$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b336b02-f773-4fbb-bbc4-a1149b172ad2.roa File: 6b336b02-f773-4fbb-bbc4-a1149b172ad2.roa (raw, json) Hash identifier: E6ZQsiMmAKCLyKRyuXQtPlM6o1KFK1BFXse2X6uBcsk= Subject key identifier: 20:EE:67:13:0C:58:EF:28:EB:DF:A2:7D:FD:7F:9E:1D:08:6B:AE:79 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56A2917F10A2F800A7EEC4699684D0EF05E342CA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b336b02-f773-4fbb-bbc4-a1149b172ad2.roa Signing time: Fri 07 Feb 2025 00:00:00 +0000 ROA not before: Fri 07 Feb 2025 00:00:00 +0000 ROA not after: Fri 14 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:a2:91:7f:10:a2:f8:00:a7:ee:c4:69:96:84:d0:ef:05:e3:42:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 7 00:00:00 2025 GMT Not After : Mar 14 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:53:33:a3:ea:15:81:90:f6:fa:52:36:9e:9b: 39:64:c4:95:22:d7:c0:2d:a3:f0:3a:e7:05:96:30: ab:16:02:f8:e2:73:0f:9b:f7:41:f2:e9:39:0d:45: ff:85:67:ec:e8:b7:79:4e:fc:0f:6c:5e:bc:27:f6: 07:c8:2c:9a:4a:5b:49:a4:a8:11:ce:c0:fb:be:c3: 82:2b:05:33:26:45:23:05:5b:1e:c9:3d:8a:94:71: 49:90:0d:42:2c:c3:ab:44:86:5c:39:62:3e:95:4d: 2a:90:07:09:77:24:cd:1d:ee:e5:82:be:31:43:6d: 76:72:28:1c:22:eb:41:91:11:a3:a6:cc:b0:66:4a: db:69:2f:92:b1:fe:f3:18:12:52:af:71:67:9c:4d: ed:51:66:a8:b1:2d:10:d6:f7:07:95:44:39:49:48: 5f:17:d9:eb:43:35:53:55:03:5b:42:ac:8b:3f:2b: 21:3e:da:b5:8b:50:2d:a4:22:75:1a:78:17:37:e1: bb:a9:43:f3:ae:96:51:14:5a:ab:a0:50:ae:c1:a4: 4a:87:e9:17:6d:ab:78:db:9e:21:dc:ce:6b:5f:59: a3:da:0c:80:90:90:bf:86:63:97:7c:d5:29:0d:7d: 7f:cc:4b:81:43:31:04:e5:64:cc:85:cb:86:1b:37: 85:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:EE:67:13:0C:58:EF:28:EB:DF:A2:7D:FD:7F:9E:1D:08:6B:AE:79 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b336b02-f773-4fbb-bbc4-a1149b172ad2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:b000::/40 Signature Algorithm: sha256WithRSAEncryption 85:16:2c:c6:2e:f3:81:20:3a:19:9f:88:fb:62:ea:e7:9c:24: 8d:fe:d4:70:9a:96:2b:43:a3:4b:c2:bb:86:85:f7:09:71:9c: a9:56:04:8a:a1:75:9e:62:08:32:18:12:78:5e:c3:33:b7:40: b2:07:2e:b3:d7:84:48:52:3d:ca:06:78:83:02:4c:93:34:44: 31:c7:b9:b8:fd:32:e6:90:49:ec:4b:0f:88:59:a0:4f:f3:84: 30:15:f0:da:c9:ff:22:ba:83:06:5e:c8:70:eb:fc:9e:2a:75: c8:c9:d6:5d:52:8a:5e:1e:3a:b1:fc:0c:88:34:3b:d9:62:08: c2:a0:b0:2c:bf:27:f3:eb:b6:dd:43:55:e8:68:e7:74:b3:1f: 9e:a6:ca:47:cc:a6:d2:2e:55:fe:cb:51:97:c6:30:bb:14:53: 78:3c:62:12:3a:11:27:73:eb:83:45:e0:f4:1a:f8:71:59:6f: 12:7d:79:af:b2:2e:df:4d:90:d1:2a:b9:10:fb:12:e5:37:44: f7:d7:fa:e0:e0:b2:3f:5c:21:59:af:ca:fe:12:01:0a:35:bc: 77:68:a4:0c:b3:91:36:05:6f:e0:23:ea:00:c5:58:c8:3c:45: ce:e9:32:34:34:f8:20:17:6b:56:45:02:0c:23:83:b6:14:c5: 4d:39:84:76 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVqKRfxCi+ACn7sRploTQ7wXjQsowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwNzAwMDAwMFoX DTI1MDMxNDIzNTk1OVowejFJMEcGA1UEBRNAZDJiYjE1OTI0YWYzYTI2MWFmYmI0 MmUxNGE2OWI2Mzk1NDYwYTBjNzM1YTIwYWRlNTU1NTU1MTY0NzAxYzgzYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FMzo+oVgZD2+lI2nps5ZMSVItfA LaPwOucFljCrFgL44nMPm/dB8uk5DUX/hWfs6Ld5TvwPbF68J/YHyCyaSltJpKgR zsD7vsOCKwUzJkUjBVseyT2KlHFJkA1CLMOrRIZcOWI+lU0qkAcJdyTNHe7lgr4x Q212cigcIutBkRGjpsywZkrbaS+Ssf7zGBJSr3FnnE3tUWaosS0Q1vcHlUQ5SUhf F9nrQzVTVQNbQqyLPyshPtq1i1AtpCJ1GngXN+G7qUPzrpZRFFqroFCuwaRKh+kX bat4254h3M5rX1mj2gyAkJC/hmOXfNUpDX1/zEuBQzEE5WTMhcuGGzeFHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCDuZxMMWO8o69+iff1/nh0Ia655MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZiMzM2YjAyLWY3NzMtNGZiYi1iYmM0LWExMTQ5YjE3MmFkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoLAwDQYJKoZIhvcNAQELBQADggEBAIUWLMYu84EgOhmfiPti 6uecJI3+1HCalitDo0vCu4aF9wlxnKlWBIqhdZ5iCDIYEnhewzO3QLIHLrPXhEhS PcoGeIMCTJM0RDHHubj9MuaQSexLD4hZoE/zhDAV8NrJ/yK6gwZeyHDr/J4qdcjJ 1l1Sil4eOrH8DIg0O9liCMKgsCy/J/Prtt1DVeho53SzH56mykfMptIuVf7LUZfG MLsUU3g8YhI6ESdz64NF4PQa+HFZbxJ9ea+yLt9NkNEquRD7EuU3RPfX+uDgsj9c IVmvyv4SAQo1vHdopAyzkTYFb+Aj6gDFWMg8Rc7pMjQ0+CAXa1ZFAgwjg7YUxU05 hHY= -----END CERTIFICATE-----Generated at Sun Feb 16 15:46:26 2025 by rpki-client