$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa File: 5c92d86f-d096-414c-bd9a-599ba8ca213f.roa (raw, json) Hash identifier: ZTJXaQVLWBiFWrqrzEuddBfBFympFpAdgu2DTmFcI+A= Subject key identifier: BB:CB:20:47:E4:50:A1:D5:F0:8D:3E:78:AE:D3:B1:DA:33:FD:D0:0C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7C32F0C6D8FF5B07820BE5C3BA2DC4E5CAF2E913 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:32:f0:c6:d8:ff:5b:07:82:0b:e5:c3:ba:2d:c4:e5:ca:f2:e9:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fd:49:ce:a9:bb:a2:b3:db:cd:b1:f7:c6:45:db: ab:b9:37:a1:51:74:10:b0:e8:df:03:7d:45:9e:34: cd:9c:84:e9:15:f0:8d:6d:21:f2:1d:c0:7c:7b:45: 03:6d:ad:bb:94:4c:d4:68:9a:24:08:2c:87:e2:57: ff:bf:29:eb:71:a5:2f:b9:b9:c4:b1:94:a1:33:7d: 17:3f:ee:71:4f:08:75:cd:e0:97:b1:6e:58:07:10: 97:bb:fd:56:9e:98:cf:9b:23:9b:c1:bc:d9:9f:41: ae:8f:43:6d:3b:ec:ea:ec:32:e1:74:4f:8f:45:bd: 04:be:77:09:c8:59:91:97:e9:9c:c3:6e:b4:ab:31: 13:d6:da:36:8f:d3:c7:20:6b:2a:8b:ed:6f:60:a8: 26:ab:94:df:c1:7a:76:b6:7f:7a:9d:2f:aa:6e:98: 32:45:81:84:ac:a6:21:7d:80:01:92:3a:4c:f4:81: fd:ee:ac:47:2f:d0:2e:43:6b:69:dd:fe:5b:18:61: 26:5e:d4:c3:a2:9c:f2:a1:a5:47:3e:a0:39:97:64: b5:f2:b8:0b:bd:54:42:ff:1b:45:6b:fc:2f:73:a7: 22:81:6e:ba:4c:e5:94:2d:3d:96:7c:a9:aa:de:0c: f3:8f:55:98:39:b7:b4:11:0b:06:01:0d:da:23:91: e3:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:CB:20:47:E4:50:A1:D5:F0:8D:3E:78:AE:D3:B1:DA:33:FD:D0:0C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:2800::/40 Signature Algorithm: sha256WithRSAEncryption 70:9e:22:4b:87:1c:2f:eb:f3:1f:aa:10:c7:8c:5a:0c:76:bf: 7a:03:44:e0:5d:d2:b3:6b:69:c7:93:50:7c:1a:3d:1c:b7:99: 89:7b:f1:2c:c7:c8:91:95:da:f6:c5:74:72:30:ae:30:e9:d2: dc:da:8d:2f:6b:6e:d0:b3:2d:b8:8a:4a:c7:df:d9:33:d9:d5: 16:05:0a:64:ae:ef:ab:83:50:62:27:49:13:8e:2f:83:11:79: 78:85:d7:a5:9b:f1:e2:40:b1:ce:81:44:01:79:c9:d1:d7:64: e9:e7:fb:6b:27:b5:fd:5a:4f:0b:1c:84:83:cd:bc:0a:49:a0: 7f:82:f7:e1:c1:59:09:82:ba:f2:ac:15:8f:7b:7b:37:50:c3: d5:02:a9:bc:68:6c:2c:46:46:a4:7b:c9:2e:1e:74:eb:7e:34: 4b:d2:ab:1f:e5:00:ed:8c:81:d8:cc:fa:5e:bd:87:62:b1:10: f6:74:16:41:ec:9e:d9:cb:4c:b9:cf:15:ab:a5:95:7b:0f:be: 4b:95:07:9d:3f:cb:8c:5c:ea:6f:cf:3a:e7:d9:c2:92:c6:b3: 7e:35:28:07:05:42:48:26:3b:d5:89:71:00:a8:5a:3c:a5:22: e3:d3:e2:32:ae:fe:41:65:3e:00:4d:17:56:2e:bd:9e:77:5b: b8:c3:6f:7a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfDLwxtj/WweCC+XDui3E5cry6RMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZTdjYTFkNGJlMjQ1YjZmMjcwMTI0 MjVjYTg3Yzg5MWNkNThhMWMyYmJmMDU0Njg2ZDIwODgwNTRkY2FmODhjOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/UnOqbuis9vNsffGRduruTehUXQQ sOjfA31FnjTNnITpFfCNbSHyHcB8e0UDba27lEzUaJokCCyH4lf/vynrcaUvubnE sZShM30XP+5xTwh1zeCXsW5YBxCXu/1WnpjPmyObwbzZn0Guj0NtO+zq7DLhdE+P Rb0EvncJyFmRl+mcw260qzET1to2j9PHIGsqi+1vYKgmq5TfwXp2tn96nS+qbpgy RYGErKYhfYABkjpM9IH97qxHL9AuQ2tp3f5bGGEmXtTDopzyoaVHPqA5l2S18rgL vVRC/xtFa/wvc6cigW66TOWULT2WfKmq3gzzj1WYObe0EQsGAQ3aI5HjnwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLvLIEfkUKHV8I0+eK7Tsdoz/dAMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjOTJkODZmLWQwOTYtNDE0Yy1iZDlhLTU5OWJhOGNhMjEzZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacCgwDQYJKoZIhvcNAQELBQADggEBAHCeIkuHHC/r8x+qEMeM Wgx2v3oDROBd0rNraceTUHwaPRy3mYl78SzHyJGV2vbFdHIwrjDp0tzajS9rbtCz LbiKSsff2TPZ1RYFCmSu76uDUGInSROOL4MReXiF16Wb8eJAsc6BRAF5ydHXZOnn +2sntf1aTwschIPNvApJoH+C9+HBWQmCuvKsFY97ezdQw9UCqbxobCxGRqR7yS4e dOt+NEvSqx/lAO2MgdjM+l69h2KxEPZ0FkHsntnLTLnPFaullXsPvkuVB50/y4xc 6m/POufZwpLGs341KAcFQkgmO9WJcQCoWjylIuPT4jKu/kFlPgBNF1YuvZ53W7jD b3o= -----END CERTIFICATE-----Generated at Wed Feb 5 03:48:13 2025 by rpki-client