$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa File: 67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa (raw, json) Hash identifier: A4B3cTZSIwQk5t3bBGMpS/vNQ9l54vK+akH/n8P0SK0= Subject key identifier: 4C:9A:7C:4D:D3:4A:43:C9:DB:46:ED:32:32:37:4C:6E:A1:77:4E:A8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2FE801A0929FF8792EF40B7A91A093523EAB0112 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:e8:01:a0:92:9f:f8:79:2e:f4:0b:7a:91:a0:93:52:3e:ab:01:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f4:09:9c:78:2d:a7:b4:f5:05:42:4e:ef:3a: 6c:f1:b1:80:9d:c0:e2:22:d6:6c:b8:9c:5b:55:c9: ab:98:d2:75:83:65:a0:6f:f5:48:63:40:56:4f:c3: 00:cd:ba:93:de:ec:82:f4:61:1d:75:3e:f5:54:02: d6:27:30:b7:0e:b5:eb:79:98:fd:10:a0:21:fc:a1: 28:21:d4:15:b3:c2:bc:38:75:7b:1a:c3:d9:b5:21: 90:e1:72:38:95:8a:16:f0:f5:3b:4c:d8:2b:e4:2e: 1a:f7:78:5d:f6:69:cc:df:28:ee:72:16:c9:8b:e5: 58:86:d5:9a:e3:51:88:79:0c:c9:4e:b7:22:16:ab: 36:7a:a1:5a:6b:75:3f:f1:6d:f2:70:a1:00:16:7d: 01:b3:28:a9:2a:7f:e6:12:c4:42:55:f1:cf:2f:8b: 28:57:02:85:b1:a9:cf:da:4c:6e:54:6d:21:d7:67: 55:15:16:74:cd:33:53:d5:98:4e:f8:24:eb:c0:e7: b9:d4:29:4e:8b:00:f7:0d:0d:43:5b:6c:58:d3:f4: 67:64:cb:61:ef:f0:f6:86:67:94:eb:71:95:5f:c9: 27:e0:13:e8:32:56:2d:40:31:29:70:1d:73:de:49: 20:d9:3f:86:8b:4f:01:0a:69:5a:49:9b:e0:6d:a5: 6d:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:9A:7C:4D:D3:4A:43:C9:DB:46:ED:32:32:37:4C:6E:A1:77:4E:A8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4840::/48 Signature Algorithm: sha256WithRSAEncryption 50:08:03:08:7a:da:5d:b8:9d:d2:46:d0:09:35:a8:fc:af:6b: 04:e6:72:19:f1:e5:ab:4b:ae:55:d3:8a:fc:95:8a:84:c2:44: 94:df:41:54:db:54:86:7a:73:01:e5:6e:9b:6d:5d:a0:a8:d4: 6b:fe:56:f2:0c:04:b5:c5:20:3c:40:07:a5:e2:83:82:4a:30: 61:41:18:5f:fb:e8:b3:a0:8c:21:c5:72:52:33:a8:b6:87:81: 64:b6:21:87:f3:26:e4:2f:92:be:89:ac:df:88:5b:68:2e:c0: 7a:63:8e:b0:95:e1:ef:4c:a1:5e:a0:28:52:27:77:4f:10:ef: cf:0f:b3:f7:87:53:1b:90:74:ca:13:76:bf:31:e2:3b:91:b8: da:5d:20:1a:c8:47:38:81:70:28:bb:79:72:bd:ae:11:29:7e: 68:8e:64:85:7c:a3:74:f6:c4:a4:31:b7:cc:3f:33:08:1c:6c: d4:aa:f0:ae:2a:d7:35:71:dd:91:cc:a1:03:60:6d:d1:16:b3: 19:14:ec:fc:bb:2f:08:00:04:cf:54:3b:46:3b:45:16:cc:d0: 08:83:a4:09:48:b8:b6:ff:0c:c2:7d:47:3a:1e:3c:6e:ed:05: 63:55:a0:60:ea:18:8b:df:52:94:70:92:e1:af:02:43:0d:16: 65:d4:d9:7a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUL+gBoJKf+Hku9At6kaCTUj6rARIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANWFjMmQyY2QxMTFkMmZlYWUxNDMy MTdjYTkyMTZmY2VkY2QzMmYxNmJhOThhNTRjYmIzMDM0NmQyYzJhZTQ3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/QJnHgtp7T1BUJO7zps8bGAncDi ItZsuJxbVcmrmNJ1g2Wgb/VIY0BWT8MAzbqT3uyC9GEddT71VALWJzC3DrXreZj9 EKAh/KEoIdQVs8K8OHV7GsPZtSGQ4XI4lYoW8PU7TNgr5C4a93hd9mnM3yjuchbJ i+VYhtWa41GIeQzJTrciFqs2eqFaa3U/8W3ycKEAFn0BsyipKn/mEsRCVfHPL4so VwKFsanP2kxuVG0h12dVFRZ0zTNT1ZhO+CTrwOe51ClOiwD3DQ1DW2xY0/RnZMth 7/D2hmeU63GVX8kn4BPoMlYtQDEpcB1z3kkg2T+Gi08BCmlaSZvgbaVtRwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEyafE3TSkPJ20btMjI3TG6hd06oMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3ZGFkNjVmLWYyYTctNDZlZi1hNTM3LThmMDliMWE5OWMzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEhAMA0GCSqGSIb3DQEBCwUAA4IBAQBQCAMIetpduJ3SRtAJ Naj8r2sE5nIZ8eWrS65V04r8lYqEwkSU30FU21SGenMB5W6bbV2gqNRr/lbyDAS1 xSA8QAel4oOCSjBhQRhf++izoIwhxXJSM6i2h4FktiGH8ybkL5K+iazfiFtoLsB6 Y46wleHvTKFeoChSJ3dPEO/PD7P3h1MbkHTKE3a/MeI7kbjaXSAayEc4gXAou3ly va4RKX5ojmSFfKN09sSkMbfMPzMIHGzUqvCuKtc1cd2RzKEDYG3RFrMZFOz8uy8I AATPVDtGO0UWzNAIg6QJSLi2/wzCfUc6Hjxu7QVjVaBg6hiL31KUcJLhrwJDDRZl 1Nl6 -----END CERTIFICATE-----Generated at Wed Feb 5 03:56:14 2025 by rpki-client