$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a9d41bd-0bed-4bc0-8365-34453f074020.roa File: 9a9d41bd-0bed-4bc0-8365-34453f074020.roa (raw, json) Hash identifier: WswnfehuxNCAPJXZ/858kRz+5OPUUOrbiLTb0Xx162g= Subject key identifier: 9E:32:70:C5:66:5A:AA:B1:49:20:24:B6:0F:12:36:21:59:3D:EE:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 303BFF40862A59C4F1DFF861FCD10D464557ACFD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a9d41bd-0bed-4bc0-8365-34453f074020.roa Signing time: Tue 04 Feb 2025 00:00:00 +0000 ROA not before: Tue 04 Feb 2025 00:00:00 +0000 ROA not after: Tue 11 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:3b:ff:40:86:2a:59:c4:f1:df:f8:61:fc:d1:0d:46:45:57:ac:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 4 00:00:00 2025 GMT Not After : Mar 11 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:5c:6d:fc:28:d5:26:97:56:ad:9d:eb:4a:0a: 8a:08:00:b4:32:e8:b6:78:cf:d4:b0:7a:85:1b:14: 71:f8:9c:94:90:37:9d:fe:f1:87:87:43:9e:1f:ce: f6:8a:9a:2c:e4:4f:63:eb:f7:a2:08:f0:fc:d9:f0: d1:98:8b:8c:ae:0d:a0:c4:eb:f4:65:d5:6b:de:2c: 56:e1:8a:f8:25:c5:2d:5b:14:75:10:36:f8:63:08: f1:bc:fb:fd:95:8e:71:55:2c:d6:0a:ba:49:41:64: 30:ca:97:0a:82:cb:42:51:0f:f6:c7:b7:cc:c8:9b: 7e:6c:1d:bc:6b:46:1f:44:0b:46:88:c5:5c:86:a9: 7d:d7:75:57:a8:3f:f0:95:a1:7d:3e:16:96:43:2a: f9:89:5f:c1:f0:c3:8c:ce:b1:86:20:ed:2b:85:84: a7:18:94:93:1e:a5:1a:76:52:9a:99:d2:ca:8f:61: 76:e5:8a:fc:65:88:e7:87:05:af:ec:44:24:ea:80: da:53:c4:8c:8a:ce:0a:15:60:27:a5:34:5a:9c:7e: 89:c4:ea:14:ae:43:fa:1d:6f:ce:c1:4e:a1:5a:23: bc:a5:de:fa:13:51:c2:27:37:ed:f2:a2:2a:b1:67: 6f:3d:99:4d:fe:d9:dd:bf:5a:35:c0:90:be:f2:42: cb:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:32:70:C5:66:5A:AA:B1:49:20:24:B6:0F:12:36:21:59:3D:EE:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a9d41bd-0bed-4bc0-8365-34453f074020.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:e000::/40 Signature Algorithm: sha256WithRSAEncryption 03:fe:97:06:36:07:26:55:1a:9c:1e:87:d3:7b:46:e1:d4:78: 34:b7:19:db:ca:88:68:46:f7:c2:1b:7b:02:93:0c:e1:55:5f: 6e:e6:c0:81:f1:4c:e5:98:a4:86:84:7a:d1:d1:26:48:2c:48: 00:fd:22:58:34:ff:e3:92:5a:5e:33:9a:27:e3:8b:4e:1a:fe: 5e:23:62:79:3e:60:bf:43:50:3f:5f:1b:ad:34:81:b7:a1:4a: fe:7a:97:6f:4b:ee:75:c4:ff:84:54:f4:55:7b:72:53:e4:e0: 9a:b7:d7:e7:0b:d5:d6:63:d3:83:32:88:ce:ea:b4:43:a6:88: 35:56:45:a6:2b:e9:36:e6:f9:6e:ea:53:61:4e:06:57:03:07: 8d:a1:3e:6a:29:b9:08:c4:ac:c7:a5:e1:60:7b:bf:5a:47:bd: 1f:ce:ab:9b:85:2d:79:69:48:61:bb:c9:4a:a7:fd:7b:0b:55: 79:45:98:5a:79:eb:9a:7c:52:0a:55:ba:82:e4:01:8b:c2:2c: bf:28:be:4a:da:76:ac:0e:cb:22:fd:dd:f7:db:23:20:e3:10: 28:f2:cb:3e:01:d0:1d:9d:2c:3f:5b:9b:b5:fc:58:3e:3e:63: 48:df:dd:86:04:85:27:03:0c:c4:0d:fb:b3:f2:34:4c:a3:f9: 4b:68:3b:02 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMDv/QIYqWcTx3/hh/NENRkVXrP0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwNDAwMDAwMFoX DTI1MDMxMTIzNTk1OVowejFJMEcGA1UEBRNAODliY2VlMDYxOGZiZmE0YTFjNTAw ZWIxOTJhN2QxZTUxZjc0YmFmNGU5NGI1ZThhYzU3MmUxYWRkZGJiNDYwNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFxt/CjVJpdWrZ3rSgqKCAC0Mui2 eM/UsHqFGxRx+JyUkDed/vGHh0OeH872ipos5E9j6/eiCPD82fDRmIuMrg2gxOv0 ZdVr3ixW4Yr4JcUtWxR1EDb4YwjxvPv9lY5xVSzWCrpJQWQwypcKgstCUQ/2x7fM yJt+bB28a0YfRAtGiMVchql913VXqD/wlaF9PhaWQyr5iV/B8MOMzrGGIO0rhYSn GJSTHqUadlKamdLKj2F25Yr8ZYjnhwWv7EQk6oDaU8SMis4KFWAnpTRanH6JxOoU rkP6HW/OwU6hWiO8pd76E1HCJzft8qIqsWdvPZlN/tndv1o1wJC+8kLLGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ4ycMVmWqqxSSAktg8SNiFZPe7vMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhOWQ0MWJkLTBiZWQtNGJjMC04MzY1LTM0NDUzZjA3NDAyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/uAwDQYJKoZIhvcNAQELBQADggEBAAP+lwY2ByZVGpweh9N7 RuHUeDS3GdvKiGhG98IbewKTDOFVX27mwIHxTOWYpIaEetHRJkgsSAD9Ilg0/+OS Wl4zmifji04a/l4jYnk+YL9DUD9fG600gbehSv56l29L7nXE/4RU9FV7clPk4Jq3 1+cL1dZj04MyiM7qtEOmiDVWRaYr6Tbm+W7qU2FOBlcDB42hPmopuQjErMel4WB7 v1pHvR/Oq5uFLXlpSGG7yUqn/XsLVXlFmFp565p8UgpVuoLkAYvCLL8ovkradqwO yyL93ffbIyDjECjyyz4B0B2dLD9bm7X8WD4+Y0jf3YYEhScDDMQN+7PyNEyj+Uto OwI= -----END CERTIFICATE-----Generated at Sun Feb 16 15:26:01 2025 by rpki-client