$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/30151f9e-f6c9-40d6-bebe-daced959a278.roa File: 30151f9e-f6c9-40d6-bebe-daced959a278.roa (raw, json) Hash identifier: MKiPw5w9K+xGzEzZm7nvCiLvORoY3H1ktBS5G3XQHxc= Subject key identifier: 5C:F2:E3:D8:8B:55:58:77:BA:C5:62:2D:50:63:2A:8A:C7:05:4E:66 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 35B59F87E5B7E5EE8177FB89D751AD5876B9AAB9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/30151f9e-f6c9-40d6-bebe-daced959a278.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:2880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:b5:9f:87:e5:b7:e5:ee:81:77:fb:89:d7:51:ad:58:76:b9:aa:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:3e:57:a4:79:ae:47:5f:6e:85:12:8c:58:33: 6b:08:b6:72:fd:4f:97:58:78:24:31:ac:c2:b3:92: 72:1e:fe:4d:07:7a:fc:64:0a:c4:5c:de:38:9a:17: 7b:9f:27:95:bf:85:cc:95:d2:0f:bf:6d:6b:4e:fc: 23:08:6b:43:ca:6e:8f:9b:8d:50:32:ba:bf:ec:49: 30:b2:1e:e5:1a:5e:7f:30:84:df:cf:21:26:98:01: 96:78:29:b7:39:97:bd:99:41:c6:66:49:79:6e:e6: e7:1d:03:34:c4:0d:a5:9f:68:09:c1:e4:96:af:c2: fb:0e:3a:a0:cd:06:8e:fe:d3:49:03:13:78:57:cc: 35:79:ec:03:fb:11:e3:2c:5d:e5:33:f1:f1:1b:31: b8:93:4b:1a:73:9b:12:ba:6b:38:f1:00:37:44:0f: ed:5d:49:35:79:e4:4c:83:aa:b7:51:5f:07:b4:79: 17:d5:8b:62:86:45:fd:97:99:13:8f:68:8d:e0:1e: bc:48:c9:8d:21:17:6f:b7:2f:03:9b:ee:4d:6a:5c: 5a:c5:ef:0a:08:e3:f2:45:4c:77:f5:11:69:07:cb: fe:85:58:61:80:bd:bd:bd:94:96:68:cb:4a:f7:70: 69:50:68:5d:16:bf:f7:7c:ee:d4:a3:87:95:76:38: 1b:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:F2:E3:D8:8B:55:58:77:BA:C5:62:2D:50:63:2A:8A:C7:05:4E:66 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/30151f9e-f6c9-40d6-bebe-daced959a278.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:2880::/48 Signature Algorithm: sha256WithRSAEncryption 6e:68:1d:1b:9f:d0:44:81:43:40:88:21:ec:4f:7f:a7:1f:b2: 33:61:a0:87:fc:dd:be:bd:9b:9f:fe:96:46:cc:c8:c1:27:0e: 27:df:55:d6:4d:42:72:0b:00:76:be:d6:15:a7:ef:ae:d5:46: eb:c9:2d:bd:85:1f:a3:f9:bd:91:ca:15:23:fd:82:fb:98:1c: f5:ff:b4:36:84:ff:49:91:0a:1a:6c:ef:61:9b:ea:f4:ad:e5: c6:f7:e1:ee:09:31:1c:92:9c:3a:c6:5c:96:fe:f6:d7:e2:17: f3:17:0f:25:c1:be:96:dd:06:5d:8f:b8:c2:c0:c4:2e:9f:15: dd:48:71:7a:25:33:af:00:c1:9d:8b:c4:85:f7:75:e0:fa:09: 0c:cd:3e:92:a1:03:42:3b:c5:c5:c0:fa:6c:e4:9c:e6:aa:83: 0b:2d:4f:ca:20:24:08:6d:8c:d0:da:4c:24:85:5e:d4:f8:82: 9e:c3:0b:28:09:d0:22:f7:9d:f4:b8:77:a3:1b:4a:66:7d:6d: 75:4f:46:4b:5d:a8:78:47:4d:a7:8d:7d:71:35:3c:32:68:88: 58:a9:f2:b4:9f:13:40:ff:d8:ff:3d:5c:c8:10:20:54:46:96: ab:2d:e6:0e:1c:96:f0:39:60:21:b9:ad:3b:e7:1f:3f:26:14: ce:88:d2:b9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNbWfh+W35e6Bd/uJ11GtWHa5qrkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNANWRhZDc4NjcyYTcyZmJlMzA5YzYz MWNkNjYyZmY1MDM2ZTkzOTZkNjkwMGVhMzFmMmY2NjYxMjRlNTU5YzBmZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD5XpHmuR19uhRKMWDNrCLZy/U+X WHgkMazCs5JyHv5NB3r8ZArEXN44mhd7nyeVv4XMldIPv21rTvwjCGtDym6Pm41Q Mrq/7Ekwsh7lGl5/MITfzyEmmAGWeCm3OZe9mUHGZkl5bubnHQM0xA2ln2gJweSW r8L7DjqgzQaO/tNJAxN4V8w1eewD+xHjLF3lM/HxGzG4k0sac5sSums48QA3RA/t XUk1eeRMg6q3UV8HtHkX1YtihkX9l5kTj2iN4B68SMmNIRdvty8Dm+5Nalxaxe8K COPyRUx39RFpB8v+hVhhgL29vZSWaMtK93BpUGhdFr/3fO7Uo4eVdjgbOwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFzy49iLVVh3usViLVBjKorHBU5mMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMwMTUxZjllLWY2YzktNDBkNi1iZWJlLWRhY2VkOTU5YTI3OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8iiAMA0GCSqGSIb3DQEBCwUAA4IBAQBuaB0bn9BEgUNAiCHs T3+nH7IzYaCH/N2+vZuf/pZGzMjBJw4n31XWTUJyCwB2vtYVp++u1UbryS29hR+j +b2RyhUj/YL7mBz1/7Q2hP9JkQoabO9hm+r0reXG9+HuCTEckpw6xlyW/vbX4hfz Fw8lwb6W3QZdj7jCwMQunxXdSHF6JTOvAMGdi8SF93Xg+gkMzT6SoQNCO8XFwPps 5JzmqoMLLU/KICQIbYzQ2kwkhV7U+IKewwsoCdAi9530uHejG0pmfW11T0ZLXah4 R02njX1xNTwyaIhYqfK0nxNA/9j/PVzIECBURparLeYOHJbwOWAhua075x8/JhTO iNK5 -----END CERTIFICATE-----Generated at Wed Feb 5 03:48:05 2025 by rpki-client