$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/564bcbed-0561-4889-868c-6cfcb0ba50ec.roa File: 564bcbed-0561-4889-868c-6cfcb0ba50ec.roa (raw, json) Hash identifier: m87oqP0bZqafrjiFSt6s1Zns+M4t5mERw8u2l22OfqA= Subject key identifier: CD:19:EE:A4:09:B2:8D:F4:6F:54:3A:EA:48:A0:B9:DE:68:42:60:D4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5AAFC85A408344A708EF1AAF47F392BBD24C7C36 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/564bcbed-0561-4889-868c-6cfcb0ba50ec.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12:8c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:af:c8:5a:40:83:44:a7:08:ef:1a:af:47:f3:92:bb:d2:4c:7c:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:58:40:f7:2f:0a:61:43:49:f3:19:e5:6d:b3: a6:dc:ad:b1:2f:85:15:83:80:da:66:52:90:ab:81: e5:e0:26:e2:27:c3:78:a3:c6:43:7b:a6:81:04:16: f5:69:9d:ad:f0:1c:2f:d4:e4:83:75:f5:94:63:b8: 22:c1:ee:64:06:48:31:2b:4d:6d:f3:e4:cc:4b:26: 2f:d4:a9:13:fd:49:74:eb:b5:2b:59:a6:a1:1e:2d: 9b:78:84:35:28:b8:1f:d4:34:b7:5a:64:47:a0:b6: e5:5c:76:03:4d:a3:52:4e:af:83:9c:b7:29:9c:06: 05:31:98:9d:24:a1:33:de:0d:2c:37:9c:16:56:f1: 4c:80:ef:cc:6c:c3:c7:fc:de:14:46:40:94:bc:4f: 89:d3:0e:ca:b6:e8:e4:73:a9:53:8c:de:ba:f2:f4: 17:0f:78:6b:6b:49:61:72:b3:f6:4c:a7:a7:e5:0d: 64:f6:ee:ae:b9:ef:3a:60:a7:9c:6c:65:ad:66:0a: aa:40:eb:dc:e6:43:fd:bf:fd:ed:ac:20:c8:b3:6f: cd:87:66:ae:11:6a:37:ad:3e:83:1a:07:85:bb:77: a7:23:53:a3:ce:9d:3d:2a:cc:60:0f:ef:f7:fa:a3: 6d:d3:5f:2f:c7:bb:b2:f6:bf:e2:f2:d9:0b:af:cb: fa:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:19:EE:A4:09:B2:8D:F4:6F:54:3A:EA:48:A0:B9:DE:68:42:60:D4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/564bcbed-0561-4889-868c-6cfcb0ba50ec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12:8c00::/38 Signature Algorithm: sha256WithRSAEncryption 81:5e:67:53:63:fd:73:9c:c8:71:01:d7:fb:f0:97:4c:fe:17: 12:b7:21:b4:05:5c:af:11:97:b4:89:30:f8:44:e2:3d:35:f0: 4a:35:bb:1e:35:2e:88:e1:e2:e4:a0:ba:e0:0c:ae:74:c7:66: 3a:0c:63:0c:a2:e1:59:f5:32:d2:34:c4:a6:fa:90:a5:3b:9f: d2:28:73:67:ae:2a:3c:79:c2:b5:66:aa:5a:90:b5:ea:8e:21: 0a:1e:05:73:61:9d:2a:f8:58:46:e0:42:fe:80:93:66:82:9e: 1b:70:6d:92:08:ad:2c:58:65:8f:6e:ee:6d:89:99:a6:08:0b: 90:2f:0c:7a:1b:1e:f0:e4:4a:05:e9:44:18:f6:fa:75:d6:8c: a4:f2:4b:0d:1f:d9:49:5c:be:c8:44:60:7d:71:eb:e2:a9:f3: 67:be:01:48:b3:e7:7d:bb:20:c1:0c:5c:12:da:49:dc:40:af: 67:0d:38:84:48:2f:6a:06:5f:d1:bc:33:69:61:a7:7b:65:01: a1:23:e5:7a:ea:86:0e:e9:a7:2d:d7:6c:b1:c0:f8:4e:da:4d: 8f:a9:2f:27:e0:ab:09:53:ea:44:9a:65:31:a1:00:2a:9e:35: e5:aa:0a:93:2b:ce:16:fe:6f:a5:85:04:22:6c:c3:99:cd:8a: ad:ec:e2:4c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWq/IWkCDRKcI7xqvR/OSu9JMfDYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYjAwNTc2NGUzMWJmNjRlYzdiOGQ3 YTczMDc1ZjE0OGE3YjhhZmZkMWM4Nzk0NTg3Y2M0MmI0YmM3YzUyNjE0MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1hA9y8KYUNJ8xnlbbOm3K2xL4UV g4DaZlKQq4Hl4CbiJ8N4o8ZDe6aBBBb1aZ2t8Bwv1OSDdfWUY7giwe5kBkgxK01t 8+TMSyYv1KkT/Ul067UrWaahHi2beIQ1KLgf1DS3WmRHoLblXHYDTaNSTq+DnLcp nAYFMZidJKEz3g0sN5wWVvFMgO/MbMPH/N4URkCUvE+J0w7Ktujkc6lTjN668vQX D3hra0lhcrP2TKen5Q1k9u6uue86YKecbGWtZgqqQOvc5kP9v/3trCDIs2/Nh2au EWo3rT6DGgeFu3enI1Ojzp09KsxgD+/3+qNt018vx7uy9r/i8tkLr8v6SQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM0Z7qQJso30b1Q66kigud5oQmDUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2NGJjYmVkLTA1NjEtNDg4OS04NjhjLTZjZmNiMGJhNTBlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEowwDQYJKoZIhvcNAQELBQADggEBAIFeZ1Nj/XOcyHEB1/vw l0z+FxK3IbQFXK8Rl7SJMPhE4j018Eo1ux41Lojh4uSguuAMrnTHZjoMYwyi4Vn1 MtI0xKb6kKU7n9Ioc2euKjx5wrVmqlqQteqOIQoeBXNhnSr4WEbgQv6Ak2aCnhtw bZIIrSxYZY9u7m2JmaYIC5AvDHobHvDkSgXpRBj2+nXWjKTySw0f2UlcvshEYH1x 6+Kp82e+AUiz5327IMEMXBLaSdxAr2cNOIRIL2oGX9G8M2lhp3tlAaEj5Xrqhg7p py3XbLHA+E7aTY+pLyfgqwlT6kSaZTGhACqeNeWqCpMrzhb+b6WFBCJsw5nNiq3s 4kw= -----END CERTIFICATE-----Generated at Wed Feb 5 04:00:05 2025 by rpki-client