$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa File: 4d8399a4-56d7-47cd-a300-df287b4c76c9.roa (raw, json) Hash identifier: LMWJ6xRm63I9rm3AYhtzETB5BTyXwd8BhhiKvImo9w0= Subject key identifier: 86:8F:24:9F:69:36:7E:58:2F:65:53:8D:6E:B8:02:0C:9C:00:17:AD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B2E28EF945A551F38EEEB3B66940EFB18B2858A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:2e:28:ef:94:5a:55:1f:38:ee:eb:3b:66:94:0e:fb:18:b2:85:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ed:d9:68:44:d7:40:05:fa:ba:2c:d0:47:c7: a4:82:d6:81:a7:be:68:22:1b:0c:57:eb:cb:41:87: c8:03:da:d4:de:4b:66:3d:33:c3:0f:8f:da:5f:a5: ae:f5:89:26:4c:66:d6:ad:b9:3c:5e:da:5e:49:73: 42:2a:1f:0a:df:c3:52:9b:5f:34:69:79:ae:f0:3c: cb:aa:38:e8:e8:a7:46:f5:92:aa:62:e3:10:b8:a0: 75:98:57:75:ac:78:49:5a:73:77:66:d9:81:0b:20: 27:a3:73:b6:8f:bb:5b:06:80:90:15:d4:3e:e3:6d: db:01:4a:8a:cd:2d:d9:fc:1d:e5:3f:aa:2a:0d:eb: c5:1d:95:3b:48:e1:5d:d3:83:d2:11:b0:98:95:17: 44:ca:67:30:aa:4a:28:cc:fb:bc:67:ef:4c:9b:89: d8:bb:5f:4a:53:42:8f:ce:cd:9e:96:12:f1:03:ce: 2e:4b:f4:20:5f:90:b6:db:6d:ce:ce:77:48:b2:60: d8:1d:d2:a3:7d:17:49:c7:f4:ab:8e:dc:5f:56:7f: 96:24:b1:15:37:f9:0b:15:e1:1b:8f:65:2c:a2:37: 34:42:f6:53:52:dd:52:c0:44:d3:b8:50:17:15:57: eb:2b:8d:85:61:cd:07:6f:35:7c:fe:96:f3:4d:31: 90:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:8F:24:9F:69:36:7E:58:2F:65:53:8D:6E:B8:02:0C:9C:00:17:AD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:e000::/40 Signature Algorithm: sha256WithRSAEncryption 54:81:a7:d9:e6:2a:9f:66:fc:29:d8:88:d7:05:59:51:15:3f: b4:8d:37:d9:a5:3d:d2:9b:03:90:db:2b:3d:ee:05:ca:83:5c: 29:fe:3c:8f:bf:fe:03:07:d8:26:e9:88:d7:a2:e1:c9:34:ff: 10:12:0d:aa:2b:22:57:35:31:80:0f:da:08:84:1e:ba:25:1a: 72:a2:b4:7d:42:af:1e:26:70:17:3b:4f:cb:80:78:0a:df:92: 5d:e0:8d:5f:6c:01:23:a1:cc:a8:49:3f:59:03:29:bc:78:2c: e5:19:b4:ab:d1:47:61:8f:86:e4:eb:26:b2:4f:f1:2a:10:26: 9a:34:1c:6f:8f:71:d4:b2:03:72:2e:8e:06:c0:82:39:22:f5: 0c:f6:3b:b7:ce:06:5c:c7:24:9c:04:74:ad:8e:0f:17:e1:13: 2c:17:45:bb:d1:f0:20:64:c7:61:24:de:0e:6c:bb:d4:b5:70: 20:3d:26:d2:ad:cb:63:85:47:18:8e:f2:07:ff:99:b6:f9:ab: e4:05:07:77:34:fe:5e:ac:c5:89:fc:18:74:2b:3a:10:fc:14: 3f:64:ff:38:60:3b:88:b9:c4:65:43:50:a5:10:96:54:dc:dc: ac:5d:29:99:3c:48:75:1e:b3:34:ea:7d:97:af:33:05:a4:58: 0c:6d:2c:b8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUay4o75RaVR847us7ZpQO+xiyhYowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANTQ5OTUyNDg0Yjk2NGJmYWU4MDQz MTFiYmQ3N2U3NmY3MmJiZmQ1OTNjNzdiYjNmZTBmNTgzNTc4NjMzNjBiZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO3ZaETXQAX6uizQR8ekgtaBp75o IhsMV+vLQYfIA9rU3ktmPTPDD4/aX6Wu9YkmTGbWrbk8XtpeSXNCKh8K38NSm180 aXmu8DzLqjjo6KdG9ZKqYuMQuKB1mFd1rHhJWnN3ZtmBCyAno3O2j7tbBoCQFdQ+ 423bAUqKzS3Z/B3lP6oqDevFHZU7SOFd04PSEbCYlRdEymcwqkoozPu8Z+9Mm4nY u19KU0KPzs2elhLxA84uS/QgX5C2223OzndIsmDYHdKjfRdJx/SrjtxfVn+WJLEV N/kLFeEbj2Usojc0QvZTUt1SwETTuFAXFVfrK42FYc0HbzV8/pbzTTGQ3wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIaPJJ9pNn5YL2VTjW64AgycABetMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkODM5OWE0LTU2ZDctNDdjZC1hMzAwLWRmMjg3YjRjNzZjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNuAwDQYJKoZIhvcNAQELBQADggEBAFSBp9nmKp9m/CnYiNcF WVEVP7SNN9mlPdKbA5DbKz3uBcqDXCn+PI+//gMH2CbpiNei4ck0/xASDaorIlc1 MYAP2giEHrolGnKitH1Crx4mcBc7T8uAeArfkl3gjV9sASOhzKhJP1kDKbx4LOUZ tKvRR2GPhuTrJrJP8SoQJpo0HG+PcdSyA3IujgbAgjki9Qz2O7fOBlzHJJwEdK2O DxfhEywXRbvR8CBkx2Ek3g5su9S1cCA9JtKty2OFRxiO8gf/mbb5q+QFB3c0/l6s xYn8GHQrOhD8FD9k/zhgO4i5xGVDUKUQllTc3KxdKZk8SHUeszTqfZevMwWkWAxt LLg= -----END CERTIFICATE-----Generated at Wed Feb 5 04:02:03 2025 by rpki-client