$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa File: 3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa (raw, json) Hash identifier: 60wxrO2dpwjTB5lxb9150kfCV9xu7h1AsXQi91EgGmc= Subject key identifier: 82:3E:59:AA:35:F0:8B:AB:43:25:16:97:8E:10:FB:54:30:C8:17:C9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5E74FFE5781B0457BFBFD684D094E04D432A6ABB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:74:ff:e5:78:1b:04:57:bf:bf:d6:84:d0:94:e0:4d:43:2a:6a:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:6b:d5:5c:d7:bc:ca:29:00:77:b7:00:60:3a: 17:4e:e1:f4:e6:e6:87:5c:fd:32:a6:75:3b:d0:0f: a5:d8:4e:df:a0:d4:61:e5:0f:ed:59:df:aa:d0:74: ac:4c:44:27:48:f9:e4:c2:cc:de:a4:bd:77:a8:2d: c3:e4:9f:03:c6:e4:da:89:ef:9e:9e:82:b7:38:8f: 4f:f1:28:42:96:12:5d:ba:d6:2a:73:83:63:58:de: a3:8c:e4:83:12:da:4f:b8:4a:22:f5:c7:99:fa:11: 1f:6c:58:43:7a:e3:6f:c9:bf:ac:11:de:87:17:08: 45:ef:82:da:5a:95:54:ac:7f:d2:99:fc:df:0d:80: 03:a8:20:90:f8:09:f6:46:6e:17:e0:97:04:b5:1b: 81:da:f8:97:d5:9e:11:48:28:97:cc:25:b1:8b:f1: 26:64:c5:88:c1:19:b5:de:d9:11:2d:eb:04:96:73: 7e:8b:bf:13:42:d6:27:91:02:7e:db:a2:2b:1c:34: 58:0c:cb:50:00:36:7d:58:9e:8d:47:c3:32:23:99: b9:60:03:64:1f:95:fc:b9:64:80:7d:57:52:23:ce: 75:66:e0:ab:9e:6e:f4:7e:b8:fa:23:45:25:e9:f7: bb:9d:0e:be:6d:12:c0:94:c0:3a:29:0a:60:bd:50: 22:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:3E:59:AA:35:F0:8B:AB:43:25:16:97:8E:10:FB:54:30:C8:17:C9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c880::/48 Signature Algorithm: sha256WithRSAEncryption 86:14:65:30:e7:0a:4b:55:b1:8a:99:3c:ac:75:1f:1f:66:55: 9b:40:5d:6e:3b:32:cf:7f:9f:b1:b9:25:c3:84:6f:8c:6d:34: 4b:5f:f7:9f:3b:25:0a:72:7a:b5:2e:12:00:eb:36:bd:30:4f: e7:a6:ba:24:27:1c:8b:a1:0e:cb:2c:bc:62:38:39:55:ed:e2: 30:b6:47:ce:53:b2:5a:a4:cb:a5:64:7a:05:b3:81:78:56:b1: dd:99:e0:ca:05:a3:50:9c:78:50:65:16:5c:1f:00:e8:4d:2f: 9f:ce:29:3a:70:a1:f7:4e:c5:8b:6e:e5:a0:33:24:9a:34:da: 80:e9:e6:c0:4e:dc:e2:8a:a2:4d:b2:36:5b:23:5c:17:0e:0f: d3:f9:22:4d:22:da:a0:60:50:17:a9:56:15:58:26:c4:95:69: 84:44:59:83:f6:8e:25:2a:71:4d:f7:6f:4c:9e:44:ec:41:c5: 47:46:fe:07:8c:29:08:c8:d6:2f:83:52:f1:e4:27:92:44:14: 13:6f:b4:f3:58:ae:40:19:e6:53:b6:11:7a:f4:c0:12:d9:4b: 34:37:19:70:57:28:42:2a:f6:2d:7b:6e:17:c6:d7:6c:cb:de: 4e:e4:4a:f0:48:30:18:2e:4c:69:d8:b5:76:9d:c5:03:77:a2: 95:7c:bc:19 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXnT/5XgbBFe/v9aE0JTgTUMqarswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZDhlZDVjYmNlZDdmMTU0MDM2MTUz YzFkN2ExMDFhOTNjM2NlMTM4ODNjMzJiYTBhMTRjMjk4NDFkOTYxNDU2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGvVXNe8yikAd7cAYDoXTuH05uaH XP0ypnU70A+l2E7foNRh5Q/tWd+q0HSsTEQnSPnkwszepL13qC3D5J8DxuTaie+e noK3OI9P8ShClhJdutYqc4NjWN6jjOSDEtpPuEoi9ceZ+hEfbFhDeuNvyb+sEd6H FwhF74LaWpVUrH/SmfzfDYADqCCQ+An2Rm4X4JcEtRuB2viX1Z4RSCiXzCWxi/Em ZMWIwRm13tkRLesElnN+i78TQtYnkQJ+26IrHDRYDMtQADZ9WJ6NR8MyI5m5YANk H5X8uWSAfVdSI851ZuCrnm70frj6I0Ul6fe7nQ6+bRLAlMA6KQpgvVAiVwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFII+Wao18IurQyUWl44Q+1QwyBfJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhNmYwMWYxLWJjNWItNDczZC1hMTJmLTdmMGZmZWQ1ZjRmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8siAMA0GCSqGSIb3DQEBCwUAA4IBAQCGFGUw5wpLVbGKmTys dR8fZlWbQF1uOzLPf5+xuSXDhG+MbTRLX/efOyUKcnq1LhIA6za9ME/nprokJxyL oQ7LLLxiODlV7eIwtkfOU7JapMulZHoFs4F4VrHdmeDKBaNQnHhQZRZcHwDoTS+f zik6cKH3TsWLbuWgMySaNNqA6ebATtziiqJNsjZbI1wXDg/T+SJNItqgYFAXqVYV WCbElWmERFmD9o4lKnFN929MnkTsQcVHRv4HjCkIyNYvg1Lx5CeSRBQTb7TzWK5A GeZTthF69MAS2Us0NxlwVyhCKvYte24Xxtdsy95O5ErwSDAYLkxp2LV2ncUDd6KV fLwZ -----END CERTIFICATE-----Generated at Wed Feb 5 03:59:30 2025 by rpki-client