$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa File: a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa (raw, json) Hash identifier: KsEMS7kllbNHSlWT4dCGbm3tsDRWocs4tvwKUnQWiZ8= Subject key identifier: F9:39:FA:21:3C:2E:D8:F8:91:1A:B2:24:EB:0C:BB:D7:31:01:60:16 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 20FCD5460D565539677DD6EBCFEE7536C408CD5B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa Signing time: Fri 21 Feb 2025 00:00:08 +0000 ROA not before: Fri 21 Feb 2025 00:00:08 +0000 ROA not after: Fri 28 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da21::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 17 Mar 2025 16:37:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:fc:d5:46:0d:56:55:39:67:7d:d6:eb:cf:ee:75:36:c4:08:cd:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 21 00:00:08 2025 GMT Not After : Mar 28 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:59:21:3b:22:be:3e:04:c2:1d:3a:54:2f:13: 6e:15:1a:65:5b:5d:02:21:b0:f8:5b:b7:85:0c:93: 7e:3c:64:f0:f5:75:00:63:87:30:b3:7c:a7:f3:bb: 5f:11:d4:58:71:3d:6e:48:fe:7c:42:d6:bc:d6:01: 05:9b:64:a3:3b:c9:09:27:b7:a1:27:dd:35:dc:85: ef:98:5b:c0:09:7e:ee:ba:84:f9:95:48:e4:03:c0: 2e:57:9d:ad:df:77:e8:9c:d5:d3:7d:ad:0b:43:7f: 10:d1:69:a1:6b:5b:fb:02:5e:7b:eb:1e:c6:b5:3a: 7b:9f:74:81:35:fc:55:49:fa:3d:1a:04:87:85:03: ea:70:e5:e6:2c:cb:86:9a:c7:73:fa:59:52:4f:85: 33:56:1c:52:03:c4:6e:1c:1a:ea:df:3d:ae:02:08: 83:7b:32:2a:d2:2a:de:0d:f8:d5:e2:d0:02:ff:bc: db:e1:08:fc:33:52:a9:97:d9:24:6a:04:88:35:9c: f9:35:7c:ff:80:f9:cb:a4:b5:e7:4e:1d:78:6c:dd: e4:9d:f5:9c:65:37:bb:f1:9b:44:84:39:5b:c9:05: a2:48:d6:35:5d:af:f9:2a:3f:ed:4d:b0:58:8c:07: 6f:1f:30:fd:ae:f3:1a:1e:14:49:92:8a:4f:45:bb: 42:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:39:FA:21:3C:2E:D8:F8:91:1A:B2:24:EB:0C:BB:D7:31:01:60:16 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da21::/36 Signature Algorithm: sha256WithRSAEncryption 5b:34:52:8b:6f:f2:09:ec:23:24:f8:4f:3b:23:89:64:cb:7c: 1d:93:e5:e4:52:6a:24:16:50:5a:c0:61:0c:30:3c:c6:bb:a0: 5d:21:5d:54:8d:0b:c2:4c:72:7f:f4:d7:64:14:8e:c5:82:4a: da:36:fc:a1:c9:d0:72:cf:6d:12:37:aa:0b:e0:ef:ca:62:89: 7e:47:36:27:99:36:6a:af:f6:d6:99:35:c8:9c:f1:32:b2:ba: 19:e0:95:4f:0a:07:49:76:ce:3a:0a:90:c8:ce:56:5c:99:b0: 79:f2:24:25:92:56:1f:64:3f:f9:76:c9:fb:d4:ed:1b:1e:33: 44:fd:cf:14:44:cf:46:2b:3d:2b:42:81:f7:12:7e:59:e4:a4: 16:9c:27:29:a7:f5:5c:49:ba:7f:30:6e:df:56:01:d8:ad:32: 51:32:8d:b7:54:e0:9b:e9:ac:ee:66:80:7b:8e:fb:13:22:00: 76:fc:e5:8a:ba:57:8b:3f:5e:73:6b:0c:83:71:cf:6b:e7:05: 21:1c:94:6c:0c:af:02:25:f2:21:82:2c:d3:8d:4d:ac:74:51: 1b:19:99:7f:25:20:f2:23:aa:06:be:27:eb:06:b4:09:b1:e1: 95:df:88:b5:b6:6c:dc:96:af:41:d6:28:2a:5c:e8:23:89:47: d1:78:77:3a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIPzVRg1WVTlnfdbrz+51NsQIzVswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIyMTAwMDAwOFoX DTI1MDMyODIzNTk1OVowejFJMEcGA1UEBRNANTNlYTI2Zjk1MjYxNTY0ZDc3MTE5 MmY4NWE5OWMzMGNjYTI3YmI5NzMwYzEzMDg5ZGFjOWU0ZDgzYTM3Mzk0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVkhOyK+PgTCHTpULxNuFRplW10C IbD4W7eFDJN+PGTw9XUAY4cws3yn87tfEdRYcT1uSP58Qta81gEFm2SjO8kJJ7eh J9013IXvmFvACX7uuoT5lUjkA8AuV52t33fonNXTfa0LQ38Q0Wmha1v7Al576x7G tTp7n3SBNfxVSfo9GgSHhQPqcOXmLMuGmsdz+llST4UzVhxSA8RuHBrq3z2uAgiD ezIq0ireDfjV4tAC/7zb4Qj8M1Kpl9kkagSINZz5NXz/gPnLpLXnTh14bN3knfWc ZTe78ZtEhDlbyQWiSNY1Xa/5Kj/tTbBYjAdvHzD9rvMaHhRJkopPRbtCPwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPk5+iE8Ltj4kRqyJOsMu9cxAWAWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyNTE0ZmUzLTU3NzktNDE3NC1iYTYyLTJhMTllMGM3ZGRmOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaIQAwDQYJKoZIhvcNAQELBQADggEBAFs0Uotv8gnsIyT4Tzsj iWTLfB2T5eRSaiQWUFrAYQwwPMa7oF0hXVSNC8JMcn/012QUjsWCSto2/KHJ0HLP bRI3qgvg78piiX5HNieZNmqv9taZNcic8TKyuhnglU8KB0l2zjoKkMjOVlyZsHny JCWSVh9kP/l2yfvU7RseM0T9zxREz0YrPStCgfcSflnkpBacJymn9VxJun8wbt9W AditMlEyjbdU4JvprO5mgHuO+xMiAHb85Yq6V4s/XnNrDINxz2vnBSEclGwMrwIl 8iGCLNONTax0URsZmX8lIPIjqga+J+sGtAmx4ZXfiLW2bNyWr0HWKCpc6COJR9F4 dzo= -----END CERTIFICATE-----Generated at Thu Mar 13 23:49:09 2025 by rpki-client