74:7A:C4:3A:A3:0B:96:26:1B:DE:AD:AD:75:F6:BB:A3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 10BB7764DE0EA0F9D3FE74C681A8982EC40144B7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27a80888-f443-40f4-b37a-77f84a697e07.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:b080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:bb:77:64:de:0e:a0:f9:d3:fe:74:c6:81:a8:98:2e:c4:01:44:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:ab:a6:1c:4a:38:9e:0e:11:8d:1f:a7:84:63: bb:ca:18:1c:e8:4f:05:f5:bb:31:89:bc:7b:6f:b4: 97:c2:3f:29:07:ae:ad:5f:dc:68:cd:55:76:37:12: 1d:80:f3:54:ff:31:3d:f0:5f:e0:3b:66:dd:9d:b9: 16:70:3d:f5:7e:88:26:2f:33:cb:e9:a1:6d:a7:cb: 8e:c7:09:7b:4b:89:f8:51:9c:ca:b9:18:d1:ce:3c: 99:ab:a3:a5:4d:ae:ae:6b:f1:49:9c:1b:d2:e0:91: 7f:1e:45:f1:d3:14:b4:56:49:b2:d0:f7:77:63:f7: 65:9e:df:49:c2:7d:79:4a:2a:1b:b1:17:b4:6e:ef: 4d:ed:a2:a3:3f:fc:7d:f4:2a:87:26:b0:76:b1:fd: 01:a2:c0:d6:8a:ff:8d:d2:9c:ed:c3:e7:1f:8e:41: f0:14:a3:00:5b:ab:01:0c:b6:eb:8a:3f:81:03:6e: b1:40:f1:86:ae:47:0c:84:5d:79:07:7f:75:25:d7: da:61:05:f3:6a:23:50:30:7d:81:79:cc:1d:9c:b3: 29:74:6f:af:42:cf:ef:ab:a1:2f:b3:81:91:50:3a: 3e:79:1d:57:08:4a:bc:8d:dd:29:45:94:c0:c9:05: af:57:52:da:61:c0:2a:85:9e:c2:26:14:f0:3c:06: 82:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:94:3D:09:74:7A:C4:3A:A3:0B:96:26:1B:DE:AD:AD:75:F6:BB:A3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27a80888-f443-40f4-b37a-77f84a697e07.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:b080::/46 Signature Algorithm: sha256WithRSAEncryption b7:ca:87:19:b9:2f:dd:c0:4a:ce:97:21:74:a8:27:9b:ea:93: 8a:a1:cc:a7:e8:08:27:63:2e:d7:e6:e8:49:ab:4a:05:1c:1b: ec:48:f7:df:ed:1f:fd:d7:30:24:8c:fe:dc:b7:b6:f3:3a:d2: 13:71:8f:5b:f9:f2:39:83:6f:9b:71:b9:02:1f:fc:86:27:e4: 7d:0b:19:f2:bf:03:9b:97:b1:17:14:ae:dd:3d:23:ca:85:a6: ab:e0:58:8a:6e:90:52:37:be:93:be:98:ac:96:f1:31:10:cb: 1b:08:66:9d:6d:55:2a:5e:43:27:af:92:48:e1:92:2b:25:df: 6e:fa:4d:07:4d:f4:b2:b8:94:b7:13:71:6a:4e:ee:4a:f4:f1: f2:ba:17:ad:b4:79:cc:49:2c:87:1f:f3:77:22:73:73:94:63: c6:68:a3:4b:f5:a0:b1:59:3f:c0:35:fb:ed:03:ab:9f:38:b3: a2:a7:3f:0b:8e:59:0b:31:1f:b1:10:4d:73:d9:b2:2a:71:7c: 85:7a:1a:68:59:38:0e:9c:a7:63:f0:03:56:74:27:d4:91:bd: 78:ce:96:77:43:c9:ce:89:ec:0e:12:ab:6e:d0:0b:9d:a9:b8: 2f:b8:d1:8a:6e:72:c9:b0:2c:25:26:9c:f5:ef:1a:18:20:9a: 35:58:68:03 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUELt3ZN4OoPnT/nTGgaiYLsQBRLcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYWE4NzgwNmZiZTE0YTk3ODZhYTY0 ZDZiMDdlZDgzMzQwZGEwODZjYjY2ZmZmOGRkOWVmMDU4NDE0YjI3ZjFlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaumHEo4ng4RjR+nhGO7yhgc6E8F 9bsxibx7b7SXwj8pB66tX9xozVV2NxIdgPNU/zE98F/gO2bdnbkWcD31fogmLzPL 6aFtp8uOxwl7S4n4UZzKuRjRzjyZq6OlTa6ua/FJnBvS4JF/HkXx0xS0Vkmy0Pd3 Y/dlnt9Jwn15SiobsRe0bu9N7aKjP/x99CqHJrB2sf0BosDWiv+N0pztw+cfjkHw FKMAW6sBDLbrij+BA26xQPGGrkcMhF15B391JdfaYQXzaiNQMH2BecwdnLMpdG+v Qs/vq6Evs4GRUDo+eR1XCEq8jd0pRZTAyQWvV1LaYcAqhZ7CJhTwPAaCjwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFM6UPQl0esQ6owuWJhvera119rujMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI3YTgwODg4LWY0NDMtNDBmNC1iMzdhLTc3Zjg0YTY5N2UwNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba97CAMA0GCSqGSIb3DQEBCwUAA4IBAQC3yocZuS/dwErOlyF0 qCeb6pOKocyn6AgnYy7X5uhJq0oFHBvsSPff7R/91zAkjP7ct7bzOtITcY9b+fI5 g2+bcbkCH/yGJ+R9CxnyvwObl7EXFK7dPSPKhaar4FiKbpBSN76TvpislvExEMsb CGadbVUqXkMnr5JI4ZIrJd9u+k0HTfSyuJS3E3FqTu5K9PHyuhettHnMSSyHH/N3 InNzlGPGaKNL9aCxWT/ANfvtA6ufOLOipz8LjlkLMR+xEE1z2bIqcXyFehpoWTgO nKdj8ANWdCfUkb14zpZ3Q8nOiewOEqtu0AudqbgvuNGKbnLJsCwlJpz17xoYIJo1 WGgD -----END CERTIFICATE-----Generated at Wed Feb 5 03:55:50 2025 by rpki-client