$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/916f5499-39df-48af-bef9-4bde1ada3ef5.roa File: 916f5499-39df-48af-bef9-4bde1ada3ef5.roa (raw, json) Hash identifier: FiBfVljYbvl+VR+x1IZ7hNFzcGckdKdOjSTn2LfqaPE= Subject key identifier: 72:68:A3:97:19:15:2E:95:11:4E:F1:97:58:0D:C4:7C:6C:60:BC:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3AFF0A406743A8C25E73F909E1E0AD43FC6E19CC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/916f5499-39df-48af-bef9-4bde1ada3ef5.roa Signing time: Sat 25 Jan 2025 00:00:00 +0000 ROA not before: Sat 25 Jan 2025 00:00:00 +0000 ROA not after: Sat 01 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:ff:0a:40:67:43:a8:c2:5e:73:f9:09:e1:e0:ad:43:fc:6e:19:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 25 00:00:00 2025 GMT Not After : Mar 1 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b8:f4:c8:93:a6:e2:3a:ff:be:3e:61:b6:ec: 6c:90:fd:94:4d:af:6a:42:4c:c8:37:da:3f:ef:5c: e9:48:d2:23:b2:93:89:4a:f3:eb:26:9c:f0:31:98: 7e:9f:10:85:f5:db:ce:65:03:b3:93:7e:48:a1:aa: 01:6c:31:d3:f4:5f:09:56:32:09:b1:89:7f:5b:b0: 7a:55:87:28:b0:82:6d:78:73:54:e5:4f:d4:61:15: 0e:a9:f0:70:db:a5:74:66:75:b2:2a:6c:bd:a6:21: 65:7f:e4:ea:57:a2:34:08:b6:3d:9c:16:03:67:dd: b6:22:c6:ae:3c:c2:4f:58:3d:ae:c1:68:6f:54:67: c0:58:1e:03:6b:cd:45:f4:ab:6c:fc:fe:ab:08:85: bf:73:e5:4c:99:90:b6:8c:b1:58:dd:2d:ba:12:68: 23:17:bb:e1:03:af:12:ee:16:b1:b4:17:d4:98:c7: 04:e4:7c:03:91:91:4e:59:63:0c:8a:94:32:dc:af: 84:6b:5e:14:f1:15:53:2c:78:3f:8d:c5:53:f1:c0: 9e:07:50:f5:1e:bb:46:de:b3:56:99:41:41:8b:ca: 8f:ed:17:b3:b4:0b:4c:55:83:a0:d6:95:ea:16:28: 9e:5b:ad:e3:bc:9a:e9:4a:24:ce:7b:8f:14:4d:6e: 01:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:68:A3:97:19:15:2E:95:11:4E:F1:97:58:0D:C4:7C:6C:60:BC:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/916f5499-39df-48af-bef9-4bde1ada3ef5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:8800::/40 Signature Algorithm: sha256WithRSAEncryption 37:ff:6a:34:68:2b:98:c5:92:53:0c:61:e6:f3:8b:84:4b:9f: 9b:74:7d:9d:7d:33:ba:3b:ee:24:8a:33:30:e8:8d:ba:17:3b: 88:06:ff:88:07:f8:82:d4:fa:4e:f7:d0:01:78:81:c9:72:2a: 35:8a:6a:57:81:96:4d:ce:98:53:5d:b1:21:73:71:71:d3:f5: 80:30:96:92:f6:c2:35:e3:a0:74:e4:73:63:6d:7d:9d:23:dc: fe:f6:f7:51:75:99:02:67:6a:24:6d:b0:1c:b5:db:ff:89:85: 52:86:81:d3:52:ae:f5:2e:e7:73:ef:60:c0:c3:97:bc:41:8f: d4:7d:19:33:16:4d:f8:ae:7c:23:8a:36:32:a6:96:2e:06:2c: 64:4a:c8:11:62:56:5c:0b:6a:55:fd:2e:cd:6c:6e:2f:9a:82: 9e:2f:79:27:1d:fd:94:e7:63:b0:12:39:75:2a:36:0d:d3:be: ff:3a:ca:4a:44:27:fb:20:27:ac:c3:1f:a8:25:47:53:f7:c5: 21:72:cc:96:6d:7e:07:b7:85:29:be:c6:e1:ec:48:3f:ce:80: 4a:b3:0e:8c:82:89:8f:35:8a:c8:6e:90:89:1c:c4:eb:78:23: ae:02:bf:2a:b6:60:a8:4a:5f:59:9d:0b:7e:50:93:f8:fb:9d: 0c:05:14:a5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOv8KQGdDqMJec/kJ4eCtQ/xuGcwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNTAwMDAwMFoX DTI1MDMwMTIzNTk1OVowejFJMEcGA1UEBRNAZTBiYmZlZDFhOWE3YTg1N2ZkYjMz MzExMTI3OGUxYzhiOTllZDE1MDU3MjQyZmI2ODExMDBmNmUyODhmNzU1NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7j0yJOm4jr/vj5htuxskP2UTa9q QkzIN9o/71zpSNIjspOJSvPrJpzwMZh+nxCF9dvOZQOzk35IoaoBbDHT9F8JVjIJ sYl/W7B6VYcosIJteHNU5U/UYRUOqfBw26V0ZnWyKmy9piFlf+TqV6I0CLY9nBYD Z922IsauPMJPWD2uwWhvVGfAWB4Da81F9Kts/P6rCIW/c+VMmZC2jLFY3S26Emgj F7vhA68S7haxtBfUmMcE5HwDkZFOWWMMipQy3K+Ea14U8RVTLHg/jcVT8cCeB1D1 HrtG3rNWmUFBi8qP7ReztAtMVYOg1pXqFiieW63jvJrpSiTOe48UTW4BwQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHJoo5cZFS6VEU7xl1gNxHxsYLxZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkxNmY1NDk5LTM5ZGYtNDhhZi1iZWY5LTRiZGUxYWRhM2VmNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoIgwDQYJKoZIhvcNAQELBQADggEBADf/ajRoK5jFklMMYebz i4RLn5t0fZ19M7o77iSKMzDojboXO4gG/4gH+ILU+k730AF4gclyKjWKaleBlk3O mFNdsSFzcXHT9YAwlpL2wjXjoHTkc2NtfZ0j3P7291F1mQJnaiRtsBy12/+JhVKG gdNSrvUu53PvYMDDl7xBj9R9GTMWTfiufCOKNjKmli4GLGRKyBFiVlwLalX9Ls1s bi+agp4veScd/ZTnY7ASOXUqNg3Tvv86ykpEJ/sgJ6zDH6glR1P3xSFyzJZtfge3 hSm+xuHsSD/OgEqzDoyCiY81ishukIkcxOt4I64Cvyq2YKhKX1mdC35Qk/j7nQwF FKU= -----END CERTIFICATE-----Generated at Sun Feb 16 15:27:30 2025 by rpki-client