$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6b3ecd-f7ff-4379-a780-1f1e7ee8e62b.roa File: 3a6b3ecd-f7ff-4379-a780-1f1e7ee8e62b.roa (raw, json) Hash identifier: 4nMzamUboZSjvH0az/NBQQEVKqQUSzBWIgNhxTI7gVs= Subject key identifier: 42:43:5B:C0:DC:24:91:FD:CD:DC:C6:44:F4:0B:5F:E6:3B:CF:AE:F5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5AD5525566872C974AA8B312C3D823B0488A8A23 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6b3ecd-f7ff-4379-a780-1f1e7ee8e62b.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:20c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:d5:52:55:66:87:2c:97:4a:a8:b3:12:c3:d8:23:b0:48:8a:8a:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:05:a2:ae:39:65:00:a7:16:c5:5b:13:88:fe: 39:97:ff:2e:93:de:c0:97:c3:df:c3:f6:5f:71:2e: 2b:a9:d2:4d:41:2f:9a:bd:b1:80:d1:87:81:79:ab: 55:72:39:8e:57:d5:0a:3c:30:18:72:48:21:bc:62: 4e:a6:1e:69:be:af:59:ff:91:c0:d3:55:71:ec:e0: 17:74:23:9f:fc:f7:ce:f5:b6:45:c8:60:0c:f6:f5: df:c1:79:fe:f2:69:8a:ad:70:f7:41:f4:25:20:fd: b0:97:82:0b:e4:af:2a:b1:c5:56:7d:79:8e:45:f4: 03:49:c3:57:9f:c6:e1:b9:c0:98:76:13:d1:85:a4: 82:a6:52:a7:76:6a:dd:82:17:05:0f:54:ac:ac:d7: 29:bf:70:63:04:d4:cf:a2:5a:7a:f2:d6:e4:78:53: 1d:c1:25:88:5e:df:d6:35:88:df:e5:e1:4b:f8:cf: 04:e5:06:e6:c0:0a:95:70:16:13:75:9d:db:26:e9: 22:eb:b8:ad:dd:5b:e5:ee:95:56:93:5b:49:54:0c: 9a:51:de:7b:a0:25:db:2e:12:a7:87:92:4f:87:4b: e6:9c:ee:b5:f7:bb:27:17:2c:e7:f4:11:79:27:f5: fc:b0:45:0e:f3:93:c5:76:ae:a5:d3:9b:11:3b:31: 6b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:43:5B:C0:DC:24:91:FD:CD:DC:C6:44:F4:0B:5F:E6:3B:CF:AE:F5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6b3ecd-f7ff-4379-a780-1f1e7ee8e62b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:20c0::/46 Signature Algorithm: sha256WithRSAEncryption 03:7e:15:6c:7e:2f:79:5a:9f:48:65:f9:62:c7:99:7b:ad:9d: 89:a8:5a:71:94:d2:44:08:18:7d:cc:17:4f:3f:0d:d7:01:89: c4:4a:79:94:23:82:93:25:26:34:ca:9b:ae:e4:6d:da:fc:05: f0:80:ed:f7:73:76:d6:bb:d0:ca:93:d6:a6:40:ca:1a:7a:7f: 58:ef:8a:b3:9a:b9:ab:65:e8:f7:45:a3:d0:21:64:34:1c:5a: ba:d9:f3:9c:14:ad:a8:52:71:96:c2:8e:fd:70:3b:05:48:9f: 3b:a2:08:b3:f2:4f:a5:3f:93:c6:ac:dd:06:31:68:21:fe:57: 66:34:dd:0b:5a:2e:97:b1:7f:7c:4a:d9:9a:1f:b5:8e:a7:ef: 40:79:be:f9:c1:52:5e:51:cf:ed:fb:0b:4a:ab:4f:57:e9:17: b2:5b:42:0e:11:9b:03:15:01:3e:b3:0b:a8:80:32:ab:44:0a: 0a:de:04:66:1a:c4:b4:b9:66:fd:de:db:a0:d1:a1:25:20:c6: d1:2f:8a:39:58:12:bc:bc:a1:e9:1a:23:6e:e0:21:98:3d:2a: 8c:5d:98:d2:8a:bb:05:3a:ea:66:85:1d:4a:16:33:67:1f:2c: 69:80:8e:c1:27:4e:f5:24:10:78:82:f2:ed:d6:28:9c:d5:05: ef:22:3f:ed -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWtVSVWaHLJdKqLMSw9gjsEiKiiMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANzdiNDBjNTkyMzE2OGZkNzY4NjMx NDNlNGQwMDUxYzM3Nzk3Y2M0YjljZmVhY2MzMmZjYTU5NzBiODIzNDAwNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAWirjllAKcWxVsTiP45l/8uk97A l8Pfw/ZfcS4rqdJNQS+avbGA0YeBeatVcjmOV9UKPDAYckghvGJOph5pvq9Z/5HA 01Vx7OAXdCOf/PfO9bZFyGAM9vXfwXn+8mmKrXD3QfQlIP2wl4IL5K8qscVWfXmO RfQDScNXn8bhucCYdhPRhaSCplKndmrdghcFD1SsrNcpv3BjBNTPolp68tbkeFMd wSWIXt/WNYjf5eFL+M8E5QbmwAqVcBYTdZ3bJuki67it3Vvl7pVWk1tJVAyaUd57 oCXbLhKnh5JPh0vmnO6197snFyzn9BF5J/X8sEUO85PFdq6l05sROzFr4wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEJDW8DcJJH9zdzGRPQLX+Y7z671MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhNmIzZWNkLWY3ZmYtNDM3OS1hNzgwLTFmMWU3ZWU4ZTYyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+yDAMA0GCSqGSIb3DQEBCwUAA4IBAQADfhVsfi95Wp9IZfli x5l7rZ2JqFpxlNJECBh9zBdPPw3XAYnESnmUI4KTJSY0ypuu5G3a/AXwgO33c3bW u9DKk9amQMoaen9Y74qzmrmrZej3RaPQIWQ0HFq62fOcFK2oUnGWwo79cDsFSJ87 ogiz8k+lP5PGrN0GMWgh/ldmNN0LWi6XsX98StmaH7WOp+9Aeb75wVJeUc/t+wtK q09X6ReyW0IOEZsDFQE+swuogDKrRAoK3gRmGsS0uWb93tug0aElIMbRL4o5WBK8 vKHpGiNu4CGYPSqMXZjSirsFOupmhR1KFjNnHyxpgI7BJ071JBB4gvLt1iic1QXv Ij/t -----END CERTIFICATE-----Generated at Wed Feb 5 03:46:55 2025 by rpki-client