$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa File: 42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa (raw, json) Hash identifier: 9qY4kJRuoSMF8xSJpXBvqo0RhKCx+BOBoi9aaIMP44Y= Subject key identifier: 1C:F3:82:CF:1C:05:15:A2:2E:3D:11:EA:F0:61:6A:FA:D4:1C:EC:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 326896CE9A7599FC1D19692ACBAEE596B372D604 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:68:96:ce:9a:75:99:fc:1d:19:69:2a:cb:ae:e5:96:b3:72:d6:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:34:2d:87:4d:09:33:8a:9d:aa:3e:32:41:75: 0c:e4:f1:e1:41:bd:fe:01:21:75:00:b4:11:05:f8: 9f:68:14:13:2a:6b:40:37:23:d5:33:cc:9e:63:a4: ea:55:6c:0c:14:9c:cd:e7:b4:02:e4:cc:a0:e1:f1: e1:d0:23:35:f9:6b:dd:02:92:87:85:e8:d0:c9:59: 77:df:d1:06:40:7f:b4:34:b3:7f:58:8e:26:5e:02: b2:8e:7a:20:6c:90:13:4b:a1:68:09:c4:25:f5:aa: 71:45:d3:98:87:09:1e:5b:6c:58:5e:78:1a:c4:72: 26:70:22:4f:0a:37:b6:fa:d3:a5:6e:5f:28:28:85: a5:d8:cc:d0:07:a8:17:d0:7a:8e:5a:0e:36:f2:5a: 9a:d1:05:68:f4:1d:d6:1c:4e:69:37:02:9b:24:69: 34:9d:0e:aa:7a:2d:2c:d3:65:36:e1:55:34:14:f3: be:6f:21:ca:05:37:e9:c2:ce:45:a0:84:1c:18:e2: 69:75:d4:f9:c7:37:ae:a0:45:53:a6:56:3d:b2:22: 3f:23:c6:9e:af:22:c3:e5:62:93:b5:46:af:f5:0f: ce:9a:24:ce:bc:73:93:97:8b:d1:1e:da:6d:49:95: d1:03:a1:e0:ee:24:1d:4a:ac:69:4a:b8:46:90:e1: 9b:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:F3:82:CF:1C:05:15:A2:2E:3D:11:EA:F0:61:6A:FA:D4:1C:EC:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 9d:fb:e4:d7:65:a8:35:10:a1:c8:94:cb:cf:0e:93:56:1c:2e: a7:09:69:0c:a2:36:f9:a8:36:f4:08:5e:45:9c:e5:14:4c:93: eb:b0:00:33:05:57:ce:0f:3f:77:c3:7d:e3:70:8a:30:d5:0c: 82:ec:c8:9e:41:20:05:66:bb:d3:44:41:8e:49:03:a5:ec:97: d5:72:95:75:72:d2:7c:93:bd:5d:fb:30:7f:95:5a:c7:41:be: 20:e8:e7:f5:9d:4a:dd:e0:40:cf:74:5c:f9:a1:f1:41:11:b7: 4f:03:b5:0c:57:aa:64:c0:a7:86:0e:54:3d:7c:93:0f:83:70: 4c:7d:2a:38:3d:aa:58:c1:8d:03:0b:11:ba:0d:16:f7:c5:e9: d6:52:17:34:cf:6c:20:43:23:75:5a:0f:ed:b9:21:83:4d:ac: 1f:a3:2e:ec:55:19:7b:01:10:b8:c3:15:e1:8a:c1:cb:bb:62: 83:08:52:0f:51:85:7e:b9:49:11:44:35:ab:9f:c7:0e:12:85: af:0c:33:ef:92:45:98:25:10:c0:d5:66:2a:32:a1:d6:a9:85: c7:e5:9f:d3:6c:65:48:43:40:b3:54:60:b7:1a:39:b4:d8:de: d4:26:e6:aa:05:e2:4d:a8:52:d1:81:61:eb:01:46:08:37:fe: 67:15:0f:38 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMmiWzpp1mfwdGWkqy67llrNy1gQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNAMWViMWVkMjk0MmY2NzE5MWJkYzhi NzQzZjIwMmZlNTAyZTk5MDk5ZjJhOGZmYTY0NTExZGE4MDY4ZmYyMDVmMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTQth00JM4qdqj4yQXUM5PHhQb3+ ASF1ALQRBfifaBQTKmtANyPVM8yeY6TqVWwMFJzN57QC5Myg4fHh0CM1+WvdApKH hejQyVl339EGQH+0NLN/WI4mXgKyjnogbJATS6FoCcQl9apxRdOYhwkeW2xYXnga xHImcCJPCje2+tOlbl8oKIWl2MzQB6gX0HqOWg428lqa0QVo9B3WHE5pNwKbJGk0 nQ6qei0s02U24VU0FPO+byHKBTfpws5FoIQcGOJpddT5xzeuoEVTplY9siI/I8ae ryLD5WKTtUav9Q/OmiTOvHOTl4vRHtptSZXRA6Hg7iQdSqxpSrhGkOGbiwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBzzgs8cBRWiLj0R6vBhavrUHOwYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyZmQ1YTk2LTIxZTktNGVmOC1iMjdmLTVhN2Y5OTZiODRkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8uDAMA0GCSqGSIb3DQEBCwUAA4IBAQCd++TXZag1EKHIlMvP DpNWHC6nCWkMojb5qDb0CF5FnOUUTJPrsAAzBVfODz93w33jcIow1QyC7MieQSAF ZrvTREGOSQOl7JfVcpV1ctJ8k71d+zB/lVrHQb4g6Of1nUrd4EDPdFz5ofFBEbdP A7UMV6pkwKeGDlQ9fJMPg3BMfSo4PapYwY0DCxG6DRb3xenWUhc0z2wgQyN1Wg/t uSGDTawfoy7sVRl7ARC4wxXhisHLu2KDCFIPUYV+uUkRRDWrn8cOEoWvDDPvkkWY JRDA1WYqMqHWqYXH5Z/TbGVIQ0CzVGC3Gjm02N7UJuaqBeJNqFLRgWHrAUYIN/5n FQ84 -----END CERTIFICATE-----Generated at Wed Feb 5 04:03:19 2025 by rpki-client