$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a9b91de-ae9d-419a-81e8-e1066ea1ded3.roa File: 4a9b91de-ae9d-419a-81e8-e1066ea1ded3.roa (raw, json) Hash identifier: FnMqxu7E/RWe8DlAop5mY6HPkBIa3bWAY0SmYgsVydY= Subject key identifier: F8:BB:67:EF:4F:C2:96:35:D8:9E:82:00:93:75:CE:8F:50:06:85:BD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E6F3881A932549611FDD0FAF5DDE7CA6D36E97E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a9b91de-ae9d-419a-81e8-e1066ea1ded3.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:6f:38:81:a9:32:54:96:11:fd:d0:fa:f5:dd:e7:ca:6d:36:e9:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:dc:ac:1c:35:c8:b5:79:91:c2:c6:72:ff:b5: 7e:16:01:d5:53:7f:36:fe:64:19:13:36:3a:32:75: b9:ea:4b:7e:fa:2e:11:19:b7:58:84:e6:2f:e1:b3: d2:7e:4d:62:60:e6:09:f9:2d:e3:9d:36:b9:e0:54: e3:fe:91:e6:39:f4:0e:14:c3:d2:ba:53:da:45:1b: 93:bd:11:70:59:10:11:49:7d:d5:9d:c9:e0:d8:df: 43:5f:20:8f:1d:00:bd:97:31:b2:a0:53:dc:3a:c1: 08:76:d8:e4:47:9f:99:e2:f7:c6:3a:4f:41:3b:25: 23:58:6b:5d:da:40:77:33:9e:91:cd:90:65:1b:f2: c2:0d:2e:4d:bd:f2:8a:d3:66:fb:8d:14:4b:74:cd: 97:b0:0e:be:5d:f7:8d:e0:ab:28:c5:4e:63:24:16: 79:23:5a:96:78:5f:30:09:b2:42:27:35:9c:5f:4f: 18:14:03:d8:e0:26:39:67:99:bd:46:28:2c:16:81: 0e:44:c2:b3:b8:de:f9:47:a2:0b:00:ec:45:a7:66: c9:75:95:40:ec:2f:82:a6:ea:a6:8f:c1:91:3c:9f: 3e:43:89:8e:a7:ff:2d:08:32:84:81:e4:bf:e9:42: c8:e2:0e:80:8c:2e:fb:ae:b5:04:c1:43:c4:31:d1: d9:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:BB:67:EF:4F:C2:96:35:D8:9E:82:00:93:75:CE:8F:50:06:85:BD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a9b91de-ae9d-419a-81e8-e1066ea1ded3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:8800::/40 Signature Algorithm: sha256WithRSAEncryption 1e:fe:82:c6:f8:bb:df:b2:dc:cb:3b:75:a4:34:49:9b:19:b3: 57:83:58:e0:37:c5:b2:10:ef:ad:3a:1f:0c:07:fd:75:70:eb: 75:2c:ba:fb:ad:b7:ce:ec:98:6d:40:e6:93:1a:2f:70:55:2a: 61:0d:f1:e5:08:47:8b:10:b9:1d:11:7b:00:a9:82:59:5d:0b: 29:c0:3d:05:86:75:79:f0:20:c8:6a:ec:fd:40:d0:6c:a8:8e: 90:cd:47:78:fb:03:cd:50:1c:8d:3b:be:76:da:40:81:72:f5: 75:ef:b8:38:b6:2a:a2:12:ee:48:06:68:ce:41:e5:9a:48:8f: 6b:b7:ec:96:e8:25:7d:28:af:4d:52:1c:33:7e:af:4b:a9:0d: 30:9c:2d:df:e1:5e:b7:00:58:f9:b2:5a:03:76:ec:f4:6d:ca: 9a:79:df:af:c3:2f:40:3f:84:0b:e4:be:e0:6f:87:69:a6:cd: 34:82:53:5d:d4:48:e3:5f:85:50:f8:88:64:7d:c5:31:cf:31: 28:b9:d4:23:69:61:fe:2c:f6:72:94:ae:fa:86:81:a1:3d:26: dd:66:6e:17:60:0a:1e:67:cb:80:94:5f:47:0f:2e:ca:a1:82: 07:9b:bf:1b:d7:86:42:9b:56:1a:df:8d:f0:7d:dc:9e:98:0d: d4:6b:e9:60 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHm84gakyVJYR/dD69d3nym026X4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANjRiMmY5ZThlN2ZkM2QxMGM3Mjg2 MGMyMjY5Y2EyNDIyOTA2Y2U2YmVhYWEwN2Y0MTJkNDE0ZWMwN2EwY2VmMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNysHDXItXmRwsZy/7V+FgHVU382 /mQZEzY6MnW56kt++i4RGbdYhOYv4bPSfk1iYOYJ+S3jnTa54FTj/pHmOfQOFMPS ulPaRRuTvRFwWRARSX3Vncng2N9DXyCPHQC9lzGyoFPcOsEIdtjkR5+Z4vfGOk9B OyUjWGtd2kB3M56RzZBlG/LCDS5NvfKK02b7jRRLdM2XsA6+XfeN4KsoxU5jJBZ5 I1qWeF8wCbJCJzWcX08YFAPY4CY5Z5m9RigsFoEORMKzuN75R6ILAOxFp2bJdZVA 7C+Cpuqmj8GRPJ8+Q4mOp/8tCDKEgeS/6ULI4g6AjC77rrUEwUPEMdHZcwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPi7Z+9PwpY12J6CAJN1zo9QBoW9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRhOWI5MWRlLWFlOWQtNDE5YS04MWU4LWUxMDY2ZWExZGVkMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9YgwDQYJKoZIhvcNAQELBQADggEBAB7+gsb4u9+y3Ms7daQ0 SZsZs1eDWOA3xbIQ7606HwwH/XVw63Usuvutt87smG1A5pMaL3BVKmEN8eUIR4sQ uR0RewCpglldCynAPQWGdXnwIMhq7P1A0GyojpDNR3j7A81QHI07vnbaQIFy9XXv uDi2KqIS7kgGaM5B5ZpIj2u37JboJX0or01SHDN+r0upDTCcLd/hXrcAWPmyWgN2 7PRtypp536/DL0A/hAvkvuBvh2mmzTSCU13USONfhVD4iGR9xTHPMSi51CNpYf4s 9nKUrvqGgaE9Jt1mbhdgCh5ny4CUX0cPLsqhggebvxvXhkKbVhrfjfB93J6YDdRr 6WA= -----END CERTIFICATE-----Generated at Wed Feb 5 04:03:05 2025 by rpki-client