$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa File: 8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa (raw, json) Hash identifier: O5v3NUHMzkP9yIJSnIA3NjS/v/GsyzWNkyRbv+zewqQ= Subject key identifier: 58:32:A0:7A:87:9B:6B:D4:CA:A4:C1:C4:D0:A3:52:0C:B4:41:0D:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2D4050B3F86D30CA55A7623F50EFC2409C1D04DB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:40:50:b3:f8:6d:30:ca:55:a7:62:3f:50:ef:c2:40:9c:1d:04:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:1c:8e:a0:55:8d:5a:27:bf:cd:35:04:cb:4f: 95:87:65:b3:e6:e3:ae:1c:1f:29:69:70:96:22:df: ad:90:e2:97:81:99:f1:0d:5d:7e:17:26:e1:ab:8c: d3:21:11:1e:6c:08:fb:c4:38:29:99:5d:1a:46:64: 0a:f1:e1:99:ac:3b:bf:a0:f2:70:94:52:0d:ec:0f: 25:cd:de:99:3e:fd:50:97:28:00:f8:44:8b:8d:49: 51:ef:4e:ed:ee:71:c2:f7:81:03:37:bd:df:8d:c2: 13:c2:1e:af:01:0d:1f:10:6b:67:e0:46:c9:a0:83: e8:88:7f:57:b7:f2:a2:cd:de:70:34:d5:34:f5:b3: 9a:b4:6d:87:e4:36:61:f9:ff:23:a7:71:3e:81:81: b7:00:60:de:46:e0:74:7e:2f:e4:dc:12:ec:16:6b: 60:bf:22:f3:6b:7a:e8:7d:2d:6b:44:20:a4:33:6e: b3:28:73:cb:da:13:80:71:e3:2c:69:e9:99:54:77: 0a:46:c8:c1:b8:8f:6f:00:4b:39:8e:0a:ac:67:3e: dc:77:fc:35:f6:4e:5c:d1:ef:9c:b6:f9:4f:cd:bc: 43:8e:61:20:79:54:0e:b4:92:fa:48:69:a1:91:a5: 8c:83:ed:40:84:36:dd:dd:23:f3:0e:18:c2:09:ca: a2:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:32:A0:7A:87:9B:6B:D4:CA:A4:C1:C4:D0:A3:52:0C:B4:41:0D:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:8020::/48 Signature Algorithm: sha256WithRSAEncryption ca:f2:bc:64:49:14:bb:0d:d3:37:dc:a0:a9:8e:40:ad:15:b4: 19:63:8f:8b:3d:f6:32:a9:e6:b5:2f:1e:be:fc:26:37:40:6b: 41:73:b2:27:31:b1:32:df:56:8a:46:f8:ae:c3:23:09:ff:48: 18:47:2a:b9:a6:c2:28:5b:26:12:2f:0a:68:59:af:3c:f6:a8: 74:de:88:3d:1d:ef:22:de:f8:b6:34:49:f4:e0:02:fe:b8:51: b3:0d:17:c4:21:45:43:0a:c6:ea:92:e1:e5:6d:2d:16:6e:c4: 3d:42:08:eb:08:aa:ab:5d:51:7a:07:30:43:b4:b7:13:22:aa: eb:a5:e5:56:4b:3d:5e:43:1d:e1:5c:f8:3c:c5:7c:41:c2:b7: 42:2e:29:ab:ba:71:b2:67:cf:42:15:2b:8d:e0:32:52:d7:f9: 65:54:cb:43:3d:ff:ca:c7:83:f2:14:e3:31:b3:57:b4:6f:3a: 16:2f:ee:47:50:3d:c8:ab:64:df:b1:20:c4:68:3d:48:93:9e: d5:dd:45:28:0e:20:6b:c8:59:26:48:a8:73:61:74:f8:77:52: b8:92:61:02:3a:17:c8:5c:6f:1e:e6:36:ce:5d:6a:e1:6e:93: 82:9f:70:01:75:6f:ff:06:9e:e5:c4:68:0c:1b:3e:fc:02:5d: c6:33:8f:a8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULUBQs/htMMpVp2I/UO/CQJwdBNswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYjQyZmM1MTNhZDc0MTFmYWVhYzc2 NzYxNTRlYTEzYjZjNGMxMDk1OGVkNjhiYzNkMzNkZTZlOTM3MTE0Njk0NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xyOoFWNWie/zTUEy0+Vh2Wz5uOu HB8paXCWIt+tkOKXgZnxDV1+Fybhq4zTIREebAj7xDgpmV0aRmQK8eGZrDu/oPJw lFIN7A8lzd6ZPv1QlygA+ESLjUlR707t7nHC94EDN73fjcITwh6vAQ0fEGtn4EbJ oIPoiH9Xt/Kizd5wNNU09bOatG2H5DZh+f8jp3E+gYG3AGDeRuB0fi/k3BLsFmtg vyLza3rofS1rRCCkM26zKHPL2hOAceMsaemZVHcKRsjBuI9vAEs5jgqsZz7cd/w1 9k5c0e+ctvlPzbxDjmEgeVQOtJL6SGmhkaWMg+1AhDbd3SPzDhjCCcqixQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFgyoHqHm2vUyqTBxNCjUgy0QQ1/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhjYTM3MWQ5LTIxNTMtNDA1My05OWFjLTFiZGMwYzQyOTRhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQDK8rxkSRS7DdM33KCp jkCtFbQZY4+LPfYyqea1Lx6+/CY3QGtBc7InMbEy31aKRviuwyMJ/0gYRyq5psIo WyYSLwpoWa889qh03og9He8i3vi2NEn04AL+uFGzDRfEIUVDCsbqkuHlbS0WbsQ9 QgjrCKqrXVF6BzBDtLcTIqrrpeVWSz1eQx3hXPg8xXxBwrdCLimrunGyZ89CFSuN 4DJS1/llVMtDPf/Kx4PyFOMxs1e0bzoWL+5HUD3Iq2TfsSDEaD1Ik57V3UUoDiBr yFkmSKhzYXT4d1K4kmECOhfIXG8e5jbOXWrhbpOCn3ABdW//Bp7lxGgMGz78Al3G M4+o -----END CERTIFICATE-----Generated at Wed Feb 5 04:06:46 2025 by rpki-client