$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa File: 3cf33701-1ea5-43c6-b291-763d0e06817e.roa (raw, json) Hash identifier: j6NrofiOjiCWFrYZuR3+OoXaz6FpL4EFaC9lQpphW+s= Subject key identifier: 92:6C:32:1E:3F:B8:73:CF:6F:3C:4C:3A:27:98:2B:B4:F8:1C:A7:51 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D7FCD81502AD89541D3E7213F244FF668858E44 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:7f:cd:81:50:2a:d8:95:41:d3:e7:21:3f:24:4f:f6:68:85:8e:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:71:e2:5c:1b:0f:6a:8e:33:17:6b:db:3d:50: d4:a4:47:22:1e:c3:a2:aa:ff:cc:5f:98:1d:c8:71: ae:d9:1b:db:22:d7:20:2b:42:90:19:3e:4f:25:04: a9:e9:42:65:a2:ac:c9:06:fe:83:f9:2f:1d:fa:cf: ae:89:39:bb:50:3f:68:60:13:0b:22:0e:52:07:b7: fc:80:c5:81:8d:c2:68:97:9e:d7:2d:6e:58:ed:d0: e1:e4:c3:ec:85:6c:ba:55:05:3f:6a:66:7b:02:84: 12:9a:2d:35:25:fe:f0:1a:0c:bb:b2:14:d7:a9:b5: 21:85:6f:5f:52:f8:34:3b:4a:f9:ce:ac:41:2e:f4: 1d:cc:d6:99:d1:ff:3f:98:5c:f8:0e:46:e3:63:08: 6a:f9:08:88:f3:4e:b1:df:41:9d:00:09:42:67:42: f3:dd:16:18:d2:2a:5a:8c:82:c1:f9:73:ef:63:c6: 56:d4:de:f3:9f:ec:b4:a9:ca:58:1f:2d:1c:50:d7: 5b:70:a1:b2:81:48:24:bc:51:fa:d5:68:47:7e:e4: b4:79:44:1e:6c:4b:8e:18:2e:e7:0b:be:b3:76:df: 53:7f:71:a4:e0:24:46:ad:50:bd:4a:da:90:8a:cd: f2:2a:3e:7a:a2:01:cb:52:1e:84:c5:29:13:c1:85: 86:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:6C:32:1E:3F:B8:73:CF:6F:3C:4C:3A:27:98:2B:B4:F8:1C:A7:51 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:400::/38 Signature Algorithm: sha256WithRSAEncryption b1:37:f4:4e:cc:18:b9:29:67:97:01:91:4a:8c:1b:03:95:95: 15:39:ce:36:d6:b8:95:36:15:15:bb:8d:68:06:0e:08:71:a3: f8:f4:ab:ee:39:46:93:c5:69:68:a7:cf:ec:05:41:7b:85:ad: e8:a0:1b:34:31:0d:a6:e7:56:7c:f9:03:1f:19:26:d7:e1:86: 82:83:69:49:58:8b:23:d3:11:92:22:a9:46:6b:ee:5c:46:f2: ba:18:e1:85:8b:d0:7e:2d:03:41:b1:55:2b:f8:8b:aa:6d:0d: c1:f5:f7:7f:c5:80:e9:c7:2d:be:69:de:54:0c:e1:b5:38:86: f1:2e:16:61:4a:5a:76:13:68:9d:12:98:57:1d:58:62:57:5a: 4a:e2:c9:fb:55:30:bb:42:04:6b:9c:b5:a0:0a:89:49:cb:c5: 2e:b6:89:fb:fa:25:80:49:53:df:5d:ce:c0:fa:ce:e3:2f:0d: b1:6b:d6:b4:2a:f2:dd:84:37:d9:ab:3f:c5:f5:c7:e4:36:3b: e4:ae:09:2a:50:7b:2c:9a:85:43:34:a6:2a:7c:a2:e3:23:cd: b1:9c:79:34:6a:81:03:7f:4f:e4:b5:39:1f:3c:be:6f:6c:c5: 17:71:dc:01:4f:31:a7:36:0f:b8:ce:08:37:df:1b:ed:15:38: 9f:f5:42:de -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPX/NgVAq2JVB0+chPyRP9miFjkQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAOTA1ODdjZWI4ZWRiNjVjMjUyZDVh MDk2ZjA1NGZkNDI2YWJhMTYwYTU1ODI3YjhmM2E0YTBhMGRkMmEyMTE5ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HHiXBsPao4zF2vbPVDUpEciHsOi qv/MX5gdyHGu2RvbItcgK0KQGT5PJQSp6UJloqzJBv6D+S8d+s+uiTm7UD9oYBML Ig5SB7f8gMWBjcJol57XLW5Y7dDh5MPshWy6VQU/amZ7AoQSmi01Jf7wGgy7shTX qbUhhW9fUvg0O0r5zqxBLvQdzNaZ0f8/mFz4DkbjYwhq+QiI806x30GdAAlCZ0Lz 3RYY0ipajILB+XPvY8ZW1N7zn+y0qcpYHy0cUNdbcKGygUgkvFH61WhHfuS0eUQe bEuOGC7nC76zdt9Tf3Gk4CRGrVC9StqQis3yKj56ogHLUh6ExSkTwYWGrQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJJsMh4/uHPPbzxMOieYK7T4HKdRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNjZjMzNzAxLTFlYTUtNDNjNi1iMjkxLTc2M2QwZTA2ODE3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHAQwDQYJKoZIhvcNAQELBQADggEBALE39E7MGLkpZ5cBkUqM GwOVlRU5zjbWuJU2FRW7jWgGDghxo/j0q+45RpPFaWinz+wFQXuFreigGzQxDabn Vnz5Ax8ZJtfhhoKDaUlYiyPTEZIiqUZr7lxG8roY4YWL0H4tA0GxVSv4i6ptDcH1 93/FgOnHLb5p3lQM4bU4hvEuFmFKWnYTaJ0SmFcdWGJXWkriyftVMLtCBGuctaAK iUnLxS62ifv6JYBJU99dzsD6zuMvDbFr1rQq8t2EN9mrP8X1x+Q2O+SuCSpQeyya hUM0pip8ouMjzbGceTRqgQN/T+S1OR88vm9sxRdx3AFPMac2D7jOCDffG+0VOJ/1 Qt4= -----END CERTIFICATE-----Generated at Wed Feb 5 04:02:27 2025 by rpki-client