$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7676a4ae-69f1-4600-8f79-2d24ed7e0307.roa File: 7676a4ae-69f1-4600-8f79-2d24ed7e0307.roa (raw, json) Hash identifier: nW5t679KxQKVS5Y+RDH4z/5QmP0J/HudbBYVxNqrZFY= Subject key identifier: 09:8A:DE:8A:34:3F:37:C8:32:33:7B:5B:8F:30:7A:00:F5:9B:44:C7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 796D2B788543F7A8111ED043DE513B6F09C1B2D5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7676a4ae-69f1-4600-8f79-2d24ed7e0307.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:8840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:6d:2b:78:85:43:f7:a8:11:1e:d0:43:de:51:3b:6f:09:c1:b2:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:70:0a:d3:76:42:d3:ad:f5:db:c9:14:02:3d: 6c:42:89:f5:4d:11:16:96:42:3c:dc:7e:96:5b:3c: a0:07:d2:24:89:3d:bc:1e:1b:cc:f1:48:2e:0b:65: da:01:f8:15:e3:68:24:e7:d4:fe:c8:e1:8a:05:cb: ed:56:5c:8c:52:50:c7:1f:52:7f:6a:fa:ee:62:65: 6c:80:ce:8d:c6:25:db:28:4c:47:57:48:47:14:0c: 18:a5:02:74:41:aa:a4:ce:28:57:3e:19:02:22:c8: 90:2f:34:c8:0b:20:da:23:84:94:cc:9d:d0:9b:a1: 93:7d:e6:60:c2:0f:7a:72:cd:6a:cb:80:02:66:48: ed:70:e9:e4:96:03:51:7c:3c:12:0f:79:a0:d5:1a: da:a3:df:88:c3:09:11:d3:b0:26:a0:f7:4d:fc:65: 12:d9:b5:e3:b8:b6:c3:7b:77:bd:6b:33:61:14:1a: 49:ed:52:70:f2:40:b5:53:c3:65:25:5d:07:25:c4: f9:fa:0e:a1:75:18:9e:2e:53:14:39:82:07:2f:8c: ee:7c:24:7b:cf:ca:3c:52:0c:3f:22:11:66:d3:55: fe:00:4b:55:ec:74:b4:b3:2c:04:71:50:29:66:4c: 7f:95:1e:33:54:dc:42:14:02:2d:19:e9:9b:8a:21: b5:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:8A:DE:8A:34:3F:37:C8:32:33:7B:5B:8F:30:7A:00:F5:9B:44:C7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7676a4ae-69f1-4600-8f79-2d24ed7e0307.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:8840::/48 Signature Algorithm: sha256WithRSAEncryption 83:67:65:aa:59:62:c5:7f:83:33:f2:ac:6f:e2:ca:e6:67:46: 03:8f:94:75:f4:22:8a:8b:7e:49:82:79:d1:98:7d:e7:6a:70: 76:74:4f:7d:01:5b:12:f2:f3:5d:51:a5:03:19:a7:4f:3b:33: 2b:76:54:4b:7c:93:01:79:f5:60:4a:24:2a:41:57:ba:52:76: f4:c7:81:f4:f2:b3:ce:d5:fd:9c:f2:c2:fa:80:ac:03:fc:13: 2a:5c:22:39:71:5a:aa:7f:8a:8a:95:1c:11:74:11:19:08:ac: 28:23:2f:62:e0:9c:ef:e1:f0:8c:d7:fb:28:9e:4c:bc:95:77: 2f:9d:55:30:0b:3b:d3:55:90:03:be:47:ef:9b:a5:00:d4:b9: 84:7a:03:e4:33:b2:fd:b7:ff:8b:de:42:31:50:39:d4:46:40: 1c:6a:86:04:77:7f:16:2c:32:b7:a2:70:ac:04:2b:1a:03:eb: e3:e8:d0:b7:91:e2:24:0c:08:54:38:e1:96:15:dd:0b:bd:aa: 66:ba:af:e5:4b:c0:ef:7d:08:8b:8b:ad:7c:a4:ca:72:41:0a: 25:07:b9:0e:01:08:dd:8c:8e:e0:81:b1:88:12:aa:48:a6:7e: 10:7d:a4:d7:74:49:94:28:7b:3c:8d:77:a2:8a:04:da:03:e2: 09:63:b3:36 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUeW0reIVD96gRHtBD3lE7bwnBstUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNAYmMxYzEyNjRjOWViODFiYjIzZjc4 MjI5M2E0ZWRkNTI4MDhmODg5ZTRjN2U5NDJjM2ZmYTFkMjkxMjJmZGQwYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXAK03ZC063128kUAj1sQon1TREW lkI83H6WWzygB9IkiT28HhvM8UguC2XaAfgV42gk59T+yOGKBcvtVlyMUlDHH1J/ avruYmVsgM6NxiXbKExHV0hHFAwYpQJ0QaqkzihXPhkCIsiQLzTICyDaI4SUzJ3Q m6GTfeZgwg96cs1qy4ACZkjtcOnklgNRfDwSD3mg1Rrao9+IwwkR07AmoPdN/GUS 2bXjuLbDe3e9azNhFBpJ7VJw8kC1U8NlJV0HJcT5+g6hdRieLlMUOYIHL4zufCR7 z8o8Ugw/IhFm01X+AEtV7HS0sywEcVApZkx/lR4zVNxCFAItGembiiG1FwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAmK3oo0PzfIMjN7W48wegD1m0THMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc2NzZhNGFlLTY5ZjEtNDYwMC04Zjc5LTJkMjRlZDdlMDMwNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8ohAMA0GCSqGSIb3DQEBCwUAA4IBAQCDZ2WqWWLFf4Mz8qxv 4srmZ0YDj5R19CKKi35JgnnRmH3nanB2dE99AVsS8vNdUaUDGadPOzMrdlRLfJMB efVgSiQqQVe6Unb0x4H08rPO1f2c8sL6gKwD/BMqXCI5cVqqf4qKlRwRdBEZCKwo Iy9i4Jzv4fCM1/sonky8lXcvnVUwCzvTVZADvkfvm6UA1LmEegPkM7L9t/+L3kIx UDnURkAcaoYEd38WLDK3onCsBCsaA+vj6NC3keIkDAhUOOGWFd0Lvapmuq/lS8Dv fQiLi618pMpyQQolB7kOAQjdjI7ggbGIEqpIpn4QfaTXdEmUKHs8jXeiigTaA+IJ Y7M2 -----END CERTIFICATE-----Generated at Wed Feb 5 03:55:58 2025 by rpki-client