$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/589cd174-ff9f-4468-b434-55095a24f148.roa File: 589cd174-ff9f-4468-b434-55095a24f148.roa (raw, json) Hash identifier: 08tW3JUmvg1mIR/im8bCiJgdubDPqjwTZQp1KprSl3Q= Subject key identifier: EB:64:8F:58:CC:0B:75:F5:3F:26:53:FF:BD:2A:49:72:B1:F7:84:76 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0696319973A059723A066E0B8F68EC6EACD4C1AF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/589cd174-ff9f-4468-b434-55095a24f148.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:96:31:99:73:a0:59:72:3a:06:6e:0b:8f:68:ec:6e:ac:d4:c1:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:99:20:b9:b7:ab:92:0c:df:24:1c:b7:e5:e7: 49:7c:d7:28:8c:09:8b:7a:66:d5:48:b9:7d:e8:fd: 52:3e:8f:37:8e:32:1b:45:df:7c:6f:cb:5b:65:64: c9:41:f6:72:a6:1d:ce:0a:20:4d:93:e8:f4:e0:78: 40:37:2e:19:2f:e9:72:ad:4c:04:a4:53:5b:70:60: cf:32:00:36:ed:65:df:0f:62:7e:3e:7b:7a:68:05: ef:8a:8b:df:21:80:06:1d:30:34:ad:48:6a:0f:84: 78:72:b5:ce:b8:4c:b3:99:85:41:0c:92:68:18:32: d4:da:d7:ce:2f:39:df:9f:6d:4c:be:49:fa:d1:cd: e4:4f:ab:2e:8f:d2:c8:29:4c:ba:fe:3a:df:c9:2b: b4:c8:ac:03:dc:33:11:37:46:2a:82:1e:e0:35:f6: 78:51:ab:63:2a:1a:10:36:cd:b4:b6:9f:3e:46:65: 40:fa:e1:23:fe:50:b1:ac:f8:c5:01:cb:f7:54:fb: 8e:9d:7c:d2:fc:ea:d6:7b:92:7d:9e:a7:f1:3c:23: 5b:60:6e:92:97:71:a4:74:08:8c:3d:68:e8:89:f9: ca:80:e4:26:3c:5f:ef:77:77:29:1e:6d:21:9c:35: 98:ea:ea:66:3d:de:40:77:0f:bb:55:37:a4:a2:7d: e5:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:64:8F:58:CC:0B:75:F5:3F:26:53:FF:BD:2A:49:72:B1:F7:84:76 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/589cd174-ff9f-4468-b434-55095a24f148.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c020::/48 Signature Algorithm: sha256WithRSAEncryption 87:90:34:cf:e0:2a:52:f4:1b:87:ad:65:86:a9:cc:43:16:be: 63:d7:42:76:f9:1e:06:26:f5:da:47:97:f3:a5:be:88:5d:dd: 04:f4:d9:b4:46:a2:c9:51:93:6f:7f:7e:b5:f1:4c:ae:33:d7: f0:a9:0b:bd:26:a8:a5:ff:f8:b6:3b:54:ca:bc:db:e5:7a:8c: 3f:7e:10:b7:30:88:9f:29:06:c9:9b:01:bc:1b:5e:d2:91:37: bd:7b:27:fb:b8:fb:8c:29:f7:68:79:7f:2e:a4:c7:8e:76:34: b8:34:14:41:09:53:fb:55:a3:83:5f:db:f1:ad:e8:b0:2c:6c: 6a:31:f6:27:74:37:d6:40:63:fb:b5:73:6f:3e:c0:e2:ff:fa: 92:25:af:fb:03:65:77:da:c9:b5:7b:02:72:f3:94:8b:16:ce: 3a:01:99:f7:ab:2d:34:d6:eb:a4:79:8c:02:95:87:7e:bf:04: d9:ab:4b:aa:87:1c:12:9c:47:81:88:16:6d:e1:54:51:00:6e: 6f:b9:59:15:14:af:23:2a:cf:08:99:65:95:96:17:fe:e2:bf: b5:2c:54:ff:a3:a3:6f:a7:3b:bc:59:28:42:02:ca:99:4a:cc: f6:8f:3b:78:e6:cd:78:3c:46:08:f6:24:c8:34:29:d7:03:86: e4:5f:e2:1c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBpYxmXOgWXI6Bm4Lj2jsbqzUwa8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANDY4MmRjY2ZjOTFmYTY1OGM5Nzk4 MWNlMzY2ZDk2N2FlMzRiYjUxODhhZGNiMDBhMzM2M2Y1ZmZhN2Y3NzQ5NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZkguberkgzfJBy35edJfNcojAmL embVSLl96P1SPo83jjIbRd98b8tbZWTJQfZyph3OCiBNk+j04HhANy4ZL+lyrUwE pFNbcGDPMgA27WXfD2J+Pnt6aAXviovfIYAGHTA0rUhqD4R4crXOuEyzmYVBDJJo GDLU2tfOLznfn21Mvkn60c3kT6suj9LIKUy6/jrfySu0yKwD3DMRN0Yqgh7gNfZ4 UatjKhoQNs20tp8+RmVA+uEj/lCxrPjFAcv3VPuOnXzS/OrWe5J9nqfxPCNbYG6S l3GkdAiMPWjoifnKgOQmPF/vd3cpHm0hnDWY6upmPd5Adw+7VTekon3lpQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOtkj1jMC3X1PyZT/70qSXKx94R2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU4OWNkMTc0LWZmOWYtNDQ2OC1iNDM0LTU1MDk1YTI0ZjE0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAMAgMA0GCSqGSIb3DQEBCwUAA4IBAQCHkDTP4CpS9BuHrWWG qcxDFr5j10J2+R4GJvXaR5fzpb6IXd0E9Nm0RqLJUZNvf3618UyuM9fwqQu9Jqil //i2O1TKvNvleow/fhC3MIifKQbJmwG8G17SkTe9eyf7uPuMKfdoeX8upMeOdjS4 NBRBCVP7VaODX9vxreiwLGxqMfYndDfWQGP7tXNvPsDi//qSJa/7A2V32sm1ewJy 85SLFs46AZn3qy001uukeYwClYd+vwTZq0uqhxwSnEeBiBZt4VRRAG5vuVkVFK8j Ks8ImWWVlhf+4r+1LFT/o6Nvpzu8WShCAsqZSsz2jzt45s14PEYI9iTINCnXA4bk X+Ic -----END CERTIFICATE-----Generated at Wed Feb 5 04:04:41 2025 by rpki-client