$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/793c08d0-65bf-4078-a267-d0adfdb54fc8.roa File: 793c08d0-65bf-4078-a267-d0adfdb54fc8.roa (raw, json) Hash identifier: JC34hBdpB0y1D6QQ/1H4vcjvGQL5yn3muP/d6gx6rPc= Subject key identifier: BE:08:6E:BE:15:54:B6:DF:38:69:CB:00:FF:18:24:14:63:BF:61:D6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6BFE69D8B2723D4D8B53309D70F840E2E0D7B098 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/793c08d0-65bf-4078-a267-d0adfdb54fc8.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:fe:69:d8:b2:72:3d:4d:8b:53:30:9d:70:f8:40:e2:e0:d7:b0:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:f1:10:dc:db:00:00:1a:c2:42:00:71:ed:25: df:13:7e:83:44:46:8c:26:f8:66:54:2d:19:9a:0f: 23:60:00:38:1b:c0:ce:f6:5f:50:8b:5e:a9:40:32: c5:31:f3:f7:14:f5:54:9a:87:f1:3f:98:1c:86:96: 0e:75:df:43:90:05:64:bb:80:82:6a:ce:11:ef:ae: 58:55:e8:a8:49:c4:26:27:1f:e8:10:12:45:ff:52: d0:c6:2b:34:a6:d6:85:4c:e1:b7:97:a4:f2:a9:08: cd:00:2c:06:cb:2e:00:25:ec:e8:58:f2:13:00:ab: 2b:13:3e:b7:c2:80:f0:f1:08:77:e0:c6:c6:c7:83: 76:7f:3e:6d:e5:eb:36:ff:21:51:d4:cb:2a:5a:74: c0:88:f1:c3:bd:20:2a:de:af:29:2a:7f:24:de:13: cc:67:ab:21:16:af:0c:37:58:07:ee:e3:f1:7f:7d: 57:f7:9b:bb:14:15:e4:23:84:1b:f5:48:b9:45:0f: 31:dc:55:b7:e3:18:43:d2:60:f2:c8:86:3f:59:dc: 72:f5:fd:ed:39:67:88:24:e0:46:c3:c5:6b:c0:93: 92:c9:d6:bd:1c:cb:2c:2b:7f:1b:b1:45:09:b6:a9: fd:a9:4e:8d:45:7f:a7:7d:e4:5e:af:48:55:52:b1: d7:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:08:6E:BE:15:54:B6:DF:38:69:CB:00:FF:18:24:14:63:BF:61:D6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/793c08d0-65bf-4078-a267-d0adfdb54fc8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4080::/48 Signature Algorithm: sha256WithRSAEncryption 2e:40:6c:15:53:1a:09:36:cb:11:31:66:f0:26:35:bf:34:b5: 14:8c:48:dd:89:f9:00:09:15:9a:b2:0b:50:13:45:54:7d:6a: ba:ff:24:98:13:e1:84:db:5e:6e:a7:4a:19:92:49:01:0f:8a: 7f:eb:51:87:f9:4d:d4:fd:84:2d:51:52:32:35:6b:22:a0:d0: c7:bd:27:13:d1:47:b0:10:af:e7:54:17:17:e1:64:73:ae:98: 58:3b:5c:84:6f:9c:45:99:aa:a5:12:4b:2f:a0:64:9a:08:46: 51:84:cc:be:fd:4f:00:de:ea:c4:d5:0e:7f:39:08:a0:a4:b8: 52:ea:52:8e:38:36:06:f3:b6:00:23:5f:37:a2:6c:c4:4e:89: 08:5d:9a:dc:32:39:7e:2e:52:6c:c2:40:39:fe:ab:ca:31:f7: 0a:7c:2f:59:5f:34:5b:3c:53:7c:5e:cf:12:1e:6e:29:16:fb: 3d:7e:86:8c:f2:a6:b7:27:c9:ae:55:5c:a2:58:9f:ed:29:51: 39:e3:55:3e:81:c4:3b:8a:cb:28:66:5a:fd:a5:1a:3d:28:fb: 7a:20:53:23:75:1e:33:f8:3a:f6:81:9b:d3:b0:b0:c6:61:6c: 1d:10:87:66:4d:81:60:da:e6:8e:32:f3:03:96:ef:e4:70:ba: 99:73:0d:fa -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUa/5p2LJyPU2LUzCdcPhA4uDXsJgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZDVmMTYxZTJlNTdkNTNjM2FhZjg4 ZWRmNTQ2MzU5NTY0YTFiM2JlMzc1Y2VkMGJiMmE5ZTNhNzhkNTJmOTQ3MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPEQ3NsAABrCQgBx7SXfE36DREaM JvhmVC0Zmg8jYAA4G8DO9l9Qi16pQDLFMfP3FPVUmofxP5gchpYOdd9DkAVku4CC as4R765YVeioScQmJx/oEBJF/1LQxis0ptaFTOG3l6TyqQjNACwGyy4AJezoWPIT AKsrEz63woDw8Qh34MbGx4N2fz5t5es2/yFR1MsqWnTAiPHDvSAq3q8pKn8k3hPM Z6shFq8MN1gH7uPxf31X95u7FBXkI4Qb9Ui5RQ8x3FW34xhD0mDyyIY/Wdxy9f3t OWeIJOBGw8VrwJOSyda9HMssK38bsUUJtqn9qU6NRX+nfeRer0hVUrHX3QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL4Ibr4VVLbfOGnLAP8YJBRjv2HWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5M2MwOGQwLTY1YmYtNDA3OC1hMjY3LWQwYWRmZGI1NGZjOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQAuQGwVUxoJNssRMWbw JjW/NLUUjEjdifkACRWasgtQE0VUfWq6/ySYE+GE215up0oZkkkBD4p/61GH+U3U /YQtUVIyNWsioNDHvScT0UewEK/nVBcX4WRzrphYO1yEb5xFmaqlEksvoGSaCEZR hMy+/U8A3urE1Q5/OQigpLhS6lKOODYG87YAI183omzETokIXZrcMjl+LlJswkA5 /qvKMfcKfC9ZXzRbPFN8Xs8SHm4pFvs9foaM8qa3J8muVVyiWJ/tKVE541U+gcQ7 issoZlr9pRo9KPt6IFMjdR4z+Dr2gZvTsLDGYWwdEIdmTYFg2uaOMvMDlu/kcLqZ cw36 -----END CERTIFICATE-----Generated at Wed Feb 5 04:04:33 2025 by rpki-client