$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/34315c91-143e-48d8-b654-b8332ff1ee53.roa File: 34315c91-143e-48d8-b654-b8332ff1ee53.roa (raw, json) Hash identifier: ww/tDezRJoOoxImSzPSEB8vsdt9foG/AZNbT1BVtIVg= Subject key identifier: 25:B1:13:5E:E3:37:67:8A:77:BA:C3:B3:1F:C9:90:81:58:B6:F2:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2A7BB0F99A299D22FC47603E76D72E9BB87598CE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/34315c91-143e-48d8-b654-b8332ff1ee53.roa Signing time: Sat 25 Jan 2025 00:00:00 +0000 ROA not before: Sat 25 Jan 2025 00:00:00 +0000 ROA not after: Sat 01 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:7b:b0:f9:9a:29:9d:22:fc:47:60:3e:76:d7:2e:9b:b8:75:98:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 25 00:00:00 2025 GMT Not After : Mar 1 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:53:a7:a7:0b:14:42:82:39:9d:23:e3:17:68: ac:45:6a:f1:1e:f5:a4:38:ee:f7:aa:f0:e0:56:8e: d9:0a:e4:07:fd:ad:43:06:5d:66:55:e5:48:14:46: 8a:9a:5f:c4:e7:21:25:72:48:35:c7:10:c8:69:75: 03:4d:35:65:30:c7:59:7b:33:60:d5:52:ec:2e:cd: 4d:0f:92:4b:25:61:65:bb:6d:13:be:da:9b:57:96: 7f:b6:ec:06:c6:d0:ad:e1:7b:5c:de:f7:fb:e4:4a: de:af:94:7b:0a:6a:12:a1:1f:25:d2:37:0f:75:b9: 15:d7:09:95:f8:1e:45:bc:db:5c:a6:97:e3:8d:10: 16:65:25:d8:da:42:11:e9:5e:a8:15:4d:ed:c2:7a: 85:92:d7:db:3d:15:77:04:a8:5d:8f:12:44:54:bf: 44:33:38:93:e6:5b:6c:b9:d6:fc:a5:a8:2c:80:39: 9d:f9:ce:d7:e8:a5:58:3f:b5:a3:1a:76:41:cb:5c: c4:33:37:74:d2:6c:0d:41:14:06:9e:d3:a6:cd:e7: a8:b6:4d:24:52:2f:63:23:89:0f:67:e3:16:12:cc: 8b:7a:66:93:96:44:08:4a:65:1f:e6:9d:a3:df:57: ba:3a:aa:93:11:d3:ee:ec:2e:6c:ae:6d:41:56:91: 1c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:B1:13:5E:E3:37:67:8A:77:BA:C3:B3:1F:C9:90:81:58:B6:F2:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/34315c91-143e-48d8-b654-b8332ff1ee53.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:a000::/40 Signature Algorithm: sha256WithRSAEncryption 16:d6:44:be:1c:16:78:50:d6:19:7f:6e:bc:46:25:d3:61:f0: 95:e9:de:2f:ea:f1:f2:3b:0b:f0:1e:07:f0:7c:e1:3b:32:54: 78:24:68:cd:ac:5e:ea:ce:ab:38:2d:34:19:c7:7d:4d:e8:d1: b7:c6:59:a0:f1:50:7e:29:14:5c:a2:7e:b4:f0:16:5f:02:11: 05:ad:09:71:3d:13:82:f8:1c:61:71:5f:9d:e4:22:e3:f2:ed: 0d:4b:e1:65:43:fa:27:92:f3:78:f0:14:c7:33:0f:57:77:1d: 3c:20:11:76:c6:3b:1e:9a:e8:51:6d:6d:ab:d3:b4:28:d3:cb: 2d:ef:23:ef:3f:6f:ae:a9:04:3c:50:35:68:f1:d5:06:2c:58: 3b:f0:81:f6:4e:1d:1e:10:b2:6d:35:86:a3:b2:35:03:a6:23: c1:af:dc:b7:51:5a:ee:8c:bb:d0:a4:4e:99:12:5b:3c:cd:12: 06:46:4e:e3:9a:c1:1c:05:66:ff:4e:68:2f:41:ae:13:5f:2b: 30:99:b3:3d:ba:1f:64:d8:74:42:12:6f:3c:24:0b:5d:43:f6: c8:60:13:26:87:32:ee:a4:32:a2:43:83:5a:02:36:ab:44:ef: ac:27:4a:26:37:ea:23:de:f3:1d:45:74:47:98:d4:ed:33:24: c1:ab:11:e1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKnuw+ZopnSL8R2A+dtcum7h1mM4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNTAwMDAwMFoX DTI1MDMwMTIzNTk1OVowejFJMEcGA1UEBRNAMTQ1YzE1MjhmMGQwZmIyNzJjZWNj YWMzM2EyMWQ5NjRmNzc1NjUxZmYzOTcwMzIwODA0NzhlYjYxMDIzZDM0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1OnpwsUQoI5nSPjF2isRWrxHvWk OO73qvDgVo7ZCuQH/a1DBl1mVeVIFEaKml/E5yElckg1xxDIaXUDTTVlMMdZezNg 1VLsLs1ND5JLJWFlu20TvtqbV5Z/tuwGxtCt4Xtc3vf75Erer5R7CmoSoR8l0jcP dbkV1wmV+B5FvNtcppfjjRAWZSXY2kIR6V6oFU3twnqFktfbPRV3BKhdjxJEVL9E MziT5ltsudb8pagsgDmd+c7X6KVYP7WjGnZBy1zEMzd00mwNQRQGntOmzeeotk0k Ui9jI4kPZ+MWEsyLemaTlkQISmUf5p2j31e6OqqTEdPu7C5srm1BVpEcFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCWxE17jN2eKd7rDsx/JkIFYtvI1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM0MzE1YzkxLTE0M2UtNDhkOC1iNjU0LWI4MzMyZmYxZWU1My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauKAwDQYJKoZIhvcNAQELBQADggEBABbWRL4cFnhQ1hl/brxG JdNh8JXp3i/q8fI7C/AeB/B84TsyVHgkaM2sXurOqzgtNBnHfU3o0bfGWaDxUH4p FFyifrTwFl8CEQWtCXE9E4L4HGFxX53kIuPy7Q1L4WVD+ieS83jwFMczD1d3HTwg EXbGOx6a6FFtbavTtCjTyy3vI+8/b66pBDxQNWjx1QYsWDvwgfZOHR4Qsm01hqOy NQOmI8Gv3LdRWu6Mu9CkTpkSWzzNEgZGTuOawRwFZv9OaC9BrhNfKzCZsz26H2TY dEISbzwkC11D9shgEyaHMu6kMqJDg1oCNqtE76wnSiY36iPe8x1FdEeY1O0zJMGr EeE= -----END CERTIFICATE-----Generated at Sun Feb 16 15:16:28 2025 by rpki-client