$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa File: 542149ac-13e8-419c-b3c9-46274c8943df.roa (raw, json) Hash identifier: AhT/MwRckAoOpd4NWZ69T8tdwBxfFY7YG3JLRbwzq2I= Subject key identifier: 2D:A2:F1:F7:F6:E8:AE:C0:A7:C3:D9:70:91:47:41:40:92:F7:AF:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3A0DDB2BC621ACDC8DBED44F5EC49208926BB7A9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:8c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:0d:db:2b:c6:21:ac:dc:8d:be:d4:4f:5e:c4:92:08:92:6b:b7:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:40:e9:99:b2:46:12:dc:c4:1e:6a:fe:64:ad: 65:c2:ff:4a:97:2e:cd:40:f0:90:f9:df:69:4b:33: 86:ea:75:a8:f3:11:83:fa:45:95:f8:4e:f7:b1:11: 00:a8:63:49:66:6b:b3:10:d2:16:96:fa:45:69:34: bf:a2:01:de:b0:df:e2:f0:b5:3f:29:d5:89:cf:00: 75:52:db:11:2f:d2:74:2d:37:3f:d3:81:46:80:81: a1:3f:6a:9a:fe:35:ce:fb:2c:5f:c8:03:ef:dc:92: 6f:7b:68:b0:6a:f9:7f:2f:6e:5b:2f:90:d6:5c:36: ef:79:19:07:85:da:50:4b:6a:0d:c7:bf:53:fa:5d: 47:06:26:8c:3f:29:67:db:12:25:00:5a:75:a5:13: 56:3d:89:1e:37:fd:41:56:78:ed:bd:69:21:4b:55: da:65:20:a1:8e:d1:60:12:27:7c:b1:ed:71:bc:32: 76:94:64:6b:5b:53:99:40:70:cd:eb:a5:3a:4f:a9: 07:4a:15:af:89:f3:37:97:5e:fb:cf:83:a2:07:9f: 38:66:cb:50:54:5a:8b:27:d0:e1:5a:57:8b:ee:42: 50:6b:4a:f2:87:aa:fd:66:c0:5d:42:b9:9f:46:f9: 96:42:58:bc:1c:b7:0e:0c:e0:e0:da:9c:ff:57:9c: cf:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:A2:F1:F7:F6:E8:AE:C0:A7:C3:D9:70:91:47:41:40:92:F7:AF:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:8c0::/46 Signature Algorithm: sha256WithRSAEncryption 35:2a:bf:d4:ba:e0:cf:06:5d:49:77:14:b7:f3:a6:a3:35:bb: 8e:85:ff:dd:f0:06:fa:c6:16:da:5d:27:47:48:b4:96:1e:3c: 20:5b:79:2d:b7:a4:8d:5f:dc:b7:62:fc:c3:c6:b5:cb:09:d7: 9d:f3:a2:7c:c4:a8:c7:37:55:e0:cc:17:55:f8:be:f0:16:32: 2f:8e:7a:25:b6:20:17:49:80:62:c6:ef:e3:30:64:61:27:ec: 2e:47:39:b2:54:61:94:02:ea:70:b9:90:3c:26:0e:0c:4b:7a: 79:e9:94:0a:66:26:76:23:fd:17:f1:a5:c7:c4:46:63:3b:90: 1e:3e:75:6c:8a:80:bf:6d:21:01:b9:38:de:52:85:08:88:96: 78:c1:81:15:52:3c:22:a0:7e:cd:54:75:2f:71:59:c2:52:6d: 15:c0:90:6b:c8:8a:45:f5:43:c3:e5:ce:ae:bc:9d:c8:b3:8f: d9:b1:4d:8c:db:ab:ff:b7:6a:a9:d5:ff:25:22:87:4e:7d:57: bb:70:1a:23:6f:c5:5d:1f:44:2f:da:ab:1a:b3:5d:55:0a:2f: e4:db:82:a6:1c:9a:0b:85:c5:fc:4f:7d:bc:6b:a4:33:86:80: 12:9d:03:10:72:96:03:cc:89:09:18:da:bc:7b:5d:89:08:47: f7:33:88:c6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOg3bK8YhrNyNvtRPXsSSCJJrt6kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANWRlNDM3YTY5MGI4ODBmZWMxNjNk NmIwYzM4NDBjMTgzZGFlMzMyM2ZlN2MwMWZjOGRhNGQ3MDFlODYzM2ZlZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UDpmbJGEtzEHmr+ZK1lwv9Kly7N QPCQ+d9pSzOG6nWo8xGD+kWV+E73sREAqGNJZmuzENIWlvpFaTS/ogHesN/i8LU/ KdWJzwB1UtsRL9J0LTc/04FGgIGhP2qa/jXO+yxfyAPv3JJve2iwavl/L25bL5DW XDbveRkHhdpQS2oNx79T+l1HBiaMPyln2xIlAFp1pRNWPYkeN/1BVnjtvWkhS1Xa ZSChjtFgEid8se1xvDJ2lGRrW1OZQHDN66U6T6kHShWvifM3l177z4OiB584ZstQ VFqLJ9DhWleL7kJQa0ryh6r9ZsBdQrmfRvmWQli8HLcODODg2pz/V5zPpwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC2i8ff26K7Ap8PZcJFHQUCS9685MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0MjE0OWFjLTEzZTgtNDE5Yy1iM2M5LTQ2Mjc0Yzg5NDNkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaQjAMA0GCSqGSIb3DQEBCwUAA4IBAQA1Kr/UuuDPBl1JdxS3 86ajNbuOhf/d8Ab6xhbaXSdHSLSWHjwgW3ktt6SNX9y3YvzDxrXLCded86J8xKjH N1XgzBdV+L7wFjIvjnoltiAXSYBixu/jMGRhJ+wuRzmyVGGUAupwuZA8Jg4MS3p5 6ZQKZiZ2I/0X8aXHxEZjO5AePnVsioC/bSEBuTjeUoUIiJZ4wYEVUjwioH7NVHUv cVnCUm0VwJBryIpF9UPD5c6uvJ3Is4/ZsU2M26v/t2qp1f8lIodOfVe7cBojb8Vd H0Qv2qsas11VCi/k24KmHJoLhcX8T328a6QzhoASnQMQcpYDzIkJGNq8e12JCEf3 M4jG -----END CERTIFICATE-----Generated at Wed Feb 5 04:12:36 2025 by rpki-client