$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46906009-c3b9-49b3-a5f1-d017b200e422.roa File: 46906009-c3b9-49b3-a5f1-d017b200e422.roa (raw, json) Hash identifier: 5+0Hb88PriBKQSGBbBJKFqpe7gx9pTUbJNW53LOjNQ0= Subject key identifier: 0A:21:64:CF:A2:EC:E2:6D:D1:C3:40:5D:95:77:6F:01:5A:88:EF:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 359A01818C14F7BB3242808E5CD3D23EE1400E67 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46906009-c3b9-49b3-a5f1-d017b200e422.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:48c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:9a:01:81:8c:14:f7:bb:32:42:80:8e:5c:d3:d2:3e:e1:40:0e:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:3c:87:58:67:88:b7:f6:ef:70:a6:27:65:7a: d7:9a:46:83:ff:30:77:54:d0:c3:f2:2e:f8:54:f3: 66:1d:10:7e:52:2c:a7:7f:2c:7c:18:e2:33:f3:43: 31:06:93:5a:e2:78:34:c8:66:b2:c0:43:27:5f:15: 91:f4:3e:cc:55:b1:38:ac:26:f7:db:c8:eb:0c:03: 91:2b:6b:00:2a:0c:b9:01:12:c2:99:fa:0d:cd:5e: ee:99:1f:31:2f:f3:cf:a4:8d:f8:fb:50:94:df:a4: b7:1a:af:63:1b:5c:20:26:56:d0:6c:73:10:ac:c8: 46:15:bb:3a:09:f8:7a:28:c1:78:99:a1:32:ed:98: 45:a9:ee:b7:b0:24:b6:65:02:62:11:f6:fb:1d:ca: 45:81:e2:12:f2:cc:fd:e4:85:c2:4e:b8:a6:64:60: 03:cf:17:fc:4f:a8:06:36:07:cd:aa:1d:65:b5:88: be:48:ae:a6:b3:bf:0e:75:27:b2:89:b5:68:3c:1d: 52:de:58:be:5b:55:e1:3e:79:4f:a4:86:55:2a:d4: 22:ca:20:6a:71:a3:da:73:74:b7:78:63:7a:7c:98: 8a:da:a1:23:16:1f:86:10:83:c1:d3:7b:38:b5:52: d9:e5:fb:8e:82:0a:3a:54:54:5e:c4:aa:8d:82:4f: b0:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:21:64:CF:A2:EC:E2:6D:D1:C3:40:5D:95:77:6F:01:5A:88:EF:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46906009-c3b9-49b3-a5f1-d017b200e422.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:48c0::/48 Signature Algorithm: sha256WithRSAEncryption b9:0f:56:59:30:c8:92:ba:1d:96:f3:eb:c2:a1:78:96:44:82: 18:7d:d8:63:5a:e6:52:c3:e4:77:0f:91:a7:84:90:ec:86:8c: be:6a:7b:e4:c3:73:0c:cc:27:a3:c7:63:a4:9b:e6:a1:4a:3c: 96:d6:38:0c:04:aa:2f:4d:40:b3:e4:f2:e3:54:ed:b3:01:4c: c3:54:7c:87:f9:b6:eb:ee:12:74:62:5e:78:63:7f:2c:7a:d0: db:aa:62:c5:87:51:7c:b6:65:c9:79:70:1e:6e:fc:27:26:f5: 6c:4d:7c:86:3f:03:d0:0f:e5:cd:f1:51:74:22:d3:fb:fb:e3: 75:6b:23:e6:bb:84:e3:ec:9a:a4:bf:37:6e:09:95:67:ed:78: d4:2e:8c:67:9b:e4:ff:e3:68:47:eb:a1:01:18:e1:5c:9f:e8: 6f:e7:6d:25:df:37:bd:65:af:c6:b6:75:74:be:ab:dd:30:57: 09:eb:3b:2f:3a:5b:26:14:2c:4b:c2:19:6e:a4:5d:e9:1b:50: 0d:07:df:7c:f4:be:10:99:90:27:07:36:82:8c:f4:22:5d:fa: d7:a6:6c:da:37:82:56:df:60:f3:b4:5b:5c:28:cd:3f:ea:fb: 7a:18:df:d0:25:61:56:af:73:ff:b4:02:5a:d8:a2:a9:65:80: cd:10:80:09 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNZoBgYwU97syQoCOXNPSPuFADmcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZjQyMDVhNzVjYTY3YmU0NTJjOWE3 ZmI0MzVjY2MwODAyMzQ4MDUwMWMyNDRmMTFlNmJmZjk4NGM2NmM4ZDNiMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzyHWGeIt/bvcKYnZXrXmkaD/zB3 VNDD8i74VPNmHRB+Uiynfyx8GOIz80MxBpNa4ng0yGaywEMnXxWR9D7MVbE4rCb3 28jrDAORK2sAKgy5ARLCmfoNzV7umR8xL/PPpI34+1CU36S3Gq9jG1wgJlbQbHMQ rMhGFbs6Cfh6KMF4maEy7ZhFqe63sCS2ZQJiEfb7HcpFgeIS8sz95IXCTrimZGAD zxf8T6gGNgfNqh1ltYi+SK6ms78OdSeyibVoPB1S3li+W1XhPnlPpIZVKtQiyiBq caPac3S3eGN6fJiK2qEjFh+GEIPB03s4tVLZ5fuOggo6VFRexKqNgk+wNQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAohZM+i7OJt0cNAXZV3bwFaiO8xMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ2OTA2MDA5LWMzYjktNDliMy1hNWYxLWQwMTdiMjAwZTQyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOEjAMA0GCSqGSIb3DQEBCwUAA4IBAQC5D1ZZMMiSuh2W8+vC oXiWRIIYfdhjWuZSw+R3D5GnhJDshoy+anvkw3MMzCejx2Okm+ahSjyW1jgMBKov TUCz5PLjVO2zAUzDVHyH+bbr7hJ0Yl54Y38setDbqmLFh1F8tmXJeXAebvwnJvVs TXyGPwPQD+XN8VF0ItP7++N1ayPmu4Tj7JqkvzduCZVn7XjULoxnm+T/42hH66EB GOFcn+hv520l3ze9Za/GtnV0vqvdMFcJ6zsvOlsmFCxLwhlupF3pG1ANB9989L4Q mZAnBzaCjPQiXfrXpmzaN4JW32DztFtcKM0/6vt6GN/QJWFWr3P/tAJa2KKpZYDN EIAJ -----END CERTIFICATE-----Generated at Wed Feb 5 03:55:14 2025 by rpki-client