$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa File: 9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa (raw, json) Hash identifier: oXCVdw3s5JrzvVZUoE2yI2Tm3HM4OCU5vA57mI1epMM= Subject key identifier: 79:8E:6C:96:60:35:61:DB:4D:22:09:B5:64:6B:CE:BF:98:D8:C7:09 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0CD9F024CCA4E34E1346A8E699FDFBBC2A522B16 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:1040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:d9:f0:24:cc:a4:e3:4e:13:46:a8:e6:99:fd:fb:bc:2a:52:2b:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:f3:fb:26:5a:07:5e:2b:d0:53:99:3c:50:49: 50:ca:1e:53:b6:d5:35:d5:65:a6:93:04:62:2b:0b: 0f:ed:98:d9:b9:1e:e4:0a:df:f2:9e:1e:90:12:20: 24:e1:ac:3a:e9:43:4d:2c:25:1f:63:12:a1:f7:63: 84:13:21:63:54:4e:0a:a1:dd:b8:d3:a8:1a:5b:13: 80:1a:da:40:af:47:da:6a:66:af:b5:dc:d1:08:12: 07:11:97:31:f2:e6:c7:5d:e9:78:df:8d:9b:ce:52: 5c:06:e5:23:1a:bd:5c:5f:05:29:b3:49:c4:63:c5: e3:d0:2f:2d:ab:47:c0:3c:66:e6:4b:f7:2f:2b:0e: 41:13:9b:28:7e:5c:c7:12:5a:49:f9:04:80:de:ae: 28:21:04:7c:1a:e2:b8:f8:35:4c:1f:c7:c0:eb:86: 29:0a:23:98:de:9b:db:2d:29:4c:60:5e:b8:af:8a: f1:54:66:bf:88:81:f7:7a:d1:96:a9:7a:29:8c:71: 26:a5:24:31:63:32:1e:a8:b6:d3:1f:27:40:e3:5d: 7e:8e:a4:ca:8d:bb:a0:57:91:8d:78:26:51:63:3d: 3e:87:b2:e1:b5:dc:25:25:63:cc:7e:03:cb:0d:f7: 75:d1:76:4f:4b:84:74:0e:b5:4c:0d:01:81:27:ff: 57:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:8E:6C:96:60:35:61:DB:4D:22:09:B5:64:6B:CE:BF:98:D8:C7:09 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:1040::/46 Signature Algorithm: sha256WithRSAEncryption 87:77:c6:c1:22:cf:d8:82:b2:b6:8d:99:95:f1:27:49:d1:26: 8e:eb:f4:84:9c:2b:c6:bf:fb:04:97:27:46:08:9a:30:78:ae: 61:92:b5:18:a5:4a:f7:95:c4:13:36:97:4f:71:08:b5:10:ef: 7e:e6:97:2f:ca:49:f0:cb:59:85:0d:60:cf:66:4d:5a:a6:9a: ee:b7:58:f5:3a:c4:32:61:78:e3:97:3b:aa:53:f8:0f:4d:00: 73:c5:19:73:af:9b:1d:25:e4:da:0a:50:0b:19:a3:88:97:39: 9f:9e:0e:41:8b:ea:06:04:9d:5c:6f:be:9f:8e:32:12:2b:31: 7d:98:a3:7a:a4:6c:6f:cb:d1:c7:85:dc:53:9d:b9:b2:ad:3a: 92:e7:7b:02:1f:0f:eb:6f:e0:94:37:fd:90:a8:67:38:5a:8a: b9:44:ac:ff:32:1b:4d:f8:f8:b9:71:46:8e:08:bb:9f:5a:25: c5:08:20:dc:67:7b:17:77:fb:51:d0:12:2c:bb:1b:1a:5c:b4: a7:da:31:ce:54:82:e6:fd:f3:b6:cc:67:97:87:2a:07:8a:84: 75:00:ce:e0:60:2a:7e:8c:0e:7c:23:1b:b6:73:a8:de:81:bd: 46:54:43:9d:14:14:78:e5:bd:21:32:43:36:91:61:cc:de:04: b4:56:54:d9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDNnwJMyk404TRqjmmf37vCpSKxYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAODNlNGQyM2VlZDg0ZWZmNjNmODEy Y2Y3Y2IzYWFkYjI4YmFmN2EzNDM5NTFhMWQxMzVmYWVjZDE2NDQ3MzhjYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vP7JloHXivQU5k8UElQyh5TttU1 1WWmkwRiKwsP7ZjZuR7kCt/ynh6QEiAk4aw66UNNLCUfYxKh92OEEyFjVE4Kod24 06gaWxOAGtpAr0faamavtdzRCBIHEZcx8ubHXel4342bzlJcBuUjGr1cXwUps0nE Y8Xj0C8tq0fAPGbmS/cvKw5BE5soflzHElpJ+QSA3q4oIQR8GuK4+DVMH8fA64Yp CiOY3pvbLSlMYF64r4rxVGa/iIH3etGWqXopjHEmpSQxYzIeqLbTHydA411+jqTK jbugV5GNeCZRYz0+h7LhtdwlJWPMfgPLDfd10XZPS4R0DrVMDQGBJ/9XEQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHmObJZgNWHbTSIJtWRrzr+Y2McJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzllYmU4YmI5LWMzYWYtNDQ1OC1iMDE4LWI2YjU5NTQ2YTg2YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba9xBAMA0GCSqGSIb3DQEBCwUAA4IBAQCHd8bBIs/YgrK2jZmV 8SdJ0SaO6/SEnCvGv/sElydGCJoweK5hkrUYpUr3lcQTNpdPcQi1EO9+5pcvyknw y1mFDWDPZk1apprut1j1OsQyYXjjlzuqU/gPTQBzxRlzr5sdJeTaClALGaOIlzmf ng5Bi+oGBJ1cb76fjjISKzF9mKN6pGxvy9HHhdxTnbmyrTqS53sCHw/rb+CUN/2Q qGc4Woq5RKz/MhtN+Pi5cUaOCLufWiXFCCDcZ3sXd/tR0BIsuxsaXLSn2jHOVILm /fO2zGeXhyoHioR1AM7gYCp+jA58Ixu2c6jegb1GVEOdFBR45b0hMkM2kWHM3gS0 VlTZ -----END CERTIFICATE-----Generated at Wed Feb 5 04:06:59 2025 by rpki-client