$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa File: 289cedd6-78dc-4ef5-9358-e95987fd7c36.roa (raw, json) Hash identifier: uh69P9qdSnlfbl0XZO1yLnatZsFjC6dtjC0qaJPRwLo= Subject key identifier: 7B:AF:5B:14:22:66:29:D0:0F:5A:24:22:03:7B:3F:D5:A2:29:8A:E3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78F88770067496A8C4136A992A2066865AF9D277 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:2080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:f8:87:70:06:74:96:a8:c4:13:6a:99:2a:20:66:86:5a:f9:d2:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:df:50:f7:fd:28:19:3b:fb:81:46:62:c5:67: fb:94:b3:f6:a9:fe:77:7f:2e:ec:26:c3:7e:a8:b1: b8:38:c7:92:14:29:b1:8d:84:58:f1:45:36:66:3f: 31:ae:a1:56:6d:69:b1:96:da:ad:35:60:a0:a7:38: d5:81:d0:2a:19:b6:48:bc:38:bc:de:13:79:00:b9: a9:80:c3:f1:eb:e5:1f:96:ee:8b:4d:80:16:57:f1: cd:d2:0c:56:88:3d:2f:09:ff:c1:45:27:d3:da:81: f4:45:74:db:48:90:ec:dc:ae:6e:3c:ba:2e:62:0e: f7:54:80:dd:60:ce:8a:b1:0f:54:31:9c:90:d2:1a: e0:8f:a5:9f:eb:83:7a:65:6b:25:c5:d3:c1:e6:95: ec:ae:7f:5b:67:ca:86:38:36:f0:01:5c:03:7b:28: 96:17:66:8e:8e:d0:3f:cc:18:78:d8:1f:82:32:a0: bc:7a:c3:17:cf:ba:2b:5d:7f:00:b1:9d:ce:72:6f: 0c:aa:07:20:a6:a7:48:19:fe:82:4c:ec:dd:6c:b2: b1:04:62:d9:98:8f:7e:a6:af:cb:2f:03:0d:31:32: 24:d5:95:08:46:84:d0:dd:a5:a0:ae:bd:9f:84:fe: 8e:15:32:10:3a:23:9d:bf:e0:06:fc:74:42:82:b3: 1f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:AF:5B:14:22:66:29:D0:0F:5A:24:22:03:7B:3F:D5:A2:29:8A:E3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:2080::/46 Signature Algorithm: sha256WithRSAEncryption 95:bc:2c:c8:d5:40:e9:19:65:c8:5b:80:7d:d8:a6:77:c4:9f: 56:41:e0:e1:30:ad:f3:43:2d:54:d7:cf:79:e9:63:0e:fb:b2: 4a:2b:f0:41:e2:07:35:de:8c:16:62:e5:26:ea:f0:e0:8b:09: 91:35:9a:e9:a4:b7:2a:7c:13:af:f3:34:d2:1f:c9:f7:4f:fd: 21:b3:cd:e9:8b:3d:98:5f:f6:d1:b5:11:78:b1:2c:19:69:f1: d6:e3:a6:5b:82:db:bb:cd:91:3b:d1:d4:c1:5e:bc:12:4b:04: 43:37:0d:8e:c4:c4:3e:f0:48:58:cd:35:7c:c5:79:3a:25:a1: 8b:f9:98:b3:46:56:a9:1a:b8:c0:4e:88:ca:97:7b:a1:31:47: 53:e5:82:17:94:72:3f:fa:9f:79:ad:56:2e:3e:87:b2:4b:3e: 1a:bf:23:07:cd:2d:ca:37:78:4b:7a:fb:14:67:10:b0:05:cd: 42:d7:d3:a2:47:8d:2f:59:9a:09:0f:51:ba:ef:75:95:55:b5: f1:b5:0f:ca:ec:da:4f:11:e6:e7:dc:3a:be:94:32:f4:f5:7a: d4:d4:49:0b:7c:d9:83:b9:7e:fd:c4:e5:ac:5b:f5:60:92:73: 4d:9a:ef:d9:9f:d1:fb:9b:d3:cd:fa:9b:42:ce:1a:75:d8:ae: be:34:ea:6e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUePiHcAZ0lqjEE2qZKiBmhlr50ncwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAOTU0NDQ2OGM5MmY2NDA3OTNjMDQ2 NjI5Y2QxNjY4NWU0ZWJhMGYyMzE3ZjM3YzBlODlhOTNiMmNmZjBjNTk3YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm99Q9/0oGTv7gUZixWf7lLP2qf53 fy7sJsN+qLG4OMeSFCmxjYRY8UU2Zj8xrqFWbWmxltqtNWCgpzjVgdAqGbZIvDi8 3hN5ALmpgMPx6+Uflu6LTYAWV/HN0gxWiD0vCf/BRSfT2oH0RXTbSJDs3K5uPLou Yg73VIDdYM6KsQ9UMZyQ0hrgj6Wf64N6ZWslxdPB5pXsrn9bZ8qGODbwAVwDeyiW F2aOjtA/zBh42B+CMqC8esMXz7orXX8AsZ3Ocm8MqgcgpqdIGf6CTOzdbLKxBGLZ mI9+pq/LLwMNMTIk1ZUIRoTQ3aWgrr2fhP6OFTIQOiOdv+AG/HRCgrMfoQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHuvWxQiZinQD1okIgN7P9WiKYrjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI4OWNlZGQ2LTc4ZGMtNGVmNS05MzU4LWU5NTk4N2ZkN2MzNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+yCAMA0GCSqGSIb3DQEBCwUAA4IBAQCVvCzI1UDpGWXIW4B9 2KZ3xJ9WQeDhMK3zQy1U18956WMO+7JKK/BB4gc13owWYuUm6vDgiwmRNZrppLcq fBOv8zTSH8n3T/0hs83piz2YX/bRtRF4sSwZafHW46Zbgtu7zZE70dTBXrwSSwRD Nw2OxMQ+8EhYzTV8xXk6JaGL+ZizRlapGrjATojKl3uhMUdT5YIXlHI/+p95rVYu PoeySz4avyMHzS3KN3hLevsUZxCwBc1C19OiR40vWZoJD1G673WVVbXxtQ/K7NpP Eebn3Dq+lDL09XrU1EkLfNmDuX79xOWsW/VgknNNmu/Zn9H7m9PN+ptCzhp12K6+ NOpu -----END CERTIFICATE-----Generated at Wed Feb 5 03:57:01 2025 by rpki-client