$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa File: 8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa (raw, json) Hash identifier: M/T85AXazv0vUsM2ij7F4W0NudKeLwL/t//ci2yC+YY= Subject key identifier: 0B:78:50:CB:42:60:2F:66:E0:7D:17:73:0C:37:C9:79:88:4C:72:CE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D323F29D76FA5D2A553DB77EB6BEE37760F3D92 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:32:3f:29:d7:6f:a5:d2:a5:53:db:77:eb:6b:ee:37:76:0f:3d:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:12:3a:9c:a6:11:cf:3d:14:2b:10:4d:89:b4: 58:d8:68:6e:de:64:2d:ae:bc:30:17:8b:06:1c:0f: a7:3f:a3:7d:8b:a9:4e:aa:a4:22:f7:2e:a9:3f:24: ad:e0:79:4a:41:5f:f7:97:31:86:e9:cd:28:83:51: 37:31:0a:69:b1:0a:0b:81:fe:e0:96:d2:0a:3e:73: d9:a7:72:a6:ad:6b:08:d9:ef:99:03:a7:d4:c5:91: 84:f5:96:31:38:87:42:36:a2:e5:87:c4:46:32:b6: 53:54:cb:b9:ba:be:be:32:42:16:98:a4:ce:1e:57: ec:b7:b2:57:33:3f:6d:5d:bf:4f:09:5b:8f:03:4f: 21:88:89:4b:c2:44:cd:c4:ae:0c:b8:f7:db:86:a4: 76:e1:c7:c4:cd:21:4e:86:09:70:bd:c0:83:72:a6: 84:f2:c6:27:83:5a:ff:ff:98:64:40:26:10:3d:96: 92:89:6e:c7:a6:2d:65:b0:15:42:31:64:9f:2b:6e: ee:e9:31:1a:19:b4:ae:ab:ac:83:7c:01:e1:9f:7c: c8:c5:51:85:a2:f1:56:9b:bf:db:bf:75:ca:35:d8: 0c:33:4e:57:35:c5:12:0a:2b:2c:08:f0:17:ef:c9: 4a:b9:b2:df:74:ec:dd:fa:18:78:de:f0:98:e8:01: f3:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:78:50:CB:42:60:2F:66:E0:7D:17:73:0C:37:C9:79:88:4C:72:CE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2040::/48 Signature Algorithm: sha256WithRSAEncryption 22:25:aa:77:06:76:25:95:c7:21:b7:37:1f:d9:f7:29:11:27: 8c:21:35:c1:23:1a:60:76:08:b3:e5:48:b8:23:ce:c3:d3:00: 8a:81:2b:4c:b1:82:fb:f2:f0:69:bd:bd:6e:c8:f7:55:6f:f2: 58:5f:98:c3:9f:31:f2:20:04:17:4c:23:2e:e2:3d:28:a9:64: 02:35:13:6f:38:9d:a1:10:1f:6d:8e:42:bf:8d:bd:4c:4a:df: 08:7d:42:91:26:83:9a:31:bf:13:9c:d1:e0:5c:c2:04:2b:28: 59:83:ad:7f:1a:db:4f:fc:63:05:92:cf:d7:59:e8:a1:23:21: 00:bd:90:34:bf:d6:76:0e:8f:e8:b1:a1:a0:08:d1:c6:04:b6: 85:8f:92:6e:21:99:26:63:a7:77:d7:b1:1a:e9:6a:9f:0d:f0: b0:e1:85:0c:eb:6c:c2:b2:fb:35:df:e5:29:96:55:ea:c2:e7: 7e:d4:10:06:69:18:86:85:d9:de:3a:4e:20:16:38:f7:c3:27: f6:da:c8:b6:68:3d:08:c6:d0:8b:2b:3e:14:eb:15:4c:42:d7: da:da:85:ac:2f:32:fd:ef:94:7f:d7:b2:4f:4c:47:ac:5f:e0: 98:f1:7f:01:f5:f2:73:d8:10:8f:42:1a:1f:36:52:0e:53:ec: a9:54:03:d2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPTI/KddvpdKlU9t362vuN3YPPZIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANTg4MjFhNzUxOTZlNTA0Y2VkMTIw MjAxMjdhNzI1NzhhNDMyMTY4ZDZiZmUxOWUyYTI0Y2YzMWViYzljNjU4YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxI6nKYRzz0UKxBNibRY2Ghu3mQt rrwwF4sGHA+nP6N9i6lOqqQi9y6pPySt4HlKQV/3lzGG6c0og1E3MQppsQoLgf7g ltIKPnPZp3KmrWsI2e+ZA6fUxZGE9ZYxOIdCNqLlh8RGMrZTVMu5ur6+MkIWmKTO Hlfst7JXMz9tXb9PCVuPA08hiIlLwkTNxK4MuPfbhqR24cfEzSFOhglwvcCDcqaE 8sYng1r//5hkQCYQPZaSiW7Hpi1lsBVCMWSfK27u6TEaGbSuq6yDfAHhn3zIxVGF ovFWm7/bv3XKNdgMM05XNcUSCissCPAX78lKubLfdOzd+hh43vCY6AHzDQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAt4UMtCYC9m4H0Xcww3yXmITHLOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhjNmIzZTJmLWM0NDEtNGQyZS1hM2ZiLTUxMWFlYmQ3MmFhMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/yBAMA0GCSqGSIb3DQEBCwUAA4IBAQAiJap3BnYllcchtzcf 2fcpESeMITXBIxpgdgiz5Ui4I87D0wCKgStMsYL78vBpvb1uyPdVb/JYX5jDnzHy IAQXTCMu4j0oqWQCNRNvOJ2hEB9tjkK/jb1MSt8IfUKRJoOaMb8TnNHgXMIEKyhZ g61/GttP/GMFks/XWeihIyEAvZA0v9Z2Do/osaGgCNHGBLaFj5JuIZkmY6d317Ea 6WqfDfCw4YUM62zCsvs13+UpllXqwud+1BAGaRiGhdneOk4gFjj3wyf22si2aD0I xtCLKz4U6xVMQtfa2oWsLzL975R/17JPTEesX+CY8X8B9fJz2BCPQhofNlIOU+yp VAPS -----END CERTIFICATE-----Generated at Wed Feb 5 04:01:28 2025 by rpki-client