$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fc7dac5-8246-401a-90b2-80ba037b852e.roa File: 8fc7dac5-8246-401a-90b2-80ba037b852e.roa (raw, json) Hash identifier: Mi7mLqePUd93pt14Iyb8gN+du7Qh2KG9QRQHcNmCFPo= Subject key identifier: F3:4A:EF:AC:36:2D:6F:A6:1A:B3:10:44:EA:50:DC:CE:D9:5F:EE:C7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18972962F9D89BEB3564D422F579EA60EDD04766 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fc7dac5-8246-401a-90b2-80ba037b852e.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1e:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:97:29:62:f9:d8:9b:eb:35:64:d4:22:f5:79:ea:60:ed:d0:47:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:0c:06:28:29:72:14:b1:93:00:bc:34:ca:e4: 1b:ae:5c:1b:db:e2:0c:5b:55:5c:d9:a4:a1:18:bc: 83:e0:46:99:74:db:95:a1:51:75:f2:8f:9d:da:ef: da:12:60:ef:1d:3a:32:75:6b:51:1a:8b:51:17:67: ed:54:f3:ab:06:c0:f9:58:09:c8:78:0e:06:51:9f: 13:67:0a:ac:f8:4c:5b:54:b9:a2:bf:08:e7:3e:73: c5:03:56:58:38:84:40:87:4d:9a:f3:d4:95:23:f6: 1b:16:e4:31:a2:24:56:85:39:0c:69:0b:71:cb:78: b5:f7:de:6e:90:d4:4e:a3:5c:00:c6:26:a3:5b:6f: 28:c2:bc:38:93:19:1c:82:30:ff:1d:36:d4:8f:8c: 63:3d:55:04:f2:da:8a:36:3c:08:44:eb:a6:6e:77: 48:55:64:26:0d:94:f3:03:14:6a:e4:c6:7f:57:ba: 0c:31:9a:35:fc:70:47:10:94:06:c2:fe:47:2c:48: 50:81:18:99:04:73:37:29:51:90:f8:d2:49:12:13: 9e:79:eb:0b:4e:d2:e2:b6:da:c6:da:e1:0e:88:6d: dc:78:36:99:15:30:c7:56:b2:99:5d:8c:94:d4:9d: a8:66:ff:53:cf:21:20:81:e6:da:50:84:5f:cf:2c: 8d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:4A:EF:AC:36:2D:6F:A6:1A:B3:10:44:EA:50:DC:CE:D9:5F:EE:C7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fc7dac5-8246-401a-90b2-80ba037b852e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1e:800::/38 Signature Algorithm: sha256WithRSAEncryption cb:88:1e:c8:b6:bf:2b:80:c8:06:65:f7:02:93:71:9b:da:61: 2f:71:9b:1e:22:8f:ce:ba:b8:e8:a3:69:4e:95:bb:48:e6:8a: ce:e5:d6:c3:c6:98:a7:ac:81:46:f7:8f:ed:01:fd:97:52:4e: 3a:6f:38:5d:6c:41:61:b1:af:9c:84:ea:9a:87:21:6a:8e:17: 43:6b:e9:8a:fc:2b:05:bc:c6:43:3b:8b:a6:47:ef:e1:78:d8: 3a:a1:64:9f:60:5f:c8:23:75:86:e8:09:9b:5f:fc:01:0a:bd: df:df:6a:53:f5:a1:c0:52:68:39:8b:db:2b:f4:03:70:8f:7c: 33:2c:4e:cd:45:e7:20:b4:08:de:ed:96:a1:11:07:66:56:a1: 0e:e7:14:61:e8:3f:7d:05:b9:33:13:49:06:30:43:50:1f:44: b2:47:54:86:54:e9:31:7c:5b:e6:c0:ab:ac:f6:67:e6:96:87: 9a:fc:b0:af:8b:fe:16:ae:ca:ed:02:5a:c7:91:2d:2e:96:48: 71:d3:f5:81:2b:6e:31:2a:5b:af:3e:f0:ff:8b:d8:5e:d2:74: 25:e9:74:eb:42:6b:7d:07:36:c5:55:7d:bd:11:bb:ef:dd:ca: 14:99:47:f2:3e:6e:10:14:0e:6d:a4:8a:75:f5:65:05:7b:1a: 9b:93:57:4d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGJcpYvnYm+s1ZNQi9XnqYO3QR2YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMWUzMzA1YTBjNDdmZGMyMTc5YzM3 ZDE2YjJjZTYyNmQ3YTc0MzkyZDQ2NTgzZWFhZjFmZTY5NDkxYjA5MDRlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgwGKClyFLGTALw0yuQbrlwb2+IM W1Vc2aShGLyD4EaZdNuVoVF18o+d2u/aEmDvHToydWtRGotRF2ftVPOrBsD5WAnI eA4GUZ8TZwqs+ExbVLmivwjnPnPFA1ZYOIRAh02a89SVI/YbFuQxoiRWhTkMaQtx y3i1995ukNROo1wAxiajW28owrw4kxkcgjD/HTbUj4xjPVUE8tqKNjwIROumbndI VWQmDZTzAxRq5MZ/V7oMMZo1/HBHEJQGwv5HLEhQgRiZBHM3KVGQ+NJJEhOeeesL TtLittrG2uEOiG3ceDaZFTDHVrKZXYyU1J2oZv9TzyEggebaUIRfzyyNUQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPNK76w2LW+mGrMQROpQ3M7ZX+7HMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhmYzdkYWM1LTgyNDYtNDAxYS05MGIyLTgwYmEwMzdiODUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHggwDQYJKoZIhvcNAQELBQADggEBAMuIHsi2vyuAyAZl9wKT cZvaYS9xmx4ij866uOijaU6Vu0jmis7l1sPGmKesgUb3j+0B/ZdSTjpvOF1sQWGx r5yE6pqHIWqOF0Nr6Yr8KwW8xkM7i6ZH7+F42DqhZJ9gX8gjdYboCZtf/AEKvd/f alP1ocBSaDmL2yv0A3CPfDMsTs1F5yC0CN7tlqERB2ZWoQ7nFGHoP30FuTMTSQYw Q1AfRLJHVIZU6TF8W+bAq6z2Z+aWh5r8sK+L/hauyu0CWseRLS6WSHHT9YErbjEq W68+8P+L2F7SdCXpdOtCa30HNsVVfb0Ru+/dyhSZR/I+bhAUDm2kinX1ZQV7GpuT V00= -----END CERTIFICATE-----Generated at Wed Feb 5 04:12:00 2025 by rpki-client