$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa File: 5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa (raw, json) Hash identifier: eKRw4Wn2xOHG93rLQcPRNBBkVV5zRMA4Qxo+KjMPElY= Subject key identifier: C7:D4:CF:CF:15:24:37:A3:CB:C2:C4:7E:65:CA:BD:B3:81:EA:B6:D4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 59C0AE69F3A7F50FB99FFCD4D82F64822D5E4BF6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:60c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:c0:ae:69:f3:a7:f5:0f:b9:9f:fc:d4:d8:2f:64:82:2d:5e:4b:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:9e:d1:75:de:04:d3:82:e3:ce:4e:1e:6f:04: 98:f8:5b:24:b0:c8:5a:71:31:d2:39:f2:64:6e:36: c2:c0:df:f1:df:7a:39:be:df:3b:51:64:56:8f:86: 8d:34:8e:4e:4e:ff:8e:c3:d7:2a:2f:e4:5a:97:42: ad:4a:de:57:9d:24:7f:63:19:46:55:03:30:08:21: 7d:0f:90:2f:67:75:a1:d7:8c:71:e0:6e:59:e3:f5: d3:8b:59:e9:55:07:58:3f:a8:ed:44:2a:7c:d6:e7: 35:d9:78:e9:29:f6:2e:de:14:23:48:13:7e:d4:8d: 8c:e0:73:b7:b0:8d:3b:39:e9:06:5a:89:0a:73:22: 8c:9d:ee:fc:2d:0e:b1:69:0b:d7:8a:00:f1:0f:60: e4:f5:93:88:0b:2e:eb:c1:93:c0:78:81:8a:91:c3: af:61:07:f6:22:d6:64:d6:08:d5:43:a9:7c:ae:b6: 44:4e:40:48:21:59:9e:e5:83:50:62:f8:5f:21:ff: 37:ca:09:df:9d:e9:a8:10:20:60:7f:a8:be:53:04: 4a:ef:58:8d:7e:f7:9d:20:0d:e0:be:70:25:5b:a5: 76:c3:3b:ed:21:4e:a8:75:64:8a:41:c2:e4:fe:82: 9b:f9:7e:bd:8b:31:05:65:55:54:02:ed:85:31:80: 5d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:D4:CF:CF:15:24:37:A3:CB:C2:C4:7E:65:CA:BD:B3:81:EA:B6:D4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:60c0::/46 Signature Algorithm: sha256WithRSAEncryption 20:c7:bf:94:33:58:09:5a:3e:8f:91:39:68:a6:e3:66:80:53: 0f:30:0a:0c:04:4c:76:7e:ea:9e:54:d5:cb:67:3d:63:e8:98: 8a:c9:dd:30:f1:0c:ea:1f:fe:45:76:99:58:6e:72:b9:ac:9d: 9c:34:d6:7b:c4:4c:38:d3:b5:0b:54:17:40:6f:b3:10:2b:b0: a3:c9:23:cc:ee:41:7a:90:d7:bf:fb:6d:74:d6:fd:18:9f:6a: f1:2a:94:7d:49:56:c4:a2:08:2b:52:dd:08:b5:2a:e7:d6:08: 09:d9:de:95:24:5c:dc:48:3c:39:02:62:d5:f6:f9:f3:43:03: b6:f4:41:53:38:14:9e:e8:58:2b:af:19:29:9c:36:4a:9f:7f: b3:b5:7f:3b:15:25:ef:40:50:0d:ee:c5:dc:3b:3a:e7:78:fd: 9f:cb:07:1b:ae:41:a9:aa:3f:6b:0c:65:09:ce:41:57:93:3f: 60:26:d1:1f:65:cb:0e:b4:53:9a:85:fe:63:53:88:ba:01:64: 93:47:e2:a4:42:5d:fe:48:bd:74:04:60:10:33:52:26:79:d7: 51:cd:2a:da:73:7f:22:5f:70:ce:66:86:e6:62:16:04:e6:10: 67:b9:49:2a:f6:fc:a8:4c:52:3f:fa:b1:c3:b3:fd:cf:a3:0d: 3d:c7:e5:2d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWcCuafOn9Q+5n/zU2C9kgi1eS/YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMGQ4OTBlYTYxZWYyOWViMzBkMzUz ZjM0ZDNmMDhmN2QxNjc3OGVmMjdmNjFkODc3NTNhYWMwOGMyYmY3ZGFjOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp7Rdd4E04Ljzk4ebwSY+FsksMha cTHSOfJkbjbCwN/x33o5vt87UWRWj4aNNI5OTv+Ow9cqL+Ral0KtSt5XnSR/YxlG VQMwCCF9D5AvZ3Wh14xx4G5Z4/XTi1npVQdYP6jtRCp81uc12XjpKfYu3hQjSBN+ 1I2M4HO3sI07OekGWokKcyKMne78LQ6xaQvXigDxD2Dk9ZOICy7rwZPAeIGKkcOv YQf2ItZk1gjVQ6l8rrZETkBIIVme5YNQYvhfIf83ygnfnemoECBgf6i+UwRK71iN fvedIA3gvnAlW6V2wzvtIU6odWSKQcLk/oKb+X69izEFZVVUAu2FMYBdswIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMfUz88VJDejy8LEfmXKvbOB6rbUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVhYzc2Y2NiLTRmNTctNDE4NS1hZDJmLTA1YmYzMzhiYTM1ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaWDAMA0GCSqGSIb3DQEBCwUAA4IBAQAgx7+UM1gJWj6PkTlo puNmgFMPMAoMBEx2fuqeVNXLZz1j6JiKyd0w8QzqH/5FdplYbnK5rJ2cNNZ7xEw4 07ULVBdAb7MQK7CjySPM7kF6kNe/+2101v0Yn2rxKpR9SVbEoggrUt0ItSrn1ggJ 2d6VJFzcSDw5AmLV9vnzQwO29EFTOBSe6FgrrxkpnDZKn3+ztX87FSXvQFAN7sXc OzrneP2fywcbrkGpqj9rDGUJzkFXkz9gJtEfZcsOtFOahf5jU4i6AWSTR+KkQl3+ SL10BGAQM1ImeddRzSrac38iX3DOZobmYhYE5hBnuUkq9vyoTFI/+rHDs/3Pow09 x+Ut -----END CERTIFICATE-----Generated at Wed Feb 5 03:55:40 2025 by rpki-client