$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa File: 28ff52d2-0135-4def-a017-40424079b2a7.roa (raw, json) Hash identifier: AVM0gNyCW4E5vVBcrZxk7KZtLR390kPlj8sW2zbNANo= Subject key identifier: F5:43:C6:DC:8F:F2:CA:E0:FA:2F:15:39:59:9C:07:85:A9:20:CA:5A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4DE405FA85E261D91EA89C177F436C7B987B6D7B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:e4:05:fa:85:e2:61:d9:1e:a8:9c:17:7f:43:6c:7b:98:7b:6d:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:71:1b:9e:8e:9d:d2:b7:e5:5e:fe:12:53:26: 88:d4:e7:33:a5:ff:21:fd:8d:d3:2e:84:d9:85:f2: 3a:5d:7a:9c:4f:5a:83:67:55:8a:2c:02:ff:60:b0: ce:1d:43:7c:35:b4:83:d6:5f:a3:bf:7e:52:44:eb: 70:30:17:22:0f:4f:e3:f3:f7:83:f1:d9:2f:7d:0c: b5:a5:0f:f2:e3:40:1f:f9:82:f0:87:e7:5c:92:10: 40:c2:88:15:61:d8:6e:7c:31:ff:35:13:7c:3c:7b: d0:aa:e5:d6:ef:cc:c5:1b:ea:a9:d5:84:f8:3b:f4: 60:c5:2b:d7:ab:ed:ae:fa:b7:30:ed:f7:b8:85:c8: 7c:e1:3e:01:ff:e4:72:d5:69:28:cc:50:0e:66:c9: 5f:1a:95:e6:17:ad:2c:63:9b:f5:fc:1d:f2:3f:82: 42:94:96:03:8a:45:81:e7:f8:c3:a2:a1:e1:77:8f: e7:0a:b6:b1:06:f2:4c:79:24:c1:d2:c0:ca:ed:8f: 39:98:7b:23:54:cd:00:8b:a2:0e:1e:f5:5c:9a:60: 75:e3:e9:04:d2:07:37:70:28:5c:cc:5d:0e:96:c5: 81:69:0e:07:ea:d5:70:c6:23:89:5a:ca:d8:46:a8: fd:02:1c:97:c4:27:3c:e1:ef:ee:a7:56:7b:bc:78: c9:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:43:C6:DC:8F:F2:CA:E0:FA:2F:15:39:59:9C:07:85:A9:20:CA:5A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:880::/48 Signature Algorithm: sha256WithRSAEncryption 46:7b:71:43:d6:ec:9a:aa:4b:3f:05:99:fb:01:81:40:c8:55: 82:1d:d5:fd:b2:e5:83:5b:d9:50:44:a6:82:00:46:2c:80:f8: 3a:1d:c5:56:75:8d:33:1c:08:cf:a1:5a:9d:1e:f1:be:29:7a: 06:ed:f2:04:8b:5b:74:7c:b1:f5:d7:01:4e:d3:d9:74:2c:ec: a0:5b:82:2b:46:df:b9:e3:12:0f:41:78:f4:1e:15:5d:04:08: f7:f3:7a:4d:c4:bc:ee:59:4b:2f:43:47:f5:c9:37:3e:96:88: fa:d3:34:6b:6b:59:2c:8d:c1:e7:80:be:df:b5:80:f1:cd:79: 5d:83:37:42:59:85:fa:6b:b0:21:14:85:05:bf:5d:c4:af:f6: 06:11:0c:40:7f:4e:d6:5e:c4:6d:3e:72:7b:8f:e9:f3:17:62: 87:6a:c1:26:03:60:fb:06:7b:3f:e0:06:ca:bf:ee:02:0b:ff: e0:60:43:92:10:a1:c3:e7:67:7d:6a:90:c4:5f:25:50:80:46: db:4c:c8:83:e4:46:e4:17:a1:df:bb:18:cf:61:ad:80:70:e9: 64:c2:eb:3e:e7:92:41:9a:29:4e:fe:9f:de:13:8f:8a:b5:fb: 4d:41:d4:e6:5c:b8:ff:bd:67:9e:6b:6f:d4:b3:b2:67:30:ce: 4f:15:9f:57 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTeQF+oXiYdkeqJwXf0Nse5h7bXswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYzYzZDQwZGIyNmMwNzYxMjlhNTRi ZDY0ODZiYWVhM2YwNzBmMmE1NWExNGJkYTcwYzgzNTBmZTA4MzUyMzYzNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunEbno6d0rflXv4SUyaI1Oczpf8h /Y3TLoTZhfI6XXqcT1qDZ1WKLAL/YLDOHUN8NbSD1l+jv35SROtwMBciD0/j8/eD 8dkvfQy1pQ/y40Af+YLwh+dckhBAwogVYdhufDH/NRN8PHvQquXW78zFG+qp1YT4 O/RgxSvXq+2u+rcw7fe4hch84T4B/+Ry1WkozFAOZslfGpXmF60sY5v1/B3yP4JC lJYDikWB5/jDoqHhd4/nCraxBvJMeSTB0sDK7Y85mHsjVM0Ai6IOHvVcmmB14+kE 0gc3cChczF0OlsWBaQ4H6tVwxiOJWsrYRqj9AhyXxCc84e/up1Z7vHjJFwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPVDxtyP8srg+i8VOVmcB4WpIMpaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI4ZmY1MmQyLTAxMzUtNGRlZi1hMDE3LTQwNDI0MDc5YjJhNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/wiAMA0GCSqGSIb3DQEBCwUAA4IBAQBGe3FD1uyaqks/BZn7 AYFAyFWCHdX9suWDW9lQRKaCAEYsgPg6HcVWdY0zHAjPoVqdHvG+KXoG7fIEi1t0 fLH11wFO09l0LOygW4IrRt+54xIPQXj0HhVdBAj383pNxLzuWUsvQ0f1yTc+loj6 0zRra1ksjcHngL7ftYDxzXldgzdCWYX6a7AhFIUFv13Er/YGEQxAf07WXsRtPnJ7 j+nzF2KHasEmA2D7Bns/4AbKv+4CC//gYEOSEKHD52d9apDEXyVQgEbbTMiD5Ebk F6HfuxjPYa2AcOlkwus+55JBmilO/p/eE4+KtftNQdTmXLj/vWeea2/Us7JnMM5P FZ9X -----END CERTIFICATE-----Generated at Wed Feb 5 03:55:13 2025 by rpki-client