$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa File: 8bd3366c-489c-4afe-af18-d26b5824bd0e.roa (raw, json) Hash identifier: /AozKFKOdIGNjNMEBUEf36QJngfHnfzVmVzYr7qRa7I= Subject key identifier: 54:56:3A:40:04:DE:CC:D3:1F:AA:D7:5A:75:84:90:F8:8C:49:0E:79 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 64392C07D4E666D720059DD07E81FA30E8E9E81D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:39:2c:07:d4:e6:66:d7:20:05:9d:d0:7e:81:fa:30:e8:e9:e8:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:7b:93:75:8f:aa:63:99:25:da:b3:1a:41:9f: 13:70:fa:38:23:f1:ee:5a:ab:f6:e1:28:ff:76:3b: 94:b4:53:41:2b:48:13:22:4a:50:fb:f7:ca:02:b9: 84:b4:c7:65:9e:16:3f:99:5b:aa:e9:bd:db:05:2a: 0f:3c:cf:f9:72:f9:49:df:72:cb:65:7e:76:5a:35: ff:df:01:8d:cf:f8:64:1d:cf:12:3b:45:23:17:a7: e3:92:d3:f2:92:73:4c:af:04:ed:48:a6:c6:89:27: 86:da:81:41:c0:cb:68:ba:3c:b3:79:3b:bd:4e:fd: 96:ea:71:a7:73:bd:bb:07:3f:dc:41:f2:92:74:6a: 4a:92:fb:8c:e0:95:8e:d2:da:0d:c9:c8:cc:12:9a: 65:2b:3c:9b:3d:3e:8e:df:58:bc:55:3e:e0:bd:80: e1:d4:06:a2:2f:0d:69:c0:c9:7c:0d:86:c9:9e:ca: 45:95:dc:d7:92:e9:9c:ae:5f:76:7a:f9:58:19:c4: d3:4a:00:b5:d3:f5:9b:b4:6e:39:fd:e5:9c:26:fc: d1:5a:19:ae:ce:8c:05:2f:4a:6e:68:83:99:5f:fe: 38:60:a3:91:25:68:a5:07:fd:15:4d:4e:dc:f0:7e: 89:3b:39:f0:99:11:80:22:9e:9e:0b:f5:de:cd:20: 72:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:56:3A:40:04:DE:CC:D3:1F:AA:D7:5A:75:84:90:F8:8C:49:0E:79 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:9040::/48 Signature Algorithm: sha256WithRSAEncryption 39:c8:96:0d:f7:aa:ee:9e:f1:84:04:cb:4e:0e:9d:6d:12:a3: 7d:3f:da:2a:c2:b8:af:09:59:5a:25:f4:00:ab:c0:90:1a:41: 23:e4:07:c7:1a:67:13:c9:15:47:ca:34:47:5d:8e:da:0f:ca: 28:7a:2f:2a:bd:bb:fd:c1:05:16:9d:20:a9:9c:21:c2:c6:03: 5f:0b:fe:22:db:f4:76:f3:32:36:d7:dc:ca:06:34:56:92:1c: c3:bc:e7:9a:e6:10:57:b3:53:5c:43:be:79:e9:33:32:d7:5e: 6a:1e:3a:67:03:84:5a:62:ce:6e:5f:79:e6:85:10:d6:55:f6: ff:04:c0:f3:45:3d:ac:ed:8e:de:2d:a5:bf:22:f6:82:7e:13: 9b:83:a6:90:cb:44:65:68:e1:1a:3c:f4:79:f4:83:6c:cc:64: 0f:37:b5:28:4e:e8:9e:5e:54:77:b9:17:41:91:df:f7:f2:70: 2c:b5:8b:8d:df:e1:b7:c2:c6:b2:76:fb:55:14:4f:e7:c4:49: c3:c8:a9:88:74:27:6d:71:48:da:5f:57:8e:cc:fa:cb:aa:07: 2f:4a:9c:9b:e0:c7:5c:6b:be:84:d9:ac:43:97:b1:84:9b:50: f8:73:16:83:95:a0:07:fb:95:c9:f4:da:f0:90:18:da:b4:dd: df:4c:be:a0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZDksB9TmZtcgBZ3QfoH6MOjp6B0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYzY1YzBjOWE3OGU5ZjZjNTJiNjFj NmMyODVjNjU4MTk3ZGEyZDU5OGJjN2RkZjA1Y2ZkODIyZDI3YmFlMGUyNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnuTdY+qY5kl2rMaQZ8TcPo4I/Hu Wqv24Sj/djuUtFNBK0gTIkpQ+/fKArmEtMdlnhY/mVuq6b3bBSoPPM/5cvlJ33LL ZX52WjX/3wGNz/hkHc8SO0UjF6fjktPyknNMrwTtSKbGiSeG2oFBwMtoujyzeTu9 Tv2W6nGnc727Bz/cQfKSdGpKkvuM4JWO0toNycjMEpplKzybPT6O31i8VT7gvYDh 1AaiLw1pwMl8DYbJnspFldzXkumcrl92evlYGcTTSgC10/WbtG45/eWcJvzRWhmu zowFL0puaIOZX/44YKORJWilB/0VTU7c8H6JOznwmRGAIp6eC/XezSBydQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFRWOkAE3szTH6rXWnWEkPiMSQ55MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiZDMzNjZjLTQ4OWMtNGFmZS1hZjE4LWQyNmI1ODI0YmQwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8pBAMA0GCSqGSIb3DQEBCwUAA4IBAQA5yJYN96runvGEBMtO Dp1tEqN9P9oqwrivCVlaJfQAq8CQGkEj5AfHGmcTyRVHyjRHXY7aD8ooei8qvbv9 wQUWnSCpnCHCxgNfC/4i2/R28zI219zKBjRWkhzDvOea5hBXs1NcQ7556TMy115q HjpnA4RaYs5uX3nmhRDWVfb/BMDzRT2s7Y7eLaW/IvaCfhObg6aQy0RlaOEaPPR5 9INszGQPN7UoTuieXlR3uRdBkd/38nAstYuN3+G3wsaydvtVFE/nxEnDyKmIdCdt cUjaX1eOzPrLqgcvSpyb4Mdca76E2axDl7GEm1D4cxaDlaAH+5XJ9NrwkBjatN3f TL6g -----END CERTIFICATE-----Generated at Wed Feb 5 04:11:37 2025 by rpki-client