$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa File: 996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json) Hash identifier: wBPSiXHkIxByhnYKLmy46/sywPMEHnSLXum1S3iBr1k= Subject key identifier: 4E:01:FD:65:B9:67:7B:C7:8E:2D:0D:FF:00:CF:42:09:F7:29:16:72 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22A0E84AE4D23F119B67D461511B53B6A1B26B19 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa Signing time: Fri 14 Feb 2025 00:00:13 +0000 ROA not before: Fri 14 Feb 2025 00:00:13 +0000 ROA not after: Fri 21 Mar 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da00:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:a0:e8:4a:e4:d2:3f:11:9b:67:d4:61:51:1b:53:b6:a1:b2:6b:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 14 00:00:13 2025 GMT Not After : Mar 21 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:51:45:f6:ab:33:85:a6:e9:c2:c6:43:bb:35: 1d:f2:fc:e3:f0:61:71:a9:e3:85:2a:39:15:8b:68: b6:6c:92:28:76:43:43:1b:37:9c:4e:1b:2f:09:ef: a8:c9:1d:b2:7e:81:9a:33:10:54:78:2c:45:42:78: 23:65:1a:3b:ff:e1:b5:0d:6f:b1:b1:7f:ea:8f:07: 1c:64:2b:56:82:94:71:e9:06:a9:16:bf:cb:04:6c: 7c:2e:d9:5f:a3:38:e5:3e:1c:a9:0f:57:7a:6e:9b: ed:05:2f:2c:33:80:29:98:c1:cd:e8:f5:63:0a:46: 40:34:57:06:30:77:50:71:8a:a8:20:86:ae:73:3a: d2:ed:b3:8c:ef:60:4e:ba:80:e7:ef:21:c7:8d:fc: 14:8f:97:ca:89:24:27:8b:de:69:57:b2:da:5f:e5: 2c:b3:c0:8e:5c:78:e7:8f:db:81:9d:b9:ea:7c:f2: cf:a7:ce:08:18:c8:a0:b6:30:42:7b:11:a7:cd:ec: db:a7:68:35:d7:75:d5:82:cc:be:a7:a1:00:c2:f8: f1:20:61:14:ea:0e:c2:c7:f7:d6:fa:64:89:4d:db: 8f:04:ce:a4:0a:e9:43:65:dd:3a:22:fa:99:b9:49: 2f:c9:cf:38:0e:1f:69:80:b8:04:00:59:5e:fd:27: 71:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:01:FD:65:B9:67:7B:C7:8E:2D:0D:FF:00:CF:42:09:F7:29:16:72 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 11:49:64:f5:2b:5e:b7:5b:3d:9a:4c:33:0f:f2:45:8a:7b:d7: f7:2e:4b:56:d4:f3:a7:da:dd:47:48:0a:1f:6e:a4:32:dc:86: 68:59:aa:19:03:4b:d0:a3:57:c0:89:07:6b:d8:64:ed:f9:d3: fc:3a:f7:74:a8:cc:e0:7e:4e:54:cb:57:8b:6a:7f:47:e4:ee: 2f:e2:74:65:f1:e5:39:05:77:3b:6c:de:20:5c:a7:b8:80:b0: c7:ac:75:8c:d7:84:f5:d5:d7:fe:56:26:9f:6f:fe:0b:dc:99: 81:f8:06:f1:08:5e:1f:2a:d2:41:59:d4:ea:79:a2:30:14:f1: 77:22:18:25:c8:7a:f3:f6:2b:74:14:7b:fb:90:b8:05:2a:57: 8d:20:45:ae:e4:f6:8e:9b:a0:56:49:78:13:d3:99:e6:f4:56: 41:a1:f8:84:36:39:99:22:bf:f5:d0:a5:5e:42:46:65:35:75: e5:21:b9:9c:c2:96:3a:06:ab:24:2f:2b:c3:26:d7:a4:e3:e3: e9:2c:17:fa:bd:38:94:a0:e8:c0:bc:10:f2:56:67:95:51:a7: 39:1f:15:e4:e0:6a:25:e0:4d:43:d8:19:4a:36:2d:cc:92:70: 5c:b0:b2:e6:29:33:7f:f3:06:65:73:49:e3:86:72:6b:55:00: 19:38:9b:f3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIqDoSuTSPxGbZ9RhURtTtqGyaxkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIxNDAwMDAxM1oX DTI1MDMyMTIzNTk1OVowejFJMEcGA1UEBRNAZmU2N2UyOWMxMDAxYjNjMjAwNThj NjFlODExZjgzNzVhYmZiMzMzNzY1NjA2NWQzY2RmZDdiZGM2YmUzNDdiYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVFF9qszhabpwsZDuzUd8vzj8GFx qeOFKjkVi2i2bJIodkNDGzecThsvCe+oyR2yfoGaMxBUeCxFQngjZRo7/+G1DW+x sX/qjwccZCtWgpRx6QapFr/LBGx8LtlfozjlPhypD1d6bpvtBS8sM4ApmMHN6PVj CkZANFcGMHdQcYqoIIauczrS7bOM72BOuoDn7yHHjfwUj5fKiSQni95pV7LaX+Us s8COXHjnj9uBnbnqfPLPp84IGMigtjBCexGnzezbp2g113XVgsy+p6EAwvjxIGEU 6g7Cx/fW+mSJTduPBM6kCulDZd06IvqZuUkvyc84Dh9pgLgEAFle/SdxowIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFE4B/WW5Z3vHji0N/wDPQgn3KRZyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQARSWT1K163Wz2aTDMP 8kWKe9f3LktW1POn2t1HSAofbqQy3IZoWaoZA0vQo1fAiQdr2GTt+dP8Ovd0qMzg fk5Uy1eLan9H5O4v4nRl8eU5BXc7bN4gXKe4gLDHrHWM14T11df+Viafb/4L3JmB +AbxCF4fKtJBWdTqeaIwFPF3IhglyHrz9it0FHv7kLgFKleNIEWu5PaOm6BWSXgT 05nm9FZBofiENjmZIr/10KVeQkZlNXXlIbmcwpY6BqskLyvDJtek4+PpLBf6vTiU oOjAvBDyVmeVUac5HxXk4Gol4E1D2BlKNi3MknBcsLLmKTN/8wZlc0njhnJrVQAZ OJvz -----END CERTIFICATE-----Generated at Sun Feb 16 15:07:18 2025 by rpki-client