$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa File: 9add10b6-9103-4c19-a99b-242367ce96bd.roa (raw, json) Hash identifier: pqfLewQZgQMK9uqOOeTzFgEulpcoDpYqFcu0XkvTYwI= Subject key identifier: BB:68:2D:15:91:88:BF:C0:E8:F6:0B:E2:8E:96:01:22:15:33:F1:A3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3A4C921F7C16B455F5A6360BBC666904A6377FF6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:4c:92:1f:7c:16:b4:55:f5:a6:36:0b:bc:66:69:04:a6:37:7f:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:fa:3c:61:33:b0:c6:eb:1d:70:18:7e:d2:f4: da:49:09:d3:23:37:db:ed:1d:6e:3f:fc:92:35:91: 6e:69:4c:06:91:38:4b:88:37:29:ea:03:fb:81:27: ab:9d:57:7e:da:e5:81:86:a8:36:84:96:aa:ca:f4: 57:05:1f:b3:8e:64:ce:53:d6:da:9b:01:13:78:7a: f9:47:cd:80:9d:ea:9d:4d:68:1d:59:63:33:e8:bf: bf:67:8e:18:1c:5d:e2:9f:b9:aa:79:40:90:cf:06: ff:d3:3d:18:9b:a5:ea:8d:28:31:cb:7c:01:a8:fa: 5f:fc:3b:e7:98:3a:0b:2c:e0:1b:2a:ad:89:7d:b1: de:c9:fb:f8:a2:26:0e:dd:12:ae:57:ae:5a:81:14: 41:3c:54:8c:38:e9:56:db:61:8e:c8:33:fe:bf:79: 45:7f:70:73:7a:a0:30:a2:6e:79:78:54:3a:9e:03: 09:4e:dd:9a:86:12:9d:e0:e7:6e:91:de:0e:cb:14: 04:bd:69:3d:98:d2:25:15:6b:ba:90:5b:63:aa:08: b3:d7:74:25:23:90:31:c0:88:84:a5:9e:da:cb:7d: 0f:55:38:12:84:e8:1b:ff:e1:f0:3b:29:1d:54:92: 1c:38:86:b8:1b:f6:51:14:66:65:74:5a:eb:40:d7: 1e:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:68:2D:15:91:88:BF:C0:E8:F6:0B:E2:8E:96:01:22:15:33:F1:A3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4840::/48 Signature Algorithm: sha256WithRSAEncryption b5:84:c7:60:71:a0:1f:19:c9:58:e6:37:19:d6:c3:db:3e:d5: e4:ed:d8:13:7b:eb:f4:aa:09:06:01:05:c1:00:cc:0d:3e:30: 54:52:ce:a0:81:dd:24:f0:83:a2:ba:15:b4:47:93:43:37:18: ae:b7:93:2e:8d:63:66:6c:f0:4b:37:33:62:82:1b:44:b3:d8: 0e:57:0f:65:f8:49:d9:de:2a:23:f4:7e:4f:c2:73:50:d2:3d: 41:ba:81:0e:3e:8b:a7:6c:6f:7a:b2:fd:57:64:f7:65:45:64: c0:32:cb:86:11:a3:2f:e8:6e:64:90:75:fe:32:1d:5f:71:27: 6d:0e:fe:a5:a2:f8:3c:a3:fe:95:eb:41:d0:db:e1:74:d1:03: 31:c6:84:8d:7b:76:42:82:a6:45:c9:7c:b4:2b:f5:af:da:b3: e5:83:09:43:a8:10:ae:9e:57:59:34:59:36:e7:3e:37:fd:c7: 46:e4:c3:5e:34:26:63:62:c4:d3:e7:7d:f4:a0:da:f7:83:54: 56:c2:b2:8d:a2:3c:be:31:cf:64:c1:53:39:e5:a0:25:12:52: d3:ee:1c:4a:d3:fe:ca:70:2a:ca:43:d9:d7:31:f5:3d:53:34: bb:5b:8e:07:36:c8:69:60:35:96:bf:f9:62:fb:ae:1d:9e:bf: dc:12:80:8c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOkySH3wWtFX1pjYLvGZpBKY3f/YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYmE2YWUxODViNzE5NTQyMjUzNDk5 YjlhNzRhODcxZWNlMjM3OGE0NzU3NDAwOTc5ZTgzZWYwZmEzNDJjZWExNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vo8YTOwxusdcBh+0vTaSQnTIzfb 7R1uP/ySNZFuaUwGkThLiDcp6gP7gSernVd+2uWBhqg2hJaqyvRXBR+zjmTOU9ba mwETeHr5R82AneqdTWgdWWMz6L+/Z44YHF3in7mqeUCQzwb/0z0Ym6XqjSgxy3wB qPpf/DvnmDoLLOAbKq2JfbHeyfv4oiYO3RKuV65agRRBPFSMOOlW22GOyDP+v3lF f3BzeqAwom55eFQ6ngMJTt2ahhKd4Odukd4OyxQEvWk9mNIlFWu6kFtjqgiz13Ql I5AxwIiEpZ7ay30PVTgShOgb/+HwOykdVJIcOIa4G/ZRFGZldFrrQNce0QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLtoLRWRiL/A6PYL4o6WASIVM/GjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhZGQxMGI2LTkxMDMtNGMxOS1hOTliLTI0MjM2N2NlOTZiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0hAMA0GCSqGSIb3DQEBCwUAA4IBAQC1hMdgcaAfGclY5jcZ 1sPbPtXk7dgTe+v0qgkGAQXBAMwNPjBUUs6ggd0k8IOiuhW0R5NDNxiut5MujWNm bPBLNzNightEs9gOVw9l+EnZ3ioj9H5PwnNQ0j1BuoEOPounbG96sv1XZPdlRWTA MsuGEaMv6G5kkHX+Mh1fcSdtDv6lovg8o/6V60HQ2+F00QMxxoSNe3ZCgqZFyXy0 K/Wv2rPlgwlDqBCunldZNFk25z43/cdG5MNeNCZjYsTT5330oNr3g1RWwrKNojy+ Mc9kwVM55aAlElLT7hxK0/7KcCrKQ9nXMfU9UzS7W44HNshpYDWWv/li+64dnr/c EoCM -----END CERTIFICATE-----Generated at Wed Feb 5 04:11:57 2025 by rpki-client