$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/58370a36-bf5a-4314-8163-12b380e5ebe5.roa File: 58370a36-bf5a-4314-8163-12b380e5ebe5.roa (raw, json) Hash identifier: MI0Ny560iRHWb8Rmn8gdTmqHLXCu0AyfDTLGCTX/UVE= Subject key identifier: 17:41:8B:32:41:5F:DF:A0:B6:04:1C:EE:B2:F0:25:B5:80:22:5C:C6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 44C2BD738CC20E1293E3227A9E9E845808131699 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/58370a36-bf5a-4314-8163-12b380e5ebe5.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:c2:bd:73:8c:c2:0e:12:93:e3:22:7a:9e:9e:84:58:08:13:16:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:3b:6b:45:b1:19:14:19:6f:aa:b0:55:32:08: 76:68:a8:b5:f5:c7:0d:d4:d7:18:46:5c:5c:9d:c1: 3f:f4:9c:63:d9:f8:90:a2:ff:ad:e6:df:bb:c1:bf: 37:12:80:10:80:44:f2:a1:b8:ef:68:ef:ff:28:a7: cc:47:6f:37:48:53:63:f4:1f:33:9e:d3:0d:4b:ef: 8d:09:9b:b6:d5:1e:d0:25:71:ba:20:d9:6a:7c:fc: 90:08:c4:3c:f7:71:bc:a8:4e:90:c3:8b:fb:9f:1a: 1e:f4:99:6b:99:be:15:97:d3:18:cc:e8:c6:bd:38: 2f:41:40:38:c0:9c:92:86:6c:71:46:e9:ce:7c:da: 48:0c:ec:e1:0b:59:e0:ce:d5:43:1c:36:3f:53:9f: c1:80:6d:d5:f6:4f:64:ef:8a:06:0a:b4:0b:91:1f: d0:fc:d9:19:04:bd:35:ed:94:7d:f0:ee:93:e8:ac: 07:80:cb:64:c5:fe:5e:2e:55:f2:a6:15:30:ad:d0: 61:b7:9e:9d:45:e4:be:c1:ab:9d:fe:2c:7e:d2:f5: 08:e3:22:73:f9:d5:02:36:a9:80:54:41:3a:fe:9a: 50:47:1d:4b:9c:f3:f9:b3:f0:cc:7b:6a:6c:4e:ca: 84:36:21:b3:96:16:11:1f:fa:ad:f9:72:2b:82:27: 9f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:41:8B:32:41:5F:DF:A0:B6:04:1C:EE:B2:F0:25:B5:80:22:5C:C6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/58370a36-bf5a-4314-8163-12b380e5ebe5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4000::/40 Signature Algorithm: sha256WithRSAEncryption 4b:f4:5f:44:37:34:ad:dd:e4:f2:10:6e:d7:fe:44:1d:b6:f6: 80:cb:5f:4e:a7:a3:f5:01:ec:81:20:7d:20:07:c2:6e:59:9e: 99:d8:57:b9:84:3e:cb:3d:18:18:f8:d6:eb:2f:f7:10:3f:26: f7:dd:9b:f0:27:bd:c8:52:6a:36:be:ec:7d:23:7d:dc:d5:bc: e5:d8:02:d0:3e:ef:3c:10:53:a0:15:3f:af:7b:9a:1a:b4:16: f7:d8:d2:16:de:72:89:88:02:b2:cc:4d:ad:35:d3:a6:96:1e: c9:55:5f:bf:d0:d9:92:85:2f:a1:7b:04:78:e7:6a:d6:56:eb: 9e:62:cc:2b:b7:53:23:a3:52:0f:1a:08:55:23:5c:e4:ce:36: 46:9c:82:b7:ee:a5:b5:11:97:17:f7:97:21:c6:ec:5a:b2:4d: b1:e5:16:58:72:1a:75:79:a5:29:34:c0:c6:3f:4d:1e:20:9c: c2:0c:6b:07:1b:43:88:15:b2:61:a9:b7:9d:96:fd:88:62:5f: da:02:80:bc:3d:fd:58:a5:d0:b0:49:ef:60:52:3d:8a:46:e5: 28:21:ad:aa:8f:a6:5a:5e:c1:f1:60:d2:18:ee:ce:31:b3:fd: ea:24:0a:75:9e:40:2f:d1:d5:10:63:11:e8:4e:19:d7:91:b0: bf:fe:56:3b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURMK9c4zCDhKT4yJ6np6EWAgTFpkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMDM3NTJjMTJkNzA2NDI2ZWM4MzYx YmZkYmE3OGY3NWFiYTExZjE3YTAzN2NmZTVlMTI2M2ZiNzBjYTY0MGFiODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjtrRbEZFBlvqrBVMgh2aKi19ccN 1NcYRlxcncE/9Jxj2fiQov+t5t+7wb83EoAQgETyobjvaO//KKfMR283SFNj9B8z ntMNS++NCZu21R7QJXG6INlqfPyQCMQ893G8qE6Qw4v7nxoe9Jlrmb4Vl9MYzOjG vTgvQUA4wJyShmxxRunOfNpIDOzhC1ngztVDHDY/U5/BgG3V9k9k74oGCrQLkR/Q /NkZBL017ZR98O6T6KwHgMtkxf5eLlXyphUwrdBht56dReS+waud/ix+0vUI4yJz +dUCNqmAVEE6/ppQRx1LnPP5s/DMe2psTsqENiGzlhYRH/qt+XIrgiefFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBdBizJBX9+gtgQc7rLwJbWAIlzGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU4MzcwYTM2LWJmNWEtNDMxNC04MTYzLTEyYjM4MGU1ZWJlNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEAwDQYJKoZIhvcNAQELBQADggEBAEv0X0Q3NK3d5PIQbtf+ RB229oDLX06no/UB7IEgfSAHwm5ZnpnYV7mEPss9GBj41usv9xA/Jvfdm/AnvchS aja+7H0jfdzVvOXYAtA+7zwQU6AVP697mhq0FvfY0hbecomIArLMTa0106aWHslV X7/Q2ZKFL6F7BHjnatZW655izCu3UyOjUg8aCFUjXOTONkacgrfupbURlxf3lyHG 7FqyTbHlFlhyGnV5pSk0wMY/TR4gnMIMawcbQ4gVsmGpt52W/YhiX9oCgLw9/Vil 0LBJ72BSPYpG5SghraqPplpewfFg0hjuzjGz/eokCnWeQC/R1RBjEehOGdeRsL/+ Vjs= -----END CERTIFICATE-----Generated at Wed Feb 5 04:02:12 2025 by rpki-client