$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8585b68c-1041-463e-a5f7-1c3d0d88dc84.roa File: 8585b68c-1041-463e-a5f7-1c3d0d88dc84.roa (raw, json) Hash identifier: HOWkWJnbXfH+Oy5TYdHpSPkvuZwyq/p4vpbftyqE/5U= Subject key identifier: D3:CA:8C:A5:67:32:B7:45:0D:F0:61:9D:54:1F:71:EC:4C:54:98:45 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0302A62BF872FDCD8EB06796FB5B1B635FAB49BB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8585b68c-1041-463e-a5f7-1c3d0d88dc84.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:f080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:02:a6:2b:f8:72:fd:cd:8e:b0:67:96:fb:5b:1b:63:5f:ab:49:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:b4:28:52:30:2d:89:2b:34:bd:f4:af:ef:4c: 7d:98:c6:d4:14:11:4b:21:bc:cb:e4:d1:b3:21:dc: e5:ee:68:82:bb:94:ea:33:35:75:c4:73:d8:ed:b8: 38:77:b6:a7:59:c0:98:46:7d:e3:59:cb:09:33:a0: 8b:10:71:c8:7d:20:9d:53:7e:ea:1b:da:9d:81:b1: 73:ed:7a:45:ba:80:ed:1b:a3:46:65:eb:37:15:ad: 73:2f:6f:33:18:e4:55:fb:d7:2f:b7:c2:6e:0e:65: 48:b4:34:29:3d:57:d4:0d:12:1f:0f:fc:8b:6d:fd: 71:bf:7b:0b:e1:f2:cb:9f:01:ae:2b:a3:81:e4:54: 5d:f4:b2:59:06:f4:5b:ff:4d:5f:35:89:7b:65:bd: 7a:a6:0f:19:b5:68:53:5f:cc:cd:57:a8:b9:b0:40: 98:ae:c0:2c:94:85:23:e5:ee:f5:86:cb:b9:16:b5: e2:f4:ce:4b:99:b3:ef:f7:1a:e2:de:8f:cd:fb:7b: 82:68:f6:76:c5:4b:d9:a7:d8:92:2c:da:a5:13:af: 0b:3c:a3:ab:60:4f:93:43:79:cd:14:ac:c9:c6:9b: a0:97:aa:c1:82:ec:0a:a2:34:b9:da:f2:a6:58:01: 3d:88:88:fb:4b:b3:4b:b8:b8:e3:d5:05:e5:a9:d1: 1b:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:CA:8C:A5:67:32:B7:45:0D:F0:61:9D:54:1F:71:EC:4C:54:98:45 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8585b68c-1041-463e-a5f7-1c3d0d88dc84.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:f080::/46 Signature Algorithm: sha256WithRSAEncryption cb:0a:93:c8:15:84:25:c1:ab:cb:8c:83:9f:27:5d:66:f8:fc: 37:6d:2a:7f:5c:f5:6c:b9:44:83:3e:fc:67:8e:d9:e0:a9:73: be:ab:59:31:d5:50:78:bb:7d:41:dc:b2:26:2e:c1:e7:8f:09: 1e:8a:1d:9d:1a:6a:ab:4f:07:df:75:32:ed:12:d7:de:1d:14: 5f:98:04:32:be:ed:03:1f:40:7e:11:92:cc:e4:e8:09:fb:71: ad:d9:aa:ba:7b:81:e1:0c:4b:38:e4:0e:d0:fa:4c:c8:4b:2a: 05:f4:75:76:7c:fe:26:5c:4d:d3:0a:60:87:41:10:a5:c5:8a: c5:43:4c:3f:9c:92:27:a1:54:bd:4f:16:d6:da:ca:cd:54:bd: 36:5e:f3:c7:72:b3:ad:3b:d5:8a:52:66:7b:cd:e3:04:bf:42: 83:b4:75:83:42:a3:e3:d0:42:f5:26:da:2f:73:5b:e7:8f:ec: d8:4c:02:a8:73:18:65:55:5b:cf:34:77:b7:dc:63:4f:aa:d4: e0:1f:2a:e4:ef:97:6c:98:80:56:0b:91:2a:f5:3e:7e:bb:4d: 47:8a:f6:df:d5:da:b1:cb:f2:8b:20:cd:e7:0f:15:d5:37:86: 5e:2d:85:ed:f6:cf:45:fe:d1:2e:bd:a9:21:38:98:db:ac:4c: 78:13:23:c5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAwKmK/hy/c2OsGeW+1sbY1+rSbswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANzI4YzFmNzc5MjYzMDZjZGJmYjdj ZDkxYTZmMzA4YjlkYmMyNWU1Mjc5NDhhZGY1YTJjYTZiYjI0YzM2NTFjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17QoUjAtiSs0vfSv70x9mMbUFBFL IbzL5NGzIdzl7miCu5TqMzV1xHPY7bg4d7anWcCYRn3jWcsJM6CLEHHIfSCdU37q G9qdgbFz7XpFuoDtG6NGZes3Fa1zL28zGORV+9cvt8JuDmVItDQpPVfUDRIfD/yL bf1xv3sL4fLLnwGuK6OB5FRd9LJZBvRb/01fNYl7Zb16pg8ZtWhTX8zNV6i5sECY rsAslIUj5e71hsu5FrXi9M5LmbPv9xri3o/N+3uCaPZ2xUvZp9iSLNqlE68LPKOr YE+TQ3nNFKzJxpugl6rBguwKojS52vKmWAE9iIj7S7NLuLjj1QXlqdEbVwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNPKjKVnMrdFDfBhnVQfcexMVJhFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg1ODViNjhjLTEwNDEtNDYzZS1hNWY3LTFjM2QwZDg4ZGM4NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaafCAMA0GCSqGSIb3DQEBCwUAA4IBAQDLCpPIFYQlwavLjIOf J11m+Pw3bSp/XPVsuUSDPvxnjtngqXO+q1kx1VB4u31B3LImLsHnjwkeih2dGmqr TwffdTLtEtfeHRRfmAQyvu0DH0B+EZLM5OgJ+3Gt2aq6e4HhDEs45A7Q+kzISyoF 9HV2fP4mXE3TCmCHQRClxYrFQ0w/nJInoVS9TxbW2srNVL02XvPHcrOtO9WKUmZ7 zeMEv0KDtHWDQqPj0EL1Jtovc1vnj+zYTAKocxhlVVvPNHe33GNPqtTgHyrk75ds mIBWC5Eq9T5+u01Hivbf1dqxy/KLIM3nDxXVN4ZeLYXt9s9F/tEuvakhOJjbrEx4 EyPF -----END CERTIFICATE-----Generated at Wed Feb 5 04:06:23 2025 by rpki-client