$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa File: 2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa (raw, json) Hash identifier: OlkQmjike7dunzPRWCwahB+4ibUWwk370NmWu1MV9EM= Subject key identifier: 9E:32:82:75:E8:8F:F9:C8:BF:25:1E:F8:6D:AD:82:D0:BF:00:04:4E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 296C3DB0520251CAC7310F83E1CCC47BE7CA7CD6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:6c:3d:b0:52:02:51:ca:c7:31:0f:83:e1:cc:c4:7b:e7:ca:7c:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:79:d9:0c:44:c0:7a:10:3a:5a:8f:52:2d:59: b6:a4:b8:71:fc:ff:46:65:3c:71:c4:bc:6e:7f:fe: 09:f7:9d:fc:e5:ef:6a:f4:eb:55:f7:da:8d:dd:92: 2e:47:31:f7:b4:79:24:e2:a3:66:4b:a5:7d:1e:59: b6:ad:bb:ab:0b:4b:07:b6:2d:bf:66:60:f8:13:ea: 41:f5:a4:dd:11:0a:e0:2b:c4:df:18:31:d4:e5:c4: e6:4c:cd:15:ae:d4:88:fd:5a:3f:f0:a8:9c:2b:92: 1a:0f:fe:aa:e2:1f:0d:22:fe:51:9e:9b:00:3c:c3: 2b:04:7b:a1:25:4e:39:79:f6:70:62:c8:a3:d0:73: 91:45:82:b9:01:2d:56:d3:3f:54:69:68:18:11:2d: 04:be:e5:3e:04:03:3c:00:76:7a:d5:0f:e4:f5:71: 6e:c6:88:a4:a2:2a:27:5d:4d:98:7b:3c:62:a1:f5: f2:7f:1d:23:28:ef:c2:b0:51:98:e4:a0:66:86:22: 70:37:f4:e4:f7:30:90:08:f5:8c:34:9d:14:d3:c5: 46:d4:c2:98:84:b6:d6:e4:d6:e5:c8:3b:94:8e:c4: fa:ce:cc:b6:17:a7:b7:9a:9b:fa:5b:49:8e:1a:3c: 95:a0:18:a7:cb:d2:aa:5a:c1:09:fa:05:1d:d3:20: 0c:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:32:82:75:E8:8F:F9:C8:BF:25:1E:F8:6D:AD:82:D0:BF:00:04:4E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9040::/48 Signature Algorithm: sha256WithRSAEncryption 3e:50:b4:dc:89:00:7a:28:05:be:f9:0b:5c:b0:17:59:a9:0c: d4:16:91:09:c5:ae:97:66:6b:2d:9f:18:40:8c:5f:4e:10:f6: aa:4b:72:f5:24:d4:d0:8b:99:0e:9a:ad:54:3e:70:85:36:df: 8d:5a:e1:76:5d:d7:0a:8c:56:e2:20:1e:1e:09:2f:c9:9f:42: 4d:88:74:c3:08:33:65:2c:f4:87:b1:14:ee:07:64:25:e1:ab: 1c:53:37:6f:82:8d:4c:f1:70:7b:5a:16:62:a9:c1:56:bb:f8: e0:fd:65:cf:90:0d:07:5e:91:b2:cf:b1:8a:39:02:bc:14:d7: ac:22:11:d0:cc:01:81:d9:f0:94:8a:97:a3:4b:62:f7:f9:27: 64:bb:e5:36:36:51:c1:51:72:18:f3:fc:d1:76:36:c4:db:ec: 65:65:86:6a:f0:1a:33:31:0a:ed:7b:18:9d:6c:00:2d:3e:f3: 87:07:b5:f2:fc:bb:5e:17:ee:a5:88:04:a9:53:38:b1:d5:a3: 22:67:39:e4:95:69:ee:79:37:92:d3:1d:b8:82:d8:2d:c8:be: bb:08:b1:cc:03:d7:ca:61:e2:b3:58:53:61:a9:33:6f:c9:cc: a6:72:3b:f3:21:f5:58:11:5d:50:9e:0c:0f:b5:d1:61:84:23: 92:66:a1:77 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKWw9sFICUcrHMQ+D4czEe+fKfNYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNAYmVhNmQwOWZmNTIyYjUzNDc4ZTZl YjA5Y2E3NmZlNTk4ZGEyMjIxNWI5ODc4MDBmMTAwNjY0ZWQxMDM2Mjc4MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3nZDETAehA6Wo9SLVm2pLhx/P9G ZTxxxLxuf/4J95385e9q9OtV99qN3ZIuRzH3tHkk4qNmS6V9Hlm2rburC0sHti2/ ZmD4E+pB9aTdEQrgK8TfGDHU5cTmTM0VrtSI/Vo/8KicK5IaD/6q4h8NIv5RnpsA PMMrBHuhJU45efZwYsij0HORRYK5AS1W0z9UaWgYES0EvuU+BAM8AHZ61Q/k9XFu xoikoionXU2YezxiofXyfx0jKO/CsFGY5KBmhiJwN/Tk9zCQCPWMNJ0U08VG1MKY hLbW5NblyDuUjsT6zsy2F6e3mpv6W0mOGjyVoBiny9KqWsEJ+gUd0yAMiwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJ4ygnXoj/nIvyUe+G2tgtC/AAROMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJjNWNkZDQ5LWU5OGItNGUzZC04YTYxLTA5NGYzODFkMmZhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAJBAMA0GCSqGSIb3DQEBCwUAA4IBAQA+ULTciQB6KAW++Qtc sBdZqQzUFpEJxa6XZmstnxhAjF9OEPaqS3L1JNTQi5kOmq1UPnCFNt+NWuF2XdcK jFbiIB4eCS/Jn0JNiHTDCDNlLPSHsRTuB2Ql4ascUzdvgo1M8XB7WhZiqcFWu/jg /WXPkA0HXpGyz7GKOQK8FNesIhHQzAGB2fCUipejS2L3+Sdku+U2NlHBUXIY8/zR djbE2+xlZYZq8BozMQrtexidbAAtPvOHB7Xy/LteF+6liASpUzix1aMiZznklWnu eTeS0x24gtgtyL67CLHMA9fKYeKzWFNhqTNvycymcjvzIfVYEV1QngwPtdFhhCOS ZqF3 -----END CERTIFICATE-----Generated at Wed Feb 5 03:54:57 2025 by rpki-client