$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52492709-13d7-43b7-9adc-acc005f9da81.roa File: 52492709-13d7-43b7-9adc-acc005f9da81.roa (raw, json) Hash identifier: 4njgERBC5nTDYyaTTALwCY0G/duehm8HxkW2d0GcoZw= Subject key identifier: 21:43:79:02:66:B5:D7:34:E5:41:C2:41:91:C7:EA:7B:7A:7A:F2:D0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3682BB20BB522A83423E7BBF284D1D87F605B169 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52492709-13d7-43b7-9adc-acc005f9da81.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1a:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:82:bb:20:bb:52:2a:83:42:3e:7b:bf:28:4d:1d:87:f6:05:b1:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:9e:19:d4:44:9b:79:59:b1:90:72:37:0a:8c: 07:46:9f:56:1e:fd:3e:b2:eb:ea:7d:c7:d6:67:0a: 3d:8d:9c:57:65:ef:a4:90:33:ef:2d:aa:28:58:99: 79:e9:50:93:d1:91:c4:60:80:da:6d:d5:3f:61:ab: 9b:e5:fe:a0:a0:05:28:2d:8f:25:bd:01:48:5d:ab: 59:a0:90:7c:23:38:cd:db:a6:c3:e4:fc:e9:ea:9b: d2:02:d9:d2:42:1c:1d:c0:3d:3f:ae:80:8c:84:df: 65:b2:bd:84:a3:0d:08:50:eb:12:d4:8e:6f:71:7e: 2c:87:2d:f6:46:cd:f6:c7:a9:dd:f6:34:24:1b:0d: f6:7d:4c:2e:cb:f7:89:2a:00:7a:b6:84:12:a4:e5: 5a:1e:56:0f:b3:33:b9:b1:6e:f6:ef:de:fc:d4:7e: f1:14:ab:0c:ef:87:f5:7a:44:e6:b2:a2:45:f1:60: bd:03:f5:ef:ad:2d:e8:25:92:b4:19:9d:78:32:ea: 60:2e:69:26:10:0d:68:54:67:54:f6:43:a4:02:bd: 30:52:75:ce:88:5a:53:3a:f1:7d:73:d5:36:2c:9b: 77:ef:eb:4d:f2:e7:c4:ed:8e:ec:c3:6b:ef:b6:91: 97:56:83:8d:26:20:42:36:ba:09:79:0c:51:a9:ec: bc:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:43:79:02:66:B5:D7:34:E5:41:C2:41:91:C7:EA:7B:7A:7A:F2:D0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52492709-13d7-43b7-9adc-acc005f9da81.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1a:c00::/38 Signature Algorithm: sha256WithRSAEncryption 0c:55:60:9c:2c:eb:14:3c:69:8f:db:25:22:0f:0b:c5:1b:6c: c3:ab:c9:d6:61:8c:a4:fa:8e:de:1d:7c:b4:9a:9f:df:d3:0c: 23:4f:8c:0a:99:fd:2d:a5:23:9b:a0:f2:b3:a4:ad:a8:7f:d9: 59:7e:b0:c6:18:1b:79:63:e9:e6:56:c2:5c:ba:62:d6:53:03: 49:41:ed:57:aa:21:59:54:06:fe:3e:c8:48:7a:1d:cb:c5:ce: ed:fd:fe:ec:44:fa:22:a8:97:4e:a7:fa:09:3a:23:86:56:5b: 54:10:ee:61:b2:33:9b:0d:8f:1d:4d:e5:62:de:5e:0a:85:0f: d4:87:49:d6:fe:bb:91:6c:f5:16:e6:67:35:9a:1f:d0:c1:39: 9f:f6:8c:8a:0b:bf:d7:a8:19:98:ce:5b:ec:51:98:f2:eb:d9: 5b:9e:39:16:07:fe:4b:5f:60:aa:68:7d:77:1d:eb:f7:e6:e4: 60:29:2f:6f:d8:c0:f2:89:47:5d:2c:72:10:d5:68:57:20:6b: 81:11:cd:86:70:43:75:d8:8c:dc:96:e1:25:7e:65:5d:1a:5f: 48:11:c2:9a:35:41:47:b4:3f:b0:8d:f5:f2:c4:18:6e:d5:e0: 45:df:fb:10:0e:69:dc:54:e3:ff:c6:f4:d2:b1:7c:27:d0:c8: 1b:6d:77:cb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNoK7ILtSKoNCPnu/KE0dh/YFsWkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANjZjNzc3MDdmNDliODU1ODI5NTBj NzkyMzdiNjY5NTE5ZjFmZTNlNDYxODBkMTFmYjk5M2ZjM2RiNWFhMDU0YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp4Z1ESbeVmxkHI3CowHRp9WHv0+ suvqfcfWZwo9jZxXZe+kkDPvLaooWJl56VCT0ZHEYIDabdU/Yaub5f6goAUoLY8l vQFIXatZoJB8IzjN26bD5Pzp6pvSAtnSQhwdwD0/roCMhN9lsr2Eow0IUOsS1I5v cX4shy32Rs32x6nd9jQkGw32fUwuy/eJKgB6toQSpOVaHlYPszO5sW7279781H7x FKsM74f1ekTmsqJF8WC9A/XvrS3oJZK0GZ14MupgLmkmEA1oVGdU9kOkAr0wUnXO iFpTOvF9c9U2LJt37+tN8ufE7Y7sw2vvtpGXVoONJiBCNroJeQxRqey8YwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCFDeQJmtdc05UHCQZHH6nt6evLQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUyNDkyNzA5LTEzZDctNDNiNy05YWRjLWFjYzAwNWY5ZGE4MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGgwwDQYJKoZIhvcNAQELBQADggEBAAxVYJws6xQ8aY/bJSIP C8UbbMOrydZhjKT6jt4dfLSan9/TDCNPjAqZ/S2lI5ug8rOkrah/2Vl+sMYYG3lj 6eZWwly6YtZTA0lB7VeqIVlUBv4+yEh6HcvFzu39/uxE+iKol06n+gk6I4ZWW1QQ 7mGyM5sNjx1N5WLeXgqFD9SHSdb+u5Fs9RbmZzWaH9DBOZ/2jIoLv9eoGZjOW+xR mPLr2VueORYH/ktfYKpofXcd6/fm5GApL2/YwPKJR10schDVaFcga4ERzYZwQ3XY jNyW4SV+ZV0aX0gRwpo1QUe0P7CN9fLEGG7V4EXf+xAOadxU4//G9NKxfCfQyBtt d8s= -----END CERTIFICATE-----Generated at Wed Feb 5 03:52:37 2025 by rpki-client