$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99d86cf2-ece3-438c-8964-4bed5e5c36ad.roa File: 99d86cf2-ece3-438c-8964-4bed5e5c36ad.roa (raw, json) Hash identifier: A6Qs3FQ/QRcDKQYQra9lkk4kCNgUffPfVuxi7egXFL4= Subject key identifier: 90:BC:36:D7:6D:09:1A:43:6E:B3:BC:03:AF:D7:E5:D7:5B:3A:03:C9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56F0E46DA84A3DABC59BABF05456BBABDBC8A345 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99d86cf2-ece3-438c-8964-4bed5e5c36ad.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:8840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:f0:e4:6d:a8:4a:3d:ab:c5:9b:ab:f0:54:56:bb:ab:db:c8:a3:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:64:df:49:82:78:b8:f8:9d:63:9b:19:80:a1: 97:76:ec:7d:a1:ab:01:51:96:46:b5:bf:26:03:35: 6b:8f:bb:33:e4:ef:d7:3a:e7:1d:d3:cd:60:64:f5: 9d:4b:6c:ef:1b:08:bd:ae:c1:22:23:1a:e1:a3:28: e7:7b:58:57:97:c3:ee:29:82:2b:8b:ef:4d:d9:8e: 93:62:79:15:34:eb:74:b3:39:3a:aa:53:56:be:c0: 64:17:a7:34:8f:1d:52:2b:4a:17:eb:7d:d5:76:93: 52:3f:0e:cd:ca:4d:bc:4b:a5:6a:6e:ae:d1:5a:3c: b3:5c:4e:42:25:f4:3a:ee:e6:ea:64:77:2e:d3:ec: b2:17:08:13:e0:2f:64:97:65:82:d0:74:72:c9:ac: c7:78:8c:30:bf:64:49:22:a9:e1:7b:69:7b:d1:bf: e3:e1:df:9d:fa:ff:9e:96:ed:84:82:e8:01:27:62: d7:44:bb:d8:19:13:9d:dd:0b:b7:9a:3c:11:57:32: 06:aa:cb:ce:7c:be:9f:0a:2e:0e:5e:7e:93:c4:27: 83:94:3e:82:6b:09:5a:85:83:89:53:e6:47:30:44: b6:63:45:6b:09:d9:69:13:16:47:70:c1:c4:78:79: 69:3a:b8:39:8f:a6:88:8b:ce:08:b7:21:9f:10:3a: 8d:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:BC:36:D7:6D:09:1A:43:6E:B3:BC:03:AF:D7:E5:D7:5B:3A:03:C9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99d86cf2-ece3-438c-8964-4bed5e5c36ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:8840::/46 Signature Algorithm: sha256WithRSAEncryption 9a:aa:74:13:26:d5:ff:5a:13:bc:be:58:4e:fc:d0:92:12:3a: 19:2e:23:bc:0c:68:e4:16:c2:e9:d5:9d:53:64:c9:b8:be:14: ea:4a:2e:eb:78:b1:4a:b7:0f:9c:c4:a3:55:d7:03:8c:55:d7: b3:fa:c7:90:9e:0e:d8:2c:19:e1:6f:39:9f:34:64:02:74:82: 80:84:b4:b7:c4:23:af:fd:e2:36:88:ac:95:be:d6:90:0b:aa: f7:40:52:51:ff:a7:f2:5e:68:11:4a:34:e1:27:6d:54:1f:31: d7:3f:f1:ad:26:f3:7d:cd:32:cf:29:21:98:a8:ca:04:a4:f5: 7d:4f:32:9d:24:d1:24:e9:2c:af:48:dd:93:59:73:60:3c:0a: 8c:d9:9c:54:81:75:67:3b:30:27:d8:8a:23:21:1f:d5:53:bd: 93:5d:ab:47:cc:89:6a:26:7b:bd:0f:fe:fa:09:51:89:64:55: aa:01:ef:27:20:51:69:17:03:5d:4e:d4:3d:1a:e0:63:f9:ef: d2:80:8f:36:03:e7:90:84:81:2d:36:ab:36:57:6b:b9:ec:07: cd:05:fb:fc:aa:89:bf:84:d3:0d:48:d2:b2:1d:1b:32:d3:63: ab:d2:82:03:1a:47:c8:eb:7c:84:0a:66:62:a1:af:7c:0f:09: 34:0c:3a:06 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUVvDkbahKPavFm6vwVFa7q9vIo0UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMTc3NzRkZWYxNDU4M2QwMDllOGEw YWI3MThkMzVhMmNkNjIwYmNhYjY0M2FlM2ZmMjJhYTk2OTlkYmU0OGY5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GTfSYJ4uPidY5sZgKGXdux9oasB UZZGtb8mAzVrj7sz5O/XOucd081gZPWdS2zvGwi9rsEiIxrhoyjne1hXl8PuKYIr i+9N2Y6TYnkVNOt0szk6qlNWvsBkF6c0jx1SK0oX633VdpNSPw7Nyk28S6Vqbq7R WjyzXE5CJfQ67ubqZHcu0+yyFwgT4C9kl2WC0HRyyazHeIwwv2RJIqnhe2l70b/j 4d+d+v+elu2EgugBJ2LXRLvYGROd3Qu3mjwRVzIGqsvOfL6fCi4OXn6TxCeDlD6C awlahYOJU+ZHMES2Y0VrCdlpExZHcMHEeHlpOrg5j6aIi84ItyGfEDqNuwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJC8NtdtCRpDbrO8A6/X5ddbOgPJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5ZDg2Y2YyLWVjZTMtNDM4Yy04OTY0LTRiZWQ1ZTVjMzZhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba94hAMA0GCSqGSIb3DQEBCwUAA4IBAQCaqnQTJtX/WhO8vlhO /NCSEjoZLiO8DGjkFsLp1Z1TZMm4vhTqSi7reLFKtw+cxKNV1wOMVdez+seQng7Y LBnhbzmfNGQCdIKAhLS3xCOv/eI2iKyVvtaQC6r3QFJR/6fyXmgRSjThJ21UHzHX P/GtJvN9zTLPKSGYqMoEpPV9TzKdJNEk6SyvSN2TWXNgPAqM2ZxUgXVnOzAn2Ioj IR/VU72TXatHzIlqJnu9D/76CVGJZFWqAe8nIFFpFwNdTtQ9GuBj+e/SgI82A+eQ hIEtNqs2V2u57AfNBfv8qom/hNMNSNKyHRsy02Or0oIDGkfI63yECmZioa98Dwk0 DDoG -----END CERTIFICATE-----Generated at Wed Feb 5 04:04:25 2025 by rpki-client