$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c804d9a-be43-4636-8f74-69e695113d21.roa File: 9c804d9a-be43-4636-8f74-69e695113d21.roa (raw, json) Hash identifier: 8moa/jZf9xAcyzl+IrSxFf48JEfgNHkKG9tfydiGMn8= Subject key identifier: A1:DE:32:D5:C9:E3:C4:90:A2:04:A3:D6:07:85:06:E2:BD:0F:CC:CA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0CCB92FE3EFF189E685D735F85DA9BE874641744 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c804d9a-be43-4636-8f74-69e695113d21.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:cb:92:fe:3e:ff:18:9e:68:5d:73:5f:85:da:9b:e8:74:64:17:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:04:c7:e9:64:63:0c:fd:86:f5:49:01:a8:44: 63:3e:c8:18:f6:9b:99:48:bb:ad:1d:28:3e:ff:8c: 17:5a:83:91:7f:81:e5:5e:49:9c:0d:45:38:dc:56: e0:ad:13:dd:9a:d0:eb:8b:2d:d3:b1:60:90:c0:e9: 30:6c:bb:59:96:47:6c:fa:86:76:ab:b5:ce:df:bd: 5a:4d:8e:0b:18:c9:4d:07:f9:3b:f7:06:c0:61:f9: bf:bd:f9:a6:ef:69:2e:a4:83:4c:c7:38:3c:c0:00: 40:c7:75:ee:4b:6c:00:dc:b9:eb:06:62:b3:10:a0: 20:a4:af:c4:20:5d:6e:bb:67:b0:ba:e8:95:64:37: 5c:b7:06:44:12:d9:cc:0a:6c:59:a4:28:3a:ff:16: b8:2d:8e:90:68:58:7b:91:7f:30:3f:4f:98:41:19: 10:31:9f:54:8a:f6:fd:05:e0:97:a7:77:3f:25:bb: 3f:2f:df:12:4a:2a:7d:9a:d1:45:d2:6f:93:2a:b7: 37:cd:7c:26:0a:8a:d2:21:b7:26:11:34:01:dc:4a: 78:d7:35:4d:da:4e:69:6f:a0:9e:08:13:6d:50:64: 67:bd:35:96:c5:3b:4b:90:bb:78:b0:79:c9:e3:b9: 27:db:ea:68:31:e7:93:ac:d9:1a:e2:d9:80:12:d1: 0a:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:DE:32:D5:C9:E3:C4:90:A2:04:A3:D6:07:85:06:E2:BD:0F:CC:CA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c804d9a-be43-4636-8f74-69e695113d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:7000::/40 Signature Algorithm: sha256WithRSAEncryption 21:7b:9e:89:e7:4a:62:c9:29:da:d6:9b:0b:f2:18:15:bf:66: d9:21:8f:eb:46:61:74:e7:49:38:b2:be:4b:93:b6:b6:46:23: 77:6f:d8:c2:30:59:79:41:7b:39:17:dc:27:c2:5f:fd:cc:13: aa:57:28:15:a0:15:18:51:99:d2:d6:ad:cd:9d:5b:5c:e2:b2: c9:5f:1f:3d:74:fe:2a:99:e9:95:1d:0c:ca:37:6b:35:ac:4a: 04:4b:96:20:24:a1:44:db:1f:c8:9e:0f:7f:fe:a4:0b:0b:96: 37:66:66:f6:c8:54:86:e0:b8:48:75:fc:fb:1e:28:0f:8d:c6: f1:b3:e0:48:80:50:8d:f1:06:78:ab:43:5e:f5:5b:24:0b:b7: 44:8c:a5:a5:db:32:f3:d3:4f:d7:70:d8:b2:14:02:99:61:38: 2d:df:d9:6c:0d:ea:82:97:5e:d3:16:e3:60:72:3b:86:20:2f: 70:ad:08:e8:7a:71:c5:83:92:8d:53:6a:41:79:a6:73:01:4e: 31:75:58:b5:52:2b:ca:fd:07:5b:80:f7:67:f9:41:b4:f6:a7: ed:91:17:09:3d:cd:96:37:db:40:36:79:18:90:2e:e9:7a:8c: 28:f2:5d:e0:c4:ec:b7:ac:fa:48:25:b4:84:c0:a8:27:ba:27: 68:fb:f5:a0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDMuS/j7/GJ5oXXNfhdqb6HRkF0QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZDU4M2E0ODBlNzNiYTgxMGY1ZjZl ZDZlYzdlNjEyMzgxMzExZDRlMzdiYzA4MzkwNDY1YjkxNTI1YzZmNWVmNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzATH6WRjDP2G9UkBqERjPsgY9puZ SLutHSg+/4wXWoORf4HlXkmcDUU43FbgrRPdmtDriy3TsWCQwOkwbLtZlkds+oZ2 q7XO371aTY4LGMlNB/k79wbAYfm/vfmm72kupINMxzg8wABAx3XuS2wA3LnrBmKz EKAgpK/EIF1uu2ewuuiVZDdctwZEEtnMCmxZpCg6/xa4LY6QaFh7kX8wP0+YQRkQ MZ9Uivb9BeCXp3c/Jbs/L98SSip9mtFF0m+TKrc3zXwmCorSIbcmETQB3Ep41zVN 2k5pb6CeCBNtUGRnvTWWxTtLkLt4sHnJ47kn2+poMeeTrNka4tmAEtEKAwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKHeMtXJ48SQogSj1geFBuK9D8zKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzljODA0ZDlhLWJlNDMtNDYzNi04Zjc0LTY5ZTY5NTExM2QyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba93AwDQYJKoZIhvcNAQELBQADggEBACF7nonnSmLJKdrWmwvy GBW/Ztkhj+tGYXTnSTiyvkuTtrZGI3dv2MIwWXlBezkX3CfCX/3ME6pXKBWgFRhR mdLWrc2dW1zisslfHz10/iqZ6ZUdDMo3azWsSgRLliAkoUTbH8ieD3/+pAsLljdm ZvbIVIbguEh1/PseKA+NxvGz4EiAUI3xBnirQ171WyQLt0SMpaXbMvPTT9dw2LIU AplhOC3f2WwN6oKXXtMW42ByO4YgL3CtCOh6ccWDko1TakF5pnMBTjF1WLVSK8r9 B1uA92f5QbT2p+2RFwk9zZY320A2eRiQLul6jCjyXeDE7Les+kgltITAqCe6J2j7 9aA= -----END CERTIFICATE-----Generated at Wed Feb 5 04:10:39 2025 by rpki-client