$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa File: 89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa (raw, json) Hash identifier: Uzvd3oaUUD3Xgoihfgg8uHbOmtxr6HI/IJLLqqTd628= Subject key identifier: D5:11:21:C3:7A:05:54:87:1E:E1:AB:00:F6:2A:A9:BF:06:0A:6A:8F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 339EE4C954FE50857C3570B96D4A8B772EE52FFC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:2020::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:9e:e4:c9:54:fe:50:85:7c:35:70:b9:6d:4a:8b:77:2e:e5:2f:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:1a:ba:6b:c8:c1:21:a8:9c:df:fc:ad:5c:ec: 2b:d6:95:f6:31:57:55:ff:88:52:15:4d:0a:aa:34: d0:1b:85:b7:84:6e:8a:ab:aa:39:80:b6:65:5f:8e: 8c:d1:03:7d:95:71:9b:62:3f:f6:32:99:26:31:9d: 33:aa:75:2d:3e:f7:ab:6b:6e:da:11:3f:ab:da:54: 32:e5:b2:fe:2b:6d:15:0e:83:4e:b7:5c:6f:70:d3: 98:05:56:1f:c4:32:ba:ee:74:71:51:2b:a2:63:4a: 25:79:ad:6e:5c:67:49:4c:e6:33:b3:a8:b5:b8:67: bd:78:f8:89:e5:a0:4f:4a:e7:05:5d:63:54:46:54: ce:c2:e6:56:fd:c4:3a:64:2b:bd:aa:47:fb:19:e8: 98:ab:f7:bc:d8:8a:a7:93:62:0b:e7:d5:5b:57:d5: 2f:c3:2c:d1:32:7e:44:e5:ad:ab:38:df:a5:13:7b: 46:cb:51:ba:5c:c0:62:14:81:73:42:01:f2:d2:6b: 4f:08:8f:39:48:31:26:2a:9f:e6:20:34:78:ef:d3: 02:9f:38:e2:fb:ea:4e:c1:2a:c3:50:08:26:e4:75: 04:2d:20:eb:7b:86:30:ec:21:04:47:89:45:04:2f: e3:93:5f:b6:1d:2d:e8:10:a0:5b:42:9b:0a:1c:f8: 36:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:11:21:C3:7A:05:54:87:1E:E1:AB:00:F6:2A:A9:BF:06:0A:6A:8F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:2020::/46 Signature Algorithm: sha256WithRSAEncryption 03:2e:a9:da:03:a5:45:27:f4:e5:96:34:11:32:71:43:7e:db: 8f:eb:15:db:fa:a1:38:19:fe:f8:f0:c0:93:91:7b:0e:7e:f1: 73:50:a4:0c:fc:6c:a2:ae:53:4c:ce:4f:b0:37:0f:ed:8a:e1: ef:06:dd:8f:d6:80:74:2e:c7:ce:b0:d1:ae:90:a9:88:29:a3: b9:50:93:80:44:f8:e2:8d:51:13:93:86:a3:58:12:4b:9d:dc: 50:39:0a:a3:27:70:21:0a:04:c9:5e:c9:bf:4a:4a:61:69:af: dd:8c:ae:93:34:8e:e2:dc:6b:a7:48:e4:7d:56:d2:44:17:66: 3e:e7:99:3c:14:60:a2:aa:44:84:7a:a6:13:bf:02:67:8c:a9: 5c:07:f3:31:a5:d4:1d:9f:d9:52:32:89:9c:89:a4:eb:38:ab: 56:68:dc:74:84:bb:12:bf:3c:1a:8f:1b:8c:33:10:18:f6:d1: 4b:2c:2b:d4:37:ed:41:df:e4:60:df:ed:48:24:73:e3:42:ad: 6c:49:05:bf:be:dc:a6:6d:da:cc:68:8c:49:21:51:b3:2b:ff: df:ad:02:1c:d9:a2:af:b3:e7:fe:f1:17:8d:3b:49:e3:3f:97: cc:15:69:a3:ae:31:e9:b3:81:0b:68:51:cb:20:33:b1:c7:43: f8:16:ef:f3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUM57kyVT+UIV8NXC5bUqLdy7lL/wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMWQ4ZGQwYzc0NzBmZjUwODc4MWEy NWVlNzNkMzc5ZjNmOTliMzcyYTczN2ZkZmQ0NDA4MGE3MDVjNmE5YTk3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBq6a8jBIaic3/ytXOwr1pX2MVdV /4hSFU0KqjTQG4W3hG6Kq6o5gLZlX46M0QN9lXGbYj/2MpkmMZ0zqnUtPvera27a ET+r2lQy5bL+K20VDoNOt1xvcNOYBVYfxDK67nRxUSuiY0olea1uXGdJTOYzs6i1 uGe9ePiJ5aBPSucFXWNURlTOwuZW/cQ6ZCu9qkf7GeiYq/e82Iqnk2IL59VbV9Uv wyzRMn5E5a2rON+lE3tGy1G6XMBiFIFzQgHy0mtPCI85SDEmKp/mIDR479MCnzji ++pOwSrDUAgm5HUELSDre4Yw7CEER4lFBC/jk1+2HS3oEKBbQpsKHPg2KwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNURIcN6BVSHHuGrAPYqqb8GCmqPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg5ZmJiNWM1LTBmZjktNDU0OC1iYjUwLTZlNDIxZWM2ZTI3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba9yAgMA0GCSqGSIb3DQEBCwUAA4IBAQADLqnaA6VFJ/TlljQR MnFDftuP6xXb+qE4Gf748MCTkXsOfvFzUKQM/GyirlNMzk+wNw/tiuHvBt2P1oB0 LsfOsNGukKmIKaO5UJOARPjijVETk4ajWBJLndxQOQqjJ3AhCgTJXsm/Skphaa/d jK6TNI7i3GunSOR9VtJEF2Y+55k8FGCiqkSEeqYTvwJnjKlcB/MxpdQdn9lSMomc iaTrOKtWaNx0hLsSvzwajxuMMxAY9tFLLCvUN+1B3+Rg3+1IJHPjQq1sSQW/vtym bdrMaIxJIVGzK//frQIc2aKvs+f+8ReNO0njP5fMFWmjrjHps4ELaFHLIDOxx0P4 Fu/z -----END CERTIFICATE-----Generated at Wed Feb 5 03:51:12 2025 by rpki-client