$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0d2894-eaa1-4bae-b793-13a3b2528447.roa File: 5f0d2894-eaa1-4bae-b793-13a3b2528447.roa (raw, json) Hash identifier: 2wGxg6GHEUSClHNg+KJSaH4AUHWTfwFE+Mkb/t5xIV0= Subject key identifier: 8E:A3:0E:BD:ED:49:AB:07:9E:BB:EA:91:F3:4F:8F:30:0D:1B:26:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60F4A2A123797DC3010749EDB777522E647D87AF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0d2894-eaa1-4bae-b793-13a3b2528447.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:e080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:f4:a2:a1:23:79:7d:c3:01:07:49:ed:b7:77:52:2e:64:7d:87:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:11:9b:ea:91:d6:62:37:0a:e2:f3:c8:a1:06: 00:9a:3e:92:e2:2f:31:ad:e4:c1:a1:32:9f:39:0e: 6d:82:3d:83:ab:6b:ed:12:8c:0e:13:40:49:f6:5a: 47:54:bb:77:f8:d8:40:79:d7:51:f1:ca:73:ec:df: 7f:51:a9:a2:ce:ce:2d:9b:9d:23:bb:86:9b:56:86: 50:66:87:4d:da:0f:de:0d:1a:2f:5b:5d:0e:0a:e7: e3:10:b0:18:ce:58:15:3f:48:67:9f:c1:f8:82:3d: 3a:a5:fb:97:26:fc:74:e1:01:c1:d7:c4:82:e0:13: 3f:18:8e:4f:09:09:fe:83:9f:d1:ea:2c:4b:39:a2: a1:02:01:64:cc:49:e6:99:a9:de:f4:dd:d3:6b:08: d5:d2:fe:c4:1e:66:84:8b:6e:3f:20:26:7f:ce:6f: 2e:a1:05:7d:0f:28:ad:c7:d2:70:a7:32:5c:10:63: cb:49:51:be:95:85:ec:8a:28:4f:ef:ad:25:58:13: 11:67:20:70:ff:cd:87:23:53:89:8b:a6:23:b5:a6: 18:8d:23:2d:2f:ce:a3:f4:05:8e:7c:48:91:8e:db: 9f:64:22:46:3f:27:0b:e6:09:26:52:c5:1e:f5:21: 01:3e:c9:ce:cf:ae:3c:87:2e:ef:91:d9:68:71:60: 83:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:A3:0E:BD:ED:49:AB:07:9E:BB:EA:91:F3:4F:8F:30:0D:1B:26:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0d2894-eaa1-4bae-b793-13a3b2528447.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:e080::/46 Signature Algorithm: sha256WithRSAEncryption 82:f8:26:44:a9:41:d6:8d:a1:3f:c0:50:08:8b:9a:7b:01:96: ca:70:6a:12:4c:08:57:3f:c3:24:0a:0e:78:92:5c:b1:1b:e9: f5:75:10:10:47:e7:dc:36:02:8f:c1:42:58:1b:60:80:66:60: 75:1f:ae:14:a9:18:f0:10:9a:08:d3:7a:ff:cb:fb:5b:49:4c: 6e:3b:62:f3:16:98:dd:55:f9:91:2c:5d:f4:79:ef:8c:62:e9: 5f:84:06:fa:1c:60:d8:a4:43:7a:b4:91:60:c3:3f:5b:89:b1: 89:60:9b:bd:68:2f:69:31:25:7f:7e:71:33:c3:f4:29:81:1d: f4:b5:d5:8a:85:65:37:c4:9b:a5:5a:d1:ea:ca:43:4a:73:2a: 60:e4:22:d8:c9:69:be:c7:2a:7e:21:1a:3a:c7:6d:32:1b:07: 07:c9:89:70:2f:7b:77:b7:d8:83:97:6e:6d:30:ed:6f:d1:3d: 22:7a:96:98:a1:9a:a6:03:93:5a:ce:b5:31:d4:0e:34:1e:f7: b1:87:1b:d1:7c:5f:55:97:c7:94:5d:dc:12:4e:5a:d8:b8:38: 1b:e7:31:bf:25:88:8e:10:2b:e3:66:bf:92:ab:26:5c:49:17: 9e:8c:8c:fa:af:c1:b0:e3:e2:79:0e:b4:04:e3:bf:3c:98:10: db:a7:ef:29 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYPSioSN5fcMBB0ntt3dSLmR9h68wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYzU3ZGI2YTZjZjE1MzFkN2VkZWVl NzllZWNhNDg5MmY3NTRhNDBkN2ZiN2Q2Y2U1ODc5MTgwZjI0N2YxYzgwMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBGb6pHWYjcK4vPIoQYAmj6S4i8x reTBoTKfOQ5tgj2Dq2vtEowOE0BJ9lpHVLt3+NhAeddR8cpz7N9/Uamizs4tm50j u4abVoZQZodN2g/eDRovW10OCufjELAYzlgVP0hnn8H4gj06pfuXJvx04QHB18SC 4BM/GI5PCQn+g5/R6ixLOaKhAgFkzEnmmane9N3TawjV0v7EHmaEi24/ICZ/zm8u oQV9Dyitx9JwpzJcEGPLSVG+lYXsiihP760lWBMRZyBw/82HI1OJi6YjtaYYjSMt L86j9AWOfEiRjtufZCJGPycL5gkmUsUe9SEBPsnOz648hy7vkdlocWCDaQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFI6jDr3tSasHnrvqkfNPjzANGyYaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVmMGQyODk0LWVhYTEtNGJhZS1iNzkzLTEzYTNiMjUyODQ0Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba++CAMA0GCSqGSIb3DQEBCwUAA4IBAQCC+CZEqUHWjaE/wFAI i5p7AZbKcGoSTAhXP8MkCg54klyxG+n1dRAQR+fcNgKPwUJYG2CAZmB1H64UqRjw EJoI03r/y/tbSUxuO2LzFpjdVfmRLF30ee+MYulfhAb6HGDYpEN6tJFgwz9bibGJ YJu9aC9pMSV/fnEzw/QpgR30tdWKhWU3xJulWtHqykNKcypg5CLYyWm+xyp+IRo6 x20yGwcHyYlwL3t3t9iDl25tMO1v0T0iepaYoZqmA5NazrUx1A40HvexhxvRfF9V l8eUXdwSTlrYuDgb5zG/JYiOECvjZr+SqyZcSReejIz6r8Gw4+J5DrQE4788mBDb p+8p -----END CERTIFICATE-----Generated at Wed Feb 5 03:57:43 2025 by rpki-client