$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9016c8f8-5e23-4acf-929a-ba5a344b35b6.roa File: 9016c8f8-5e23-4acf-929a-ba5a344b35b6.roa (raw, json) Hash identifier: 1/qS4poP097xgMohM+hqW3p9kMvTkEvcjhJw2FtZ8Ic= Subject key identifier: 2E:22:9C:E4:13:93:55:8F:78:98:92:88:DE:A8:81:B2:43:42:E1:82 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0BDDD3F146BDF91FCD14876849985B631D8D0874 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9016c8f8-5e23-4acf-929a-ba5a344b35b6.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:4080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:dd:d3:f1:46:bd:f9:1f:cd:14:87:68:49:98:5b:63:1d:8d:08:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:1a:ae:2a:e8:2d:9f:8a:da:f6:15:84:fe:1a: 9e:95:88:35:56:04:57:88:ac:ad:e9:0e:7b:3e:d8: 52:7f:9e:b0:cd:2c:ca:77:27:d1:2d:a7:a6:0f:61: f5:52:00:c0:1f:93:9c:2e:23:ca:0d:93:b5:b4:95: e6:7f:61:aa:bd:36:9f:b8:14:5d:c0:e7:d9:aa:08: 38:1c:9c:db:07:6b:ed:5b:1f:ab:8a:ce:44:f8:63: 5b:b1:a5:69:e6:bc:cc:68:ed:b1:9a:e1:7c:38:e5: 1f:1d:b4:8a:f9:78:ce:76:4c:df:93:21:0b:46:2a: 4b:26:cb:f8:61:8d:a8:f9:0d:bb:78:76:76:b0:90: bf:0f:6e:ce:fa:65:63:1f:a2:9d:5f:cc:89:64:5e: 93:ae:8c:27:8a:20:d1:d2:b4:ca:69:3d:d2:17:d6: bf:0b:ee:ee:9a:cd:21:06:5d:14:87:90:2e:9a:be: 6b:47:87:11:65:d8:12:e9:7b:5e:2a:3d:54:81:64: dd:4f:e8:4d:05:30:9b:b3:a7:5a:bf:9a:3f:5d:f7: c2:ea:84:40:9c:4d:2c:f0:4c:6c:03:e6:1f:6a:79: 5e:4e:44:a0:86:8d:59:cc:bf:5e:45:44:67:97:90: 99:19:e9:18:d1:33:a6:2d:a7:d2:c3:0d:af:23:7b: 00:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:22:9C:E4:13:93:55:8F:78:98:92:88:DE:A8:81:B2:43:42:E1:82 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9016c8f8-5e23-4acf-929a-ba5a344b35b6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:4080::/46 Signature Algorithm: sha256WithRSAEncryption 21:72:bf:62:c4:a4:b3:ef:c0:5d:01:a1:ad:ab:c7:83:02:a8: e6:7a:33:9d:8a:56:7d:92:7a:ef:3c:aa:68:16:31:81:7c:14: 38:e8:03:7c:2d:23:15:4d:69:57:1e:26:1f:24:06:fb:12:20: c3:d2:a9:d0:2e:96:85:51:56:5c:ef:a1:ff:5e:3e:cb:64:f2: 64:8c:d2:bb:bb:71:d4:ff:87:3e:5c:ca:7f:54:e9:0e:ff:5e: d4:59:e5:5d:d2:17:08:f8:11:8b:d9:cc:3a:7f:7f:bb:77:66: c6:44:5a:f4:c2:0b:90:9d:4c:00:38:09:62:b4:2f:f5:c6:4c: 81:3f:22:f5:e1:1f:32:f2:08:c0:c8:ae:b5:28:c0:d0:23:ae: 64:60:1a:16:8b:bf:c4:ef:78:65:9f:41:5e:72:87:79:87:e4: 8d:b1:3e:1a:2d:28:eb:fc:40:f9:22:29:8b:7f:84:3d:9a:fd: 1d:6f:ba:50:9a:cc:ce:11:1d:bd:53:cc:3c:fd:27:96:8c:fb: b8:fa:60:5f:68:2b:c7:42:69:3c:d6:da:14:d4:0f:5b:c6:28: e5:0c:e4:1d:43:67:89:1f:aa:e2:38:9b:c3:18:55:3e:db:dc: 3e:af:94:67:da:3a:21:4e:8b:a2:1a:b9:44:ad:2f:8d:ad:4b: 7c:3c:d0:a5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUC93T8Ua9+R/NFIdoSZhbYx2NCHQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMGViMDUwY2E4MDE2ZTM3ODBjZDEy MGEwZWRkODY3MDk3YWY3YjFiNzU4YmI3MjhkNmJkNGM4YjQyMWJlZDc2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohquKugtn4ra9hWE/hqelYg1VgRX iKyt6Q57PthSf56wzSzKdyfRLaemD2H1UgDAH5OcLiPKDZO1tJXmf2GqvTafuBRd wOfZqgg4HJzbB2vtWx+ris5E+GNbsaVp5rzMaO2xmuF8OOUfHbSK+XjOdkzfkyEL RipLJsv4YY2o+Q27eHZ2sJC/D27O+mVjH6KdX8yJZF6TrowniiDR0rTKaT3SF9a/ C+7ums0hBl0Uh5Aumr5rR4cRZdgS6XteKj1UgWTdT+hNBTCbs6dav5o/XffC6oRA nE0s8ExsA+YfanleTkSgho1ZzL9eRURnl5CZGekY0TOmLafSww2vI3sAzwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC4inOQTk1WPeJiSiN6ogbJDQuGCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwMTZjOGY4LTVlMjMtNGFjZi05MjlhLWJhNWEzNDRiMzViNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaUCAMA0GCSqGSIb3DQEBCwUAA4IBAQAhcr9ixKSz78BdAaGt q8eDAqjmejOdilZ9knrvPKpoFjGBfBQ46AN8LSMVTWlXHiYfJAb7EiDD0qnQLpaF UVZc76H/Xj7LZPJkjNK7u3HU/4c+XMp/VOkO/17UWeVd0hcI+BGL2cw6f3+7d2bG RFr0wguQnUwAOAlitC/1xkyBPyL14R8y8gjAyK61KMDQI65kYBoWi7/E73hln0Fe cod5h+SNsT4aLSjr/ED5IimLf4Q9mv0db7pQmszOER29U8w8/SeWjPu4+mBfaCvH Qmk81toU1A9bxijlDOQdQ2eJH6riOJvDGFU+29w+r5Rn2johTouiGrlErS+NrUt8 PNCl -----END CERTIFICATE-----Generated at Wed Feb 5 04:05:17 2025 by rpki-client