$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dcd175c-d836-48eb-86d0-63d1c2f1c6d3.roa File: 2dcd175c-d836-48eb-86d0-63d1c2f1c6d3.roa (raw, json) Hash identifier: e4y87kERDmRgZAaFETMvV8YAdYnbZr7/uPOH1v6drss= Subject key identifier: 05:1C:7A:D9:67:C4:BF:7D:68:AB:E1:EB:E3:AC:8A:F9:6E:CD:CF:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 64CF7DB9783F673593D7FE1C242A26D45321ADDE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dcd175c-d836-48eb-86d0-63d1c2f1c6d3.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:48c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:cf:7d:b9:78:3f:67:35:93:d7:fe:1c:24:2a:26:d4:53:21:ad:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:7e:a9:c9:1b:4b:2b:9a:b9:29:51:b3:a4:f5: 4a:4c:1a:ef:71:a8:20:ae:b3:65:7e:8a:62:92:1c: 14:68:5e:b7:03:55:9b:db:3a:1e:7d:4d:95:ff:70: ac:46:4e:b4:04:27:f4:b3:2a:f5:c6:ab:24:e0:ca: 11:ec:9b:c5:97:a1:16:71:be:85:3d:a9:98:00:a1: 95:e3:b5:35:b4:7e:cf:83:c9:bf:ee:8a:f9:66:64: 9f:66:37:86:3e:12:47:95:1b:5a:37:87:fd:91:ab: 6a:79:21:ab:09:06:c7:7f:70:05:25:03:40:30:fe: 92:d9:20:4a:6e:4c:d3:d3:3e:ce:50:ca:bc:59:93: dc:9b:ba:91:0b:d6:67:68:c6:76:96:92:b8:46:8b: 44:9e:7f:f1:28:d8:6e:00:ce:29:31:b8:ff:37:f2: 61:0f:7a:9c:20:70:a3:ba:fc:ba:da:cb:23:9b:23: d2:0d:ea:ec:e0:0e:26:7b:da:9c:7d:af:85:67:1c: d0:dd:1e:b7:bc:68:c5:5d:d8:8b:d4:e2:e2:4f:c7: 44:a4:bf:fd:b3:c5:a7:cd:f0:1c:18:f8:10:c8:fd: ac:19:f8:f9:b3:2a:73:99:a2:4b:39:8f:89:87:8c: 65:00:b7:ca:b5:a5:1e:2e:b8:0e:02:64:92:ed:c2: 75:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:1C:7A:D9:67:C4:BF:7D:68:AB:E1:EB:E3:AC:8A:F9:6E:CD:CF:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dcd175c-d836-48eb-86d0-63d1c2f1c6d3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:48c0::/46 Signature Algorithm: sha256WithRSAEncryption 78:5c:5e:59:70:0a:4f:1c:59:5e:1e:62:4e:b2:8d:a9:4f:fc: 03:18:9d:f1:7b:8a:19:14:49:94:e3:1f:89:ec:16:57:c7:75: 76:09:87:14:c9:86:0b:df:bd:71:46:c9:8a:08:21:10:52:0b: c3:6a:73:3d:23:56:8e:96:ea:50:e2:15:98:0a:e7:6c:49:8b: 68:39:bb:ab:be:76:ee:36:fc:22:52:d0:6e:5b:3a:34:e0:b1: 93:85:4a:a4:c2:19:8b:2a:53:5f:63:f1:63:26:43:e4:5e:70: b7:67:ce:bc:c7:07:24:cc:47:e6:ed:68:39:1a:a1:64:40:a4: 1c:f5:47:e6:42:e5:9f:e1:b9:5a:98:f3:53:02:ab:bf:54:19: 15:26:83:8a:6b:74:f0:46:01:72:c1:48:61:22:43:91:f4:b7: 34:23:2b:39:95:9f:29:e6:c9:46:37:f6:c4:ae:7c:97:fb:e3: 30:28:d2:77:14:c1:c0:d6:87:12:cd:4c:f7:26:ce:02:2a:5f: 18:fa:c6:8d:c2:45:59:fb:35:8e:a6:71:c7:5a:2e:93:ae:a5: af:17:a4:ed:ae:37:c0:ff:d7:fb:c6:f9:21:b1:f5:09:99:0c: 74:65:ee:6a:b8:7a:48:6c:c9:05:40:d9:87:7d:82:76:b6:cb: 39:f1:7c:68 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZM99uXg/ZzWT1/4cJCom1FMhrd4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZDI0NGZhMTQwYzRmNDMxZGRkZjFk NTgwMzI1YzJjZDAyZGFiOGFhMTcwMzUyN2NhNzYzYmU0MDFhNmY4N2Q2OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5X6pyRtLK5q5KVGzpPVKTBrvcagg rrNlfopikhwUaF63A1Wb2zoefU2V/3CsRk60BCf0syr1xqsk4MoR7JvFl6EWcb6F PamYAKGV47U1tH7Pg8m/7or5ZmSfZjeGPhJHlRtaN4f9katqeSGrCQbHf3AFJQNA MP6S2SBKbkzT0z7OUMq8WZPcm7qRC9ZnaMZ2lpK4RotEnn/xKNhuAM4pMbj/N/Jh D3qcIHCjuvy62ssjmyPSDers4A4me9qcfa+FZxzQ3R63vGjFXdiL1OLiT8dEpL/9 s8WnzfAcGPgQyP2sGfj5sypzmaJLOY+Jh4xlALfKtaUeLrgOAmSS7cJ11QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAUcetlnxL99aKvh6+Osivluzc9AMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkY2QxNzVjLWQ4MzYtNDhlYi04NmQwLTYzZDFjMmYxYzZkMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+0jAMA0GCSqGSIb3DQEBCwUAA4IBAQB4XF5ZcApPHFleHmJO so2pT/wDGJ3xe4oZFEmU4x+J7BZXx3V2CYcUyYYL371xRsmKCCEQUgvDanM9I1aO lupQ4hWYCudsSYtoOburvnbuNvwiUtBuWzo04LGThUqkwhmLKlNfY/FjJkPkXnC3 Z868xwckzEfm7Wg5GqFkQKQc9UfmQuWf4blamPNTAqu/VBkVJoOKa3TwRgFywUhh IkOR9Lc0Iys5lZ8p5slGN/bErnyX++MwKNJ3FMHA1ocSzUz3Js4CKl8Y+saNwkVZ +zWOpnHHWi6TrqWvF6TtrjfA/9f7xvkhsfUJmQx0Ze5quHpIbMkFQNmHfYJ2tss5 8Xxo -----END CERTIFICATE-----Generated at Wed Feb 5 03:58:50 2025 by rpki-client