$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/699e1901-6701-4fae-ba1b-680131cc39df.roa File: 699e1901-6701-4fae-ba1b-680131cc39df.roa (raw, json) Hash identifier: ouYl5hVZM2Jy3kbgwvY/eWCEEhPvrCjWWnVUzDwCS0o= Subject key identifier: A7:28:2D:C8:DA:28:AE:2F:2D:BE:E8:EF:8C:C3:28:8D:2C:1E:FB:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2CD7D00EE8D748F75E6338098F3EC87814ED02C6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/699e1901-6701-4fae-ba1b-680131cc39df.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1b::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:d7:d0:0e:e8:d7:48:f7:5e:63:38:09:8f:3e:c8:78:14:ed:02:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:6a:44:ae:b2:03:c9:76:f6:f6:1b:be:4c:e3: f4:dc:c9:64:df:4e:09:27:9d:0b:b5:c0:a7:41:72: 1e:fc:01:24:c7:1e:66:fe:66:21:1d:c3:71:8e:97: 5c:cc:14:04:d3:ed:70:63:fd:ab:6b:74:6d:3d:de: 97:69:83:30:cc:ff:0a:77:06:c2:d0:bf:f3:50:5a: 91:93:61:5d:c8:d7:4e:fb:15:8c:aa:06:37:ae:39: e3:b9:87:fd:db:52:41:cb:44:98:5f:d5:72:f0:1f: 20:e7:87:c8:dd:32:e5:cf:8c:0c:d6:3d:01:74:be: 70:90:0e:6d:b3:71:b1:e4:d1:6a:a7:f6:d6:ca:70: 97:2b:a9:2a:b9:83:62:97:08:4b:60:42:e7:69:93: d8:14:b1:c2:79:2f:10:9e:f6:d6:2f:8f:80:4c:a3: 2b:85:42:89:60:1a:c0:ec:a5:3c:ec:36:a1:9c:39: 99:7e:76:38:7c:9b:6c:20:db:f9:e4:29:6d:a3:f1: 23:bf:91:8f:2b:62:68:3a:c1:03:32:69:ad:cb:88: f6:1d:95:dd:47:46:af:db:53:5a:02:de:0d:c5:b0: a1:7a:a4:37:cf:78:dd:18:6b:5f:3f:4b:38:1b:0c: 23:43:86:30:a8:28:63:62:8b:c0:75:7b:28:fa:f5: 9f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:28:2D:C8:DA:28:AE:2F:2D:BE:E8:EF:8C:C3:28:8D:2C:1E:FB:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/699e1901-6701-4fae-ba1b-680131cc39df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1b::/38 Signature Algorithm: sha256WithRSAEncryption 09:ae:7a:95:da:30:f0:b3:c3:c2:f5:5c:3c:03:1d:2a:29:c6: 18:6c:9b:49:39:b4:41:a1:b0:4e:db:84:82:4c:35:af:b8:bf: 4b:c9:7a:c2:b0:de:a8:86:50:bd:69:7c:fb:20:2c:55:66:b1: 81:45:86:ce:c2:48:42:5d:86:f3:cf:5f:dd:b9:bd:9b:85:a1: 6a:1c:7f:5c:7e:e5:c5:e6:80:ed:a3:0c:e7:a0:a2:34:2e:67: 80:08:7a:cd:5b:bc:5e:db:70:87:0b:ba:f5:a7:84:5b:ca:e2: 6d:1c:54:f4:8b:55:fa:ca:d7:d9:2b:55:7b:43:24:ce:53:10: 92:b3:ad:36:c3:25:4e:80:fa:e7:1e:37:89:2a:41:cb:5c:fa: fd:5b:cb:d0:7a:a0:d7:3f:76:86:d0:85:81:b8:95:0b:88:7f: a8:8a:62:1f:bb:33:32:23:8d:e7:a0:28:fe:1f:3a:30:63:70: 1e:56:15:7b:30:1e:a9:dd:87:21:59:07:ca:d5:15:fd:6e:82: 64:29:00:47:ed:98:e4:2e:cf:1a:15:37:ad:e7:08:15:7c:a4: 34:33:66:a4:32:16:72:6b:2d:92:cd:64:c3:96:0f:98:3d:90: 93:2d:a9:61:93:3e:8a:16:23:1d:a4:91:96:15:28:46:8e:c1: 07:9d:b7:d8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULNfQDujXSPdeYzgJjz7IeBTtAsYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYTAxZTFlMDM0NGRhM2NjNzhhY2E1 NGVhNzdlYmFlZGE3MjFkZDcyYjI3ZTU3NmIxM2M3NmZjNGNlZDBkYTQxMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGpErrIDyXb29hu+TOP03Mlk304J J50LtcCnQXIe/AEkxx5m/mYhHcNxjpdczBQE0+1wY/2ra3RtPd6XaYMwzP8KdwbC 0L/zUFqRk2FdyNdO+xWMqgY3rjnjuYf921JBy0SYX9Vy8B8g54fI3TLlz4wM1j0B dL5wkA5ts3Gx5NFqp/bWynCXK6kquYNilwhLYELnaZPYFLHCeS8QnvbWL4+ATKMr hUKJYBrA7KU87DahnDmZfnY4fJtsINv55Clto/Ejv5GPK2JoOsEDMmmty4j2HZXd R0av21NaAt4NxbCheqQ3z3jdGGtfP0s4GwwjQ4YwqChjYovAdXso+vWfqQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKcoLcjaKK4vLb7o74zDKI0sHvt/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5OWUxOTAxLTY3MDEtNGZhZS1iYTFiLTY4MDEzMWNjMzlkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGwAwDQYJKoZIhvcNAQELBQADggEBAAmuepXaMPCzw8L1XDwD HSopxhhsm0k5tEGhsE7bhIJMNa+4v0vJesKw3qiGUL1pfPsgLFVmsYFFhs7CSEJd hvPPX925vZuFoWocf1x+5cXmgO2jDOegojQuZ4AIes1bvF7bcIcLuvWnhFvK4m0c VPSLVfrK19krVXtDJM5TEJKzrTbDJU6A+uceN4kqQctc+v1by9B6oNc/dobQhYG4 lQuIf6iKYh+7MzIjjeegKP4fOjBjcB5WFXswHqndhyFZB8rVFf1ugmQpAEftmOQu zxoVN63nCBV8pDQzZqQyFnJrLZLNZMOWD5g9kJMtqWGTPooWIx2kkZYVKEaOwQed t9g= -----END CERTIFICATE-----Generated at Wed Feb 5 03:53:43 2025 by rpki-client