$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e11bacb-927f-4615-8522-aca792db506c.roa File: 7e11bacb-927f-4615-8522-aca792db506c.roa (raw, json) Hash identifier: ogkMPQ0XcZwfVgb14JuXl6+5ol5YbqJwvptzH41Xg3s= Subject key identifier: B8:7C:24:38:27:A2:3A:B3:1C:18:CF:48:A7:F5:50:83:C7:3B:92:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08770AA3CC3AE08BAE0F3D35C0D7E4F5AB905EC6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e11bacb-927f-4615-8522-aca792db506c.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:77:0a:a3:cc:3a:e0:8b:ae:0f:3d:35:c0:d7:e4:f5:ab:90:5e:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c0:64:ed:c5:00:e5:ca:b0:73:ec:12:e8:ab: 14:78:e6:96:30:bf:a8:9a:69:85:a1:ee:fe:24:3f: 8b:c1:0f:dd:19:3e:1b:0b:01:e4:2a:9b:6a:13:3c: f6:2f:64:79:d5:9b:0f:b6:65:91:3e:bb:7c:4d:b0: 79:83:dc:bc:52:14:de:e3:f0:6c:04:28:9f:eb:72: 21:8b:86:7d:eb:a3:0c:48:b7:86:3e:f6:14:c3:92: 6b:f6:b3:90:35:30:6c:a5:63:ae:1e:f3:58:b9:54: 7b:cd:7a:43:bc:ef:2b:e6:ed:4a:21:5b:8a:b6:bc: 00:08:00:d4:08:05:3a:c7:13:7e:6f:0f:bd:54:9f: 44:cd:a5:87:c4:72:d4:28:07:ee:44:e6:0d:46:bb: 0b:f6:55:6e:59:99:ce:65:dd:7d:e7:ad:dd:e3:b5: 92:76:15:db:42:cb:ce:a7:ee:17:04:67:0a:f2:e8: 1c:10:ba:e3:64:73:5f:5b:be:26:a0:54:a1:e8:bd: 3c:e7:da:74:d3:6a:26:d4:1d:c1:57:02:f0:cc:d0: 8f:7d:8f:e8:7c:18:15:74:83:95:45:22:97:76:42: 79:4e:d2:86:e3:33:9c:ab:a1:0b:4b:89:91:f5:d5: fd:66:15:03:49:23:75:9d:ef:03:e4:b7:01:a3:70: db:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:7C:24:38:27:A2:3A:B3:1C:18:CF:48:A7:F5:50:83:C7:3B:92:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e11bacb-927f-4615-8522-aca792db506c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:9040::/48 Signature Algorithm: sha256WithRSAEncryption 17:1d:80:86:c2:e0:d5:b1:90:5d:31:eb:6a:1a:47:a5:87:51: 19:c8:70:ec:ca:71:63:97:b5:81:9f:ba:af:b9:fd:f8:58:94: c9:dd:97:5a:0a:84:be:b3:b0:2c:4c:41:de:d4:9a:cf:8f:c4: 73:ef:bc:8c:27:f9:db:26:ac:dc:38:5e:80:db:c9:07:24:23: 4e:05:13:42:84:61:d2:52:33:09:e8:4f:22:1e:d3:83:91:a2: ff:ff:21:b5:f7:d6:a1:bb:d7:bc:a2:ef:b2:75:73:b7:b9:0a: 74:23:82:91:81:ab:1b:b2:bf:43:a3:33:68:fb:dd:66:7f:5e: 83:e8:da:89:a0:4a:8f:d4:c0:48:1f:08:1c:7d:c7:e0:b7:d2: 2b:c8:c4:fc:59:6f:37:50:ff:46:77:a0:91:3d:36:82:bd:fe: e4:e8:f9:ce:77:e9:cd:e2:41:3f:fe:88:6f:11:10:ce:16:80: cc:0c:76:4c:cc:a8:5f:77:86:8a:4d:c4:fd:17:87:e7:58:0f: 16:47:35:3f:6e:44:a5:50:a9:f3:a6:9d:cc:28:94:44:66:66: dd:54:21:0b:e4:b7:9e:42:72:00:ce:92:0a:52:00:5f:70:f4: fb:84:02:f9:c6:c6:96:eb:d1:b3:68:8d:ca:76:70:8b:5a:e7: eb:32:50:dc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCHcKo8w64IuuDz01wNfk9auQXsYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANzg2ZWY3NTUwOGZjNmYwZTBiY2Y5 NjE4MzJmZjY0Nzc4ZWQzMDg1ODRjN2JhM2I2ZWMzZDNhZDIwOWFmNTc5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMBk7cUA5cqwc+wS6KsUeOaWML+o mmmFoe7+JD+LwQ/dGT4bCwHkKptqEzz2L2R51ZsPtmWRPrt8TbB5g9y8UhTe4/Bs BCif63Ihi4Z966MMSLeGPvYUw5Jr9rOQNTBspWOuHvNYuVR7zXpDvO8r5u1KIVuK trwACADUCAU6xxN+bw+9VJ9EzaWHxHLUKAfuROYNRrsL9lVuWZnOZd19563d47WS dhXbQsvOp+4XBGcK8ugcELrjZHNfW74moFSh6L0859p002om1B3BVwLwzNCPfY/o fBgVdIOVRSKXdkJ5TtKG4zOcq6ELS4mR9dX9ZhUDSSN1ne8D5LcBo3DbRwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLh8JDgnojqzHBjPSKf1UIPHO5LPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdlMTFiYWNiLTkyN2YtNDYxNS04NTIyLWFjYTc5MmRiNTA2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYZBAMA0GCSqGSIb3DQEBCwUAA4IBAQAXHYCGwuDVsZBdMetq Gkelh1EZyHDsynFjl7WBn7qvuf34WJTJ3ZdaCoS+s7AsTEHe1JrPj8Rz77yMJ/nb JqzcOF6A28kHJCNOBRNChGHSUjMJ6E8iHtODkaL//yG199ahu9e8ou+ydXO3uQp0 I4KRgasbsr9DozNo+91mf16D6NqJoEqP1MBIHwgcfcfgt9IryMT8WW83UP9Gd6CR PTaCvf7k6PnOd+nN4kE//ohvERDOFoDMDHZMzKhfd4aKTcT9F4fnWA8WRzU/bkSl UKnzpp3MKJREZmbdVCEL5LeeQnIAzpIKUgBfcPT7hAL5xsaW69GzaI3KdnCLWufr MlDc -----END CERTIFICATE-----Generated at Wed Feb 5 04:09:17 2025 by rpki-client