$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b38fef2-d4ec-44a2-974b-d890067e85d3.roa File: 4b38fef2-d4ec-44a2-974b-d890067e85d3.roa (raw, json) Hash identifier: rnJ5wGnoZlSXGMo9wGeB+mH4Ut5UlJtFMgFTY5STC6Y= Subject key identifier: FA:77:8F:41:24:62:15:12:E3:CD:3E:E4:22:07:E5:3C:59:64:69:67 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 638C39ADD705F6B7A92E36C87A218F3AFD88011B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b38fef2-d4ec-44a2-974b-d890067e85d3.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:8c:39:ad:d7:05:f6:b7:a9:2e:36:c8:7a:21:8f:3a:fd:88:01:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:1d:1f:a8:9c:d6:e9:ff:99:24:a6:b0:cd:36: 61:46:27:ce:b6:f4:ec:7e:04:b6:17:ad:61:05:a7: 68:40:33:6a:e8:72:14:e9:e1:d9:f7:d8:91:60:f1: ef:01:52:54:76:46:02:2e:4e:ad:ea:0d:9d:b7:99: 71:3f:4d:d7:10:6a:1b:b4:dd:93:c9:5c:3f:e9:c5: d2:34:aa:3b:2f:9e:48:6f:56:ca:99:9c:a0:f8:04: 92:44:88:be:0b:3a:90:7a:a4:50:ee:50:4a:b7:e3: 88:ef:22:09:c0:c4:fe:68:10:a2:d9:e2:4f:91:8c: 44:85:ae:dd:7b:27:b7:09:92:db:c3:a1:c5:95:b8: 61:2d:51:12:79:d5:ca:46:30:a6:47:bc:37:dd:0e: b9:27:44:54:cc:d9:92:84:15:8c:e7:cd:71:e8:a2: 17:0c:ba:fa:f4:33:82:b4:4a:67:ab:a0:aa:4f:03: cd:aa:3d:60:cb:df:aa:a1:e9:76:a2:5c:2b:67:1a: 0d:8a:64:be:28:95:3e:9d:54:ea:33:b8:6b:02:cd: b0:92:b1:cd:1f:b6:d8:32:1d:70:bd:d0:71:fe:21: 36:58:4a:c3:a4:4f:49:ea:ac:04:17:bd:06:e4:23: e3:cb:5d:6d:71:f0:a0:3a:47:f7:24:62:1a:6f:f5: 0c:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:77:8F:41:24:62:15:12:E3:CD:3E:E4:22:07:E5:3C:59:64:69:67 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b38fef2-d4ec-44a2-974b-d890067e85d3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 68:d4:ab:9f:13:3f:01:ef:62:00:7d:4f:6f:e0:31:4b:da:40: d0:d9:6f:73:06:5e:72:4c:6f:0f:5f:ef:cb:2d:97:16:71:90: 8f:6f:6c:bc:a3:d6:5b:24:0c:d1:fb:dd:0e:65:c9:84:33:c1: 7c:b1:b2:83:7e:81:36:76:5f:e4:05:c2:76:b2:8a:7f:90:9f: de:32:e4:a1:5c:26:3d:a7:0a:6c:42:e8:e2:2a:3a:11:cc:3a: cb:3a:82:17:ac:61:7b:a7:be:36:78:54:af:fb:a2:79:99:bb: 12:30:7b:fe:c5:16:95:bd:d6:b4:c7:b9:84:0c:bf:e8:08:7d: 3c:1d:f0:a7:ad:6f:58:0b:ba:54:2f:c3:c1:25:97:b0:fd:98: 7b:a1:8e:79:d7:24:27:a7:44:f8:49:87:14:5b:76:3f:e8:28: b3:89:5a:2f:43:2e:5c:15:55:ea:53:ec:29:3e:0e:62:31:a3: b0:14:61:d6:fc:27:9d:fb:f4:c4:3e:52:a8:f5:47:ea:03:51: 0b:6d:84:e1:f9:df:64:80:78:b5:ff:bc:7e:d9:a2:ef:9a:2e: 11:11:44:53:2e:fe:fb:d1:71:80:e4:ba:42:09:4e:86:f3:3c: f1:e1:b5:9d:cf:2c:57:48:43:21:ea:45:61:a2:38:29:53:45: 32:34:83:1d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUY4w5rdcF9repLjbIeiGPOv2IARswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAOGY5ZTI2YzcxOTkzZTk3ZTBmMWE0 MzJkNWJlNmQ5Mjk1ZWJiZGNiYTc1YWJmZTM3NDhlM2U3M2FjODRkMDU5ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR0fqJzW6f+ZJKawzTZhRifOtvTs fgS2F61hBadoQDNq6HIU6eHZ99iRYPHvAVJUdkYCLk6t6g2dt5lxP03XEGobtN2T yVw/6cXSNKo7L55Ib1bKmZyg+ASSRIi+CzqQeqRQ7lBKt+OI7yIJwMT+aBCi2eJP kYxEha7deye3CZLbw6HFlbhhLVESedXKRjCmR7w33Q65J0RUzNmShBWM581x6KIX DLr69DOCtEpnq6CqTwPNqj1gy9+qoel2olwrZxoNimS+KJU+nVTqM7hrAs2wkrHN H7bYMh1wvdBx/iE2WErDpE9J6qwEF70G5CPjy11tcfCgOkf3JGIab/UMawIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPp3j0EkYhUS480+5CIH5TxZZGlnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRiMzhmZWYyLWQ0ZWMtNDRhMi05NzRiLWQ4OTAwNjdlODVkMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9ODAMA0GCSqGSIb3DQEBCwUAA4IBAQBo1KufEz8B72IAfU9v 4DFL2kDQ2W9zBl5yTG8PX+/LLZcWcZCPb2y8o9ZbJAzR+90OZcmEM8F8sbKDfoE2 dl/kBcJ2sop/kJ/eMuShXCY9pwpsQujiKjoRzDrLOoIXrGF7p742eFSv+6J5mbsS MHv+xRaVvda0x7mEDL/oCH08HfCnrW9YC7pUL8PBJZew/Zh7oY551yQnp0T4SYcU W3Y/6CiziVovQy5cFVXqU+wpPg5iMaOwFGHW/Ced+/TEPlKo9UfqA1ELbYTh+d9k gHi1/7x+2aLvmi4REURTLv770XGA5LpCCU6G8zzx4bWdzyxXSEMh6kVhojgpU0Uy NIMd -----END CERTIFICATE-----Generated at Wed Feb 5 03:55:19 2025 by rpki-client