$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3db7215f-3224-4b67-ad00-eef647811243.roa File: 3db7215f-3224-4b67-ad00-eef647811243.roa (raw, json) Hash identifier: XInLh1vEYl2ivVGdAgLPEArEbCigE/q/TyMCWfhcGEU= Subject key identifier: 68:EA:24:A4:91:5E:5A:6B:57:95:C5:0D:1D:9D:78:DB:5F:36:EE:6D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B5A41380EC2BB6A12F8229C2B33ABEA9C2AE1AB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3db7215f-3224-4b67-ad00-eef647811243.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:b080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:5a:41:38:0e:c2:bb:6a:12:f8:22:9c:2b:33:ab:ea:9c:2a:e1:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:a9:93:e7:88:9f:91:d6:8e:84:94:41:ba:e4: 80:25:9c:94:19:8c:e2:5d:ce:81:8e:ef:ba:13:9a: cb:5e:39:60:b6:c1:2a:ba:bf:6f:fa:bd:56:a8:26: 00:cc:87:ba:ef:cb:be:c8:6e:47:d6:54:73:10:b6: 76:3b:ae:f4:1e:78:4b:31:45:3f:2c:cc:62:dd:fb: 06:a0:2c:7f:98:ed:49:69:63:14:e0:59:59:6d:f8: 7c:e1:27:12:14:ff:73:a4:b7:f0:5b:9b:97:c7:3d: 74:44:4d:3d:8a:73:2c:bd:69:73:ea:86:97:08:f7: 32:74:55:84:03:79:a5:29:43:02:11:cf:22:9f:15: 28:fd:5e:df:c6:fc:dd:2f:81:4e:b0:30:c5:0b:58: bf:64:48:66:89:eb:c8:cd:be:ee:b1:f1:f4:d9:4f: a8:81:f7:32:38:f5:69:b9:37:77:96:2b:53:b7:65: 7f:e1:c4:30:a0:43:b0:67:4c:a0:bb:a6:e9:df:91: 00:e5:f4:82:ba:b8:44:f3:42:d2:aa:f7:62:93:e0: 96:6b:12:c4:45:6f:d7:10:c6:05:69:82:b3:45:43: 99:f9:5d:b9:f3:d6:9f:72:61:9c:23:43:8f:f0:1f: ce:ce:4d:80:b1:e8:26:68:5d:89:27:ef:e6:09:47: 2a:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:EA:24:A4:91:5E:5A:6B:57:95:C5:0D:1D:9D:78:DB:5F:36:EE:6D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3db7215f-3224-4b67-ad00-eef647811243.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:b080::/48 Signature Algorithm: sha256WithRSAEncryption 34:93:ad:a8:15:aa:cf:69:ad:86:56:1f:1f:97:17:35:2c:0e: 26:8e:60:83:ba:0c:8b:b8:de:de:7a:0b:db:3b:2e:8f:55:dc: 40:d3:8e:cb:d3:a9:1d:47:ab:af:4a:fb:50:11:ac:a5:db:17: 79:c8:f5:70:aa:7c:a8:16:9b:02:e3:d5:f0:fa:03:22:c6:0f: 6f:38:8a:58:f8:fd:7e:07:9b:e1:e6:9a:49:36:5b:f1:63:4b: 5b:d8:cd:34:51:84:6c:be:c5:72:c6:c6:40:6f:a7:97:bc:fc: 93:d1:18:8d:86:2a:85:59:f9:a7:75:ab:43:65:c5:36:fc:d7: 06:65:39:e2:9a:77:86:26:0d:30:73:81:1a:d4:42:70:49:ad: 06:3a:26:9d:50:03:f8:78:31:6b:09:ac:73:20:8c:dd:76:37: 68:87:f8:cc:7d:e6:b9:d5:b1:28:f0:24:0f:e4:65:f6:30:39: ac:ea:c7:b2:d7:01:61:51:9a:84:0e:11:82:23:52:b3:3d:14: 72:ae:6f:99:60:17:7f:7d:6b:08:ba:06:d1:17:d5:5f:4c:55: 28:61:2b:88:e8:db:8e:41:f6:24:f2:87:24:30:38:f6:7e:38: 97:e8:48:99:6e:a7:5c:b1:d6:14:b3:d3:47:f2:2e:fc:67:ab: 2d:05:f6:49 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUe1pBOA7Cu2oS+CKcKzOr6pwq4aswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZGM5MWY2YzFiMGM2MzdhNDc1YTNh NDBiNTE0NzlhMDEzNjFkNmEzMTAzMjNiYjJjNmQzN2NjYjE0MjdjMDMzMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKmT54ifkdaOhJRBuuSAJZyUGYzi Xc6Bju+6E5rLXjlgtsEqur9v+r1WqCYAzIe678u+yG5H1lRzELZ2O670HnhLMUU/ LMxi3fsGoCx/mO1JaWMU4FlZbfh84ScSFP9zpLfwW5uXxz10RE09inMsvWlz6oaX CPcydFWEA3mlKUMCEc8inxUo/V7fxvzdL4FOsDDFC1i/ZEhmievIzb7usfH02U+o gfcyOPVpuTd3litTt2V/4cQwoEOwZ0ygu6bp35EA5fSCurhE80LSqvdik+CWaxLE RW/XEMYFaYKzRUOZ+V2589afcmGcI0OP8B/Ozk2AsegmaF2JJ+/mCUcqJQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGjqJKSRXlprV5XFDR2deNtfNu5tMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNkYjcyMTVmLTMyMjQtNGI2Ny1hZDAwLWVlZjY0NzgxMTI0My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9LCAMA0GCSqGSIb3DQEBCwUAA4IBAQA0k62oFarPaa2GVh8f lxc1LA4mjmCDugyLuN7eegvbOy6PVdxA047L06kdR6uvSvtQEayl2xd5yPVwqnyo FpsC49Xw+gMixg9vOIpY+P1+B5vh5ppJNlvxY0tb2M00UYRsvsVyxsZAb6eXvPyT 0RiNhiqFWfmndatDZcU2/NcGZTnimneGJg0wc4Ea1EJwSa0GOiadUAP4eDFrCaxz IIzddjdoh/jMfea51bEo8CQP5GX2MDms6sey1wFhUZqEDhGCI1KzPRRyrm+ZYBd/ fWsIugbRF9VfTFUoYSuI6NuOQfYk8ockMDj2fjiX6EiZbqdcsdYUs9NH8i78Z6st BfZJ -----END CERTIFICATE-----Generated at Wed Feb 5 04:08:00 2025 by rpki-client