$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bbabd33-7e7b-4885-9680-532342168721.roa File: 2bbabd33-7e7b-4885-9680-532342168721.roa (raw, json) Hash identifier: wHkYkZ3MzTVrtJhd7zZ2MsFiYzxW+eqRHwPr6bgpKIE= Subject key identifier: BE:83:A3:C6:D9:36:BA:BA:06:93:F5:81:1A:66:34:E2:A2:BA:34:DC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1657F9AABBBF9794BDAF50632272876411802FA3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bbabd33-7e7b-4885-9680-532342168721.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:c840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:57:f9:aa:bb:bf:97:94:bd:af:50:63:22:72:87:64:11:80:2f:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:28:2c:ac:90:ec:3d:9b:2f:21:dc:12:c8:91: 64:cb:92:75:b5:ae:c5:4a:06:1c:3c:b4:f5:be:dc: 94:e0:e7:98:1a:08:2f:a1:57:44:0c:87:b0:d1:16: 3a:70:15:39:94:cf:ed:83:80:40:46:25:d2:bc:1d: 93:d5:6c:b9:44:18:bc:8c:b1:75:1f:a3:44:55:05: 37:93:86:70:2f:d2:65:54:17:1a:0b:94:b8:7c:03: 17:d0:ab:f0:e2:a0:51:aa:d0:20:9e:12:8c:ea:39: 8a:e3:8a:b5:60:07:c7:6d:e6:b1:3d:de:80:c0:e7: b5:a3:2b:65:d0:ae:39:0e:ab:bb:48:ac:19:9f:40: a4:50:1c:be:d8:eb:29:d6:81:87:ab:de:19:3c:08: bd:84:78:d2:9f:56:9b:c7:6e:9d:dd:da:e3:7e:51: 43:9d:98:d1:4b:4b:82:e1:86:3d:db:4f:87:e0:04: 40:00:67:5c:fe:08:e5:0c:20:42:1b:18:e0:f5:2e: 93:05:a8:ab:55:5d:bb:b2:c6:49:d7:10:35:85:77: 9f:44:05:ae:25:16:c0:5d:0f:7b:4f:05:97:49:30: 2c:19:41:9d:91:63:ae:3e:92:50:85:58:4c:72:f9: e0:9e:25:c3:77:b6:6a:f6:81:ff:90:4a:33:01:5b: c3:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:83:A3:C6:D9:36:BA:BA:06:93:F5:81:1A:66:34:E2:A2:BA:34:DC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bbabd33-7e7b-4885-9680-532342168721.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:c840::/46 Signature Algorithm: sha256WithRSAEncryption 3f:04:bf:b6:b6:01:26:62:89:4e:fe:38:02:9d:31:db:3e:29: cb:ab:86:e4:27:d0:ce:36:32:6d:df:c9:33:08:b9:7c:26:95: af:48:3c:10:22:79:c8:1d:13:57:dd:4e:ff:44:6d:2a:cf:11: 01:11:e2:e4:a7:fc:5d:4f:ed:f0:33:43:0e:56:67:78:eb:d6: 7f:8f:73:87:2e:8b:96:ee:dc:95:c8:8f:67:bd:d8:59:8b:66: 40:f9:3c:3b:46:14:0f:e5:1f:2b:a4:07:30:6a:91:a7:31:a8: 97:cd:f5:e2:3a:7f:18:b1:2a:07:60:27:18:d6:00:90:fb:d1: 85:15:09:a8:9e:8e:44:56:d6:d9:7e:c7:fb:26:fb:1f:fa:ec: 27:d0:3a:7c:91:23:3b:f0:ec:15:e7:84:fc:66:bf:06:8a:f0: 8d:a5:3d:13:57:79:c6:5e:16:91:14:5d:d5:3e:28:ed:7a:0b: ab:06:f5:a7:2a:b6:9c:f0:30:ab:31:4e:aa:f5:c9:5c:1f:e9: 36:ef:8c:7f:fa:ff:27:88:5d:8d:af:b2:11:9c:10:8a:b8:64: 94:a2:12:75:31:83:85:84:73:9e:af:ec:0c:81:55:d2:2b:83: f7:0a:51:1e:e7:c8:0a:c6:96:1c:70:a9:6d:bc:ad:71:80:cc: ef:b9:68:87 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFlf5qru/l5S9r1BjInKHZBGAL6MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAY2M1NGYxMzE0OTkyODNhY2ZlYTJk NDgxMTdlNDg1OTBkNzdjN2Q1MWY5YjMzZGYxZmNhZjUwZjlmNGZmM2JlZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ygsrJDsPZsvIdwSyJFky5J1ta7F SgYcPLT1vtyU4OeYGggvoVdEDIew0RY6cBU5lM/tg4BARiXSvB2T1Wy5RBi8jLF1 H6NEVQU3k4ZwL9JlVBcaC5S4fAMX0Kvw4qBRqtAgnhKM6jmK44q1YAfHbeaxPd6A wOe1oytl0K45Dqu7SKwZn0CkUBy+2Osp1oGHq94ZPAi9hHjSn1abx26d3drjflFD nZjRS0uC4YY920+H4ARAAGdc/gjlDCBCGxjg9S6TBairVV27ssZJ1xA1hXefRAWu JRbAXQ97TwWXSTAsGUGdkWOuPpJQhVhMcvngniXDd7Zq9oH/kEozAVvDjQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL6Do8bZNrq6BpP1gRpmNOKiujTcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiYmFiZDMzLTdlN2ItNDg4NS05NjgwLTUzMjM0MjE2ODcyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba98hAMA0GCSqGSIb3DQEBCwUAA4IBAQA/BL+2tgEmYolO/jgC nTHbPinLq4bkJ9DONjJt38kzCLl8JpWvSDwQInnIHRNX3U7/RG0qzxEBEeLkp/xd T+3wM0MOVmd469Z/j3OHLouW7tyVyI9nvdhZi2ZA+Tw7RhQP5R8rpAcwapGnMaiX zfXiOn8YsSoHYCcY1gCQ+9GFFQmono5EVtbZfsf7Jvsf+uwn0Dp8kSM78OwV54T8 Zr8GivCNpT0TV3nGXhaRFF3VPijtegurBvWnKrac8DCrMU6q9clcH+k274x/+v8n iF2Nr7IRnBCKuGSUohJ1MYOFhHOer+wMgVXSK4P3ClEe58gKxpYccKltvK1xgMzv uWiH -----END CERTIFICATE-----Generated at Wed Feb 5 03:57:00 2025 by rpki-client