$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa File: 6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa (raw, json) Hash identifier: eOnnUCMX8X439RpnnMnpjTuz6PUYPCqufS+S7fgZ0To= Subject key identifier: E1:ED:F7:42:77:88:83:0B:55:27:A0:D1:54:37:1E:B9:48:B7:4E:19 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5AABE71B3A36167E9416A5D4A374601EB43DBD70 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa Signing time: Sat 01 Mar 2025 00:00:46 +0000 ROA not before: Sat 01 Mar 2025 00:00:46 +0000 ROA not after: Sat 05 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 17 Mar 2025 16:37:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:ab:e7:1b:3a:36:16:7e:94:16:a5:d4:a3:74:60:1e:b4:3d:bd:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 1 00:00:46 2025 GMT Not After : Apr 5 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:8b:78:e1:75:c9:60:ef:fe:38:80:d0:b0:8e: a3:5f:1b:85:7a:43:f7:25:a6:2a:71:e9:58:29:3f: 16:3f:5b:92:83:cc:6b:cf:d4:73:fa:d8:39:5d:8c: ad:06:d7:eb:16:d0:57:7d:97:d3:d6:80:fb:17:c3: 66:48:ee:73:4e:54:53:f8:0e:ea:f2:09:c8:d1:30: eb:d7:20:51:2f:a0:ed:9c:7e:f9:76:b1:c1:61:d8: aa:6d:2e:13:fc:f7:f8:78:4d:e7:f3:82:73:03:50: c3:8e:d6:b3:52:82:0a:75:6c:83:2c:57:28:32:01: 10:ec:a3:4f:fe:39:72:60:89:f8:70:7f:2b:0b:fb: e0:8a:29:99:0d:45:38:7c:63:4a:3a:42:cd:50:15: 42:22:89:df:6a:72:4d:b9:61:de:62:c6:d6:65:b6: 92:41:f5:2c:f7:e0:f9:9d:02:73:8c:e4:f6:e2:36: 02:65:0a:fa:2c:d3:4f:10:29:52:bf:50:60:76:36: 66:f8:32:97:ec:7e:6d:6c:b3:1f:d7:24:f8:74:32: 76:0e:54:bf:6c:7f:41:45:d1:8d:ad:f0:d9:b9:db: 75:84:88:cb:a2:7e:f4:3e:b4:6f:0f:9e:77:90:50: d3:fd:ea:00:9c:73:99:23:98:ca:09:d4:f9:3a:29: 7d:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:ED:F7:42:77:88:83:0B:55:27:A0:D1:54:37:1E:B9:48:B7:4E:19 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:7000::/40 Signature Algorithm: sha256WithRSAEncryption 99:ce:9c:90:b8:27:32:7d:b4:80:70:f8:a0:1c:56:ac:1c:d5: 68:8b:a0:ca:6f:40:ec:b9:79:f5:ad:f5:d3:2f:b7:c0:d9:27: 21:16:ec:55:d0:2a:cd:e3:32:16:c4:60:ad:94:a8:e5:f1:d3: 9d:0c:e3:23:11:b9:3f:90:66:4a:9b:64:a9:01:f8:6d:2a:26: 0c:de:73:e5:3d:08:78:42:71:71:ff:09:f6:ce:40:90:65:43: 1d:25:c3:9c:06:ab:1e:aa:4e:10:ec:1a:b9:7c:d1:63:31:01: 43:a7:a7:52:d0:cd:7c:72:8c:ee:5b:2f:84:de:25:87:07:84: 36:48:3f:62:21:08:b6:c4:19:77:3c:65:56:e5:2d:23:15:5b: cc:7c:12:98:8e:7f:d1:55:ad:61:44:80:41:1e:94:1a:b4:ce: ac:8c:b2:c9:6d:4a:82:c3:a9:21:35:06:fc:7c:cb:b7:a3:f0: 6f:dc:46:64:53:81:5a:30:ca:b8:b8:79:6a:19:66:da:f6:f4: 47:a0:a4:bc:39:8d:85:b4:93:b3:d2:cd:7f:e9:4b:ef:e5:d1: 25:2d:72:64:38:5a:7b:4b:3e:01:36:d9:5e:48:71:40:79:9a: 4f:81:09:27:03:7c:16:bb:65:1f:e4:47:fb:07:4b:1d:c8:8a: 08:ce:d1:fb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWqvnGzo2Fn6UFqXUo3RgHrQ9vXAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMwMTAwMDA0NloX DTI1MDQwNTIzNTk1OVowejFJMEcGA1UEBRNAMmJiNzU5ZjU0ZDlmZDNkY2RmNjIy MzBjZWJlYTljM2M2YTQ3NTFiZTMwZmFmNTc3OGEwZjcxMTVkYmE5NDc0ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYt44XXJYO/+OIDQsI6jXxuFekP3 JaYqcelYKT8WP1uSg8xrz9Rz+tg5XYytBtfrFtBXfZfT1oD7F8NmSO5zTlRT+A7q 8gnI0TDr1yBRL6DtnH75drHBYdiqbS4T/Pf4eE3n84JzA1DDjtazUoIKdWyDLFco MgEQ7KNP/jlyYIn4cH8rC/vgiimZDUU4fGNKOkLNUBVCIonfanJNuWHeYsbWZbaS QfUs9+D5nQJzjOT24jYCZQr6LNNPEClSv1BgdjZm+DKX7H5tbLMf1yT4dDJ2DlS/ bH9BRdGNrfDZudt1hIjLon70PrRvD553kFDT/eoAnHOZI5jKCdT5Oil90wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOHt90J3iIMLVSeg0VQ3HrlIt04ZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZhOTUyYWU1LTIwYTAtNDM3MC05OWQ1LWJmYTBiZTQwYjQwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauXAwDQYJKoZIhvcNAQELBQADggEBAJnOnJC4JzJ9tIBw+KAc Vqwc1WiLoMpvQOy5efWt9dMvt8DZJyEW7FXQKs3jMhbEYK2UqOXx050M4yMRuT+Q ZkqbZKkB+G0qJgzec+U9CHhCcXH/CfbOQJBlQx0lw5wGqx6qThDsGrl80WMxAUOn p1LQzXxyjO5bL4TeJYcHhDZIP2IhCLbEGXc8ZVblLSMVW8x8EpiOf9FVrWFEgEEe lBq0zqyMssltSoLDqSE1Bvx8y7ej8G/cRmRTgVowyri4eWoZZtr29EegpLw5jYW0 k7PSzX/pS+/l0SUtcmQ4WntLPgE22V5IcUB5mk+BCScDfBa7ZR/kR/sHSx3IigjO 0fs= -----END CERTIFICATE-----Generated at Thu Mar 13 23:46:50 2025 by rpki-client