$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa File: 6de13c1e-8034-41b3-90e3-760249997c22.roa (raw, json) Hash identifier: roGvVhMTh9Gtj58kUs/OLHuMSHnqbhzi3KUKXPXaJ4A= Subject key identifier: 0C:5D:86:FB:66:F4:59:ED:C8:56:70:9E:87:6F:AB:0B:21:91:FF:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4309ADA2DEE331AFA5AE8E512AEED1105D36FF00 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa Signing time: Sat 25 Jan 2025 00:00:00 +0000 ROA not before: Sat 25 Jan 2025 00:00:00 +0000 ROA not after: Sat 01 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:09:ad:a2:de:e3:31:af:a5:ae:8e:51:2a:ee:d1:10:5d:36:ff:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 25 00:00:00 2025 GMT Not After : Mar 1 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:90:2e:8c:c0:55:1e:56:1b:22:d0:1c:c0:71: d9:2f:d0:7f:01:07:0f:c4:40:56:00:d0:0d:9f:ab: 97:70:b8:3c:f6:6e:5c:41:f8:9b:25:cc:c1:6b:e2: 32:29:44:c9:f7:7d:1f:2f:c4:f1:97:62:4e:d2:d3: e9:87:6a:4c:1a:b9:72:f2:af:32:db:8a:44:07:a0: c3:4c:a5:ee:3e:2a:8f:42:29:d6:ac:2d:cc:12:28: ce:40:e6:d3:1f:c9:4f:20:3d:0c:97:e4:ea:ff:56: 4e:b9:de:49:bc:63:6d:5d:57:5f:ff:2d:1e:82:22: 31:ee:d2:59:2a:20:53:5d:66:20:30:f0:22:96:ba: ce:a0:83:dc:c5:59:f1:29:8c:56:1d:d4:b6:a6:86: 75:db:79:54:3e:58:e0:87:e9:65:63:ce:2e:e2:ba: 82:21:51:38:16:fd:7e:9b:e3:bc:a2:3f:0c:a2:58: e4:e7:71:f7:0b:fb:f5:fd:00:b0:49:f6:a7:8c:9d: bd:e4:73:fa:a8:4d:ec:a7:71:9d:f3:56:37:82:a5: d3:a9:be:ae:45:b3:36:e9:3b:57:1c:77:b7:30:a8: 82:5d:2b:d7:7d:f2:41:9a:39:dc:04:35:a8:65:1d: 95:f7:6e:28:67:10:eb:71:2c:18:7f:b1:ef:a9:01: 13:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:5D:86:FB:66:F4:59:ED:C8:56:70:9E:87:6F:AB:0B:21:91:FF:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:8800::/40 Signature Algorithm: sha256WithRSAEncryption ac:e0:5f:41:2b:c2:0f:7f:ee:f1:66:84:57:43:84:a8:93:bf: 9f:54:75:86:08:91:fc:01:79:7c:9b:de:ba:f0:7d:70:33:b0: d8:ff:d9:55:de:50:b6:2a:30:15:43:8e:ae:54:a1:fd:2e:fa: 2b:13:14:4b:60:38:35:b5:33:11:ec:e6:ff:81:c5:40:22:08: 0c:b2:1c:67:a4:f8:ce:41:03:f4:9c:9d:e5:0e:a8:fc:6f:21: 9a:80:07:07:87:65:16:80:ac:0c:6b:d2:1d:d5:48:94:ae:e3: 47:14:ff:c0:21:3f:84:71:6a:2c:58:42:2c:f0:bf:bc:3a:15: 89:b7:51:25:c4:45:01:d3:49:44:5a:b2:49:d9:26:f7:a7:35: 43:23:a1:fd:84:88:31:9a:02:fc:a8:89:53:1e:f6:52:df:de: 12:ee:62:39:dd:e8:06:46:31:bc:1b:bd:57:97:29:e3:e9:17: 12:d7:53:bf:73:07:a0:28:02:8a:bf:e7:71:de:97:43:6a:fc: c5:fc:86:ed:b7:4f:2e:65:45:95:5c:a4:ab:bc:dd:d1:00:3a: 63:09:85:66:a4:03:fc:60:27:f3:e0:35:99:ff:64:4f:ef:a7: 3f:ea:90:6e:cd:8e:a9:55:a9:72:9a:1c:df:43:e8:b7:23:4b: 96:8f:02:b3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQwmtot7jMa+lro5RKu7REF02/wAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNTAwMDAwMFoX DTI1MDMwMTIzNTk1OVowejFJMEcGA1UEBRNAYWQ2NzAwOWZjY2Y5ZDk4NGE5NmU1 ZDE5MGQ1Njk2N2Q2ZjljMTM2NGNkYjM0OGIxZGJkZWU5NzBmZGQyNjI2MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZAujMBVHlYbItAcwHHZL9B/AQcP xEBWANANn6uXcLg89m5cQfibJczBa+IyKUTJ930fL8Txl2JO0tPph2pMGrly8q8y 24pEB6DDTKXuPiqPQinWrC3MEijOQObTH8lPID0Ml+Tq/1ZOud5JvGNtXVdf/y0e giIx7tJZKiBTXWYgMPAilrrOoIPcxVnxKYxWHdS2poZ123lUPljgh+llY84u4rqC IVE4Fv1+m+O8oj8Moljk53H3C/v1/QCwSfanjJ295HP6qE3sp3Gd81Y3gqXTqb6u RbM26TtXHHe3MKiCXSvXffJBmjncBDWoZR2V924oZxDrcSwYf7HvqQETsQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAxdhvtm9FntyFZwnodvqwshkf8KMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZkZTEzYzFlLTgwMzQtNDFiMy05MGUzLTc2MDI0OTk5N2MyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/ogwDQYJKoZIhvcNAQELBQADggEBAKzgX0Erwg9/7vFmhFdD hKiTv59UdYYIkfwBeXyb3rrwfXAzsNj/2VXeULYqMBVDjq5Uof0u+isTFEtgODW1 MxHs5v+BxUAiCAyyHGek+M5BA/ScneUOqPxvIZqABweHZRaArAxr0h3VSJSu40cU /8AhP4RxaixYQizwv7w6FYm3USXERQHTSURasknZJvenNUMjof2EiDGaAvyoiVMe 9lLf3hLuYjnd6AZGMbwbvVeXKePpFxLXU79zB6AoAoq/53Hel0Nq/MX8hu23Ty5l RZVcpKu83dEAOmMJhWakA/xgJ/PgNZn/ZE/vpz/qkG7NjqlVqXKaHN9D6LcjS5aP ArM= -----END CERTIFICATE-----Generated at Sun Feb 16 15:47:57 2025 by rpki-client