$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d27c27f-a84f-4c44-b812-a96cb7c1af1e.roa File: 4d27c27f-a84f-4c44-b812-a96cb7c1af1e.roa (raw, json) Hash identifier: 7KB/eWZmLMYP1UZVtYD5lGEPsp+XdX9rnB8M9HrEqJg= Subject key identifier: 1A:5F:B2:F9:FA:A8:2B:31:F2:1F:80:25:11:C3:B1:95:3F:78:57:24 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2C5F07AF74D68ED6DC4F4A887DAAFD5487CA2651 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d27c27f-a84f-4c44-b812-a96cb7c1af1e.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28:8000::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:5f:07:af:74:d6:8e:d6:dc:4f:4a:88:7d:aa:fd:54:87:ca:26:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:25:db:a9:90:37:7a:40:ac:9b:ef:8e:d3:41: df:57:81:82:2a:8d:45:46:ee:56:87:d7:18:1a:8d: e3:0f:7f:27:33:fc:ef:10:f2:c2:1b:26:53:13:d4: 18:f4:b2:46:5a:e7:b8:18:5d:7b:f3:d1:95:9f:59: 95:a2:d7:be:5b:1a:11:61:9f:ed:85:ac:bb:f8:ff: b4:b2:20:a4:8a:c9:4f:74:cc:73:8d:81:55:f3:d3: 1c:76:e3:0b:e0:22:39:09:61:06:9a:9c:23:fa:85: 01:80:d9:59:26:4f:e3:70:d0:f5:a4:9e:04:ed:3d: c0:33:8d:27:b8:4f:bd:23:04:4f:a8:c1:4e:ed:bc: fa:76:a2:ec:9d:2d:68:97:6a:32:03:9b:fe:31:4e: 03:b1:d5:64:8a:f2:5b:d3:14:25:30:86:5a:86:56: 07:4c:c6:ff:f2:68:d9:78:c6:e2:cb:13:aa:23:93: 0e:11:a8:3f:20:ad:a2:3c:04:c9:25:6d:28:08:46: 32:1d:16:0e:7f:62:3c:88:28:f6:e0:5d:a8:75:63: 97:62:bf:b0:99:f6:fb:3a:9e:67:cf:80:11:ca:ea: 73:e9:f4:f7:bd:16:d9:2f:ba:5f:05:b1:a6:63:21: 88:3a:00:cc:c5:fc:b0:84:36:ae:62:c3:39:4c:f6: 43:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:5F:B2:F9:FA:A8:2B:31:F2:1F:80:25:11:C3:B1:95:3F:78:57:24 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d27c27f-a84f-4c44-b812-a96cb7c1af1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28:8000::/37 Signature Algorithm: sha256WithRSAEncryption 0d:85:e6:56:9f:2d:4a:ed:99:a5:9d:f7:23:af:4f:47:a5:b1: 41:ae:f3:09:74:2f:f8:7b:26:55:4e:69:4d:3b:25:cc:bc:00: 9e:67:cc:ec:42:09:5a:81:d5:5b:0a:f3:9c:71:f5:5d:76:15: 04:70:d4:bb:b7:fc:bd:5a:2a:20:50:f0:d2:19:fe:c6:a4:5e: df:60:71:fb:9b:21:c3:2b:d8:2d:03:7f:bd:12:7b:27:0c:fb: 6e:67:40:74:8c:d4:10:04:94:84:4c:53:3c:d3:61:0d:4d:87: a0:85:72:bd:9f:8f:68:73:d1:38:d8:b4:30:d4:64:f5:73:92: 56:a4:d5:d0:1c:49:35:15:23:22:d9:f3:e8:23:5f:36:a2:2f: 2a:ce:6c:cd:d9:4e:4b:96:98:02:b9:3a:a6:d8:42:ad:9b:f2: ae:7b:f5:dd:e8:df:ad:26:d4:86:ae:95:77:d3:52:63:72:67: 40:92:80:de:fc:c2:b3:22:67:7d:28:d9:6a:39:4b:b4:0b:ac: 0f:d0:83:38:e5:ba:15:b1:7f:32:19:da:82:db:4c:38:20:fc: 44:82:31:87:a1:cd:22:a9:6b:05:fa:e8:b7:ec:4f:38:17:b7: 79:b3:ee:75:7c:83:97:c4:d4:5f:d6:b9:76:0a:79:a9:10:d8: a9:67:5c:ce -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULF8Hr3TWjtbcT0qIfar9VIfKJlEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAOWE0ODM0NmM5OTM3ZmY4YmE0OWUz YjZiYTc0NWIzOGY0NDk3YTJkNWRiYWYxMzEyZDU5ZGNmODZkMGQ2NzUxOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyXbqZA3ekCsm++O00HfV4GCKo1F Ru5Wh9cYGo3jD38nM/zvEPLCGyZTE9QY9LJGWue4GF1789GVn1mVote+WxoRYZ/t hay7+P+0siCkislPdMxzjYFV89McduML4CI5CWEGmpwj+oUBgNlZJk/jcND1pJ4E 7T3AM40nuE+9IwRPqMFO7bz6dqLsnS1ol2oyA5v+MU4DsdVkivJb0xQlMIZahlYH TMb/8mjZeMbiyxOqI5MOEag/IK2iPATJJW0oCEYyHRYOf2I8iCj24F2odWOXYr+w mfb7Op5nz4ARyupz6fT3vRbZL7pfBbGmYyGIOgDMxfywhDauYsM5TPZDwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBpfsvn6qCsx8h+AJRHDsZU/eFckMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkMjdjMjdmLWE4NGYtNGM0NC1iODEyLWE5NmNiN2MxYWYxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYDJAbaKIAwDQYJKoZIhvcNAQELBQADggEBAA2F5lafLUrtmaWd9yOv T0elsUGu8wl0L/h7JlVOaU07Jcy8AJ5nzOxCCVqB1VsK85xx9V12FQRw1Lu3/L1a KiBQ8NIZ/sakXt9gcfubIcMr2C0Df70SeycM+25nQHSM1BAElIRMUzzTYQ1Nh6CF cr2fj2hz0TjYtDDUZPVzklak1dAcSTUVIyLZ8+gjXzaiLyrObM3ZTkuWmAK5OqbY Qq2b8q579d3o360m1IaulXfTUmNyZ0CSgN78wrMiZ30o2Wo5S7QLrA/QgzjluhWx fzIZ2oLbTDgg/ESCMYehzSKpawX66LfsTzgXt3mz7nV8g5fE1F/WuXYKeakQ2Kln XM4= -----END CERTIFICATE-----Generated at Wed Feb 5 03:50:27 2025 by rpki-client