$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/48b29122-f009-4cd7-adac-414f1832e720.roa File: 48b29122-f009-4cd7-adac-414f1832e720.roa (raw, json) Hash identifier: gzvCwf7gF6sQpwz52OY3qaOQnu+z7XA3d2Ao/GrDGqA= Subject key identifier: 53:74:3F:CB:D3:BE:67:C9:23:9E:0F:0F:2B:2B:E3:5E:2F:29:15:15 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 30CB22F73F7A5F083D15D41BFCE1F656A0BCC8D8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/48b29122-f009-4cd7-adac-414f1832e720.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:cb:22:f7:3f:7a:5f:08:3d:15:d4:1b:fc:e1:f6:56:a0:bc:c8:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:82:a7:a0:08:66:95:5a:31:07:86:af:06:73: ba:7e:67:53:d7:7a:ca:e8:7d:43:df:d5:c9:5d:f7: d9:4e:65:d8:e5:e7:99:37:14:ab:bb:16:31:6f:a6: af:1f:f7:2a:eb:41:25:43:3e:e8:40:9c:10:84:65: 7e:b0:af:e1:f1:d9:e7:a8:b3:92:56:19:a9:84:1e: bb:a6:29:01:b7:d1:77:63:d1:5b:9e:ef:95:74:c1: 4c:66:35:bd:a5:0b:56:77:0d:75:d8:90:b3:a6:6d: ba:ca:69:1a:80:dd:1a:29:d7:8e:05:10:e2:f7:e8: 41:50:83:7a:7b:4b:0a:6e:c0:4f:84:d2:74:38:87: 82:d2:62:12:44:14:8f:56:20:1b:b6:97:ae:fa:ad: fc:1e:4c:7a:3a:d7:b0:38:2e:9e:87:a1:60:5f:0a: 97:1f:88:85:1d:8c:b8:7b:98:10:c7:72:0b:67:d1: 0a:12:26:56:0d:09:74:41:06:4b:7b:3b:76:f0:ac: bd:36:1c:4f:70:6b:b3:e0:75:86:21:9f:cc:c4:53: aa:65:df:41:dc:1f:ac:dc:a7:04:b6:18:86:37:97: 91:96:a5:19:f1:26:71:44:aa:16:b4:a2:23:6b:f8: 88:d7:68:49:55:3e:f7:a8:0c:85:15:c3:8b:07:02: 53:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:74:3F:CB:D3:BE:67:C9:23:9E:0F:0F:2B:2B:E3:5E:2F:29:15:15 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/48b29122-f009-4cd7-adac-414f1832e720.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 2c:6a:c4:16:d8:81:55:a4:9a:64:17:3a:f7:01:c9:6d:7e:e8: 75:60:20:5a:47:7a:7b:5e:f4:28:4d:c1:be:c4:d4:bb:e0:a3: 10:55:81:49:48:b1:2e:08:5f:c4:b1:64:0d:b5:ec:3c:bd:0b: b0:3f:d0:cf:79:dc:d6:d6:ff:7b:10:06:46:e3:22:db:6c:c2: 12:6e:0e:46:4d:22:7c:0c:c7:75:58:a2:79:cc:10:56:f2:a1: 88:c1:ae:72:d4:c9:ca:a5:ef:79:07:ee:6e:d2:c2:cc:c9:0c: c4:e9:7b:f2:11:12:78:56:ae:a4:67:d4:18:f0:6c:0a:f7:2f: 35:de:a7:52:72:67:83:6c:ec:46:6e:8f:a2:d0:1e:e0:be:59: bf:54:6c:37:4a:8d:ef:76:eb:d9:57:78:1d:b8:4b:04:83:bb: 5d:6d:00:01:e1:bf:f6:f5:a5:9f:61:b0:18:f8:18:ec:ac:84: ef:7c:b3:6a:30:bb:69:95:70:f7:17:31:b1:9e:93:ba:a5:98: 57:48:22:65:36:d9:60:98:2f:e9:19:05:73:1a:09:01:fa:ed: ba:ad:f0:d0:c8:fc:25:f7:eb:28:5d:6d:5b:a5:56:7d:4f:c3: f5:f1:0b:b7:08:8c:e8:11:a5:b5:be:25:11:22:fd:e6:95:d5: 5d:57:4b:71 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMMsi9z96Xwg9FdQb/OH2VqC8yNgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYzI5YzYzMmU1NzRjOTE2NDIzZmVj MWE3YzQ2NWRjNTI0YjMyMGJhNDQ4MzZmYjQ4MThkMzJhMDk1NTZjOWQ1MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYKnoAhmlVoxB4avBnO6fmdT13rK 6H1D39XJXffZTmXY5eeZNxSruxYxb6avH/cq60ElQz7oQJwQhGV+sK/h8dnnqLOS VhmphB67pikBt9F3Y9Fbnu+VdMFMZjW9pQtWdw112JCzpm26ymkagN0aKdeOBRDi 9+hBUIN6e0sKbsBPhNJ0OIeC0mISRBSPViAbtpeu+q38Hkx6OtewOC6eh6FgXwqX H4iFHYy4e5gQx3ILZ9EKEiZWDQl0QQZLezt28Ky9NhxPcGuz4HWGIZ/MxFOqZd9B 3B+s3KcEthiGN5eRlqUZ8SZxRKoWtKIja/iI12hJVT73qAyFFcOLBwJT2QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFN0P8vTvmfJI54PDysr414vKRUVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ4YjI5MTIyLWYwMDktNGNkNy1hZGFjLTQxNGYxODMyZTcyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9EDAMA0GCSqGSIb3DQEBCwUAA4IBAQAsasQW2IFVpJpkFzr3 Acltfuh1YCBaR3p7XvQoTcG+xNS74KMQVYFJSLEuCF/EsWQNtew8vQuwP9DPedzW 1v97EAZG4yLbbMISbg5GTSJ8DMd1WKJ5zBBW8qGIwa5y1MnKpe95B+5u0sLMyQzE 6XvyERJ4Vq6kZ9QY8GwK9y813qdScmeDbOxGbo+i0B7gvlm/VGw3So3vduvZV3gd uEsEg7tdbQAB4b/29aWfYbAY+BjsrITvfLNqMLtplXD3FzGxnpO6pZhXSCJlNtlg mC/pGQVzGgkB+u26rfDQyPwl9+soXW1bpVZ9T8P18Qu3CIzoEaW1viURIv3mldVd V0tx -----END CERTIFICATE-----Generated at Wed Feb 5 04:03:49 2025 by rpki-client