$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa File: a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa (raw, json) Hash identifier: diJiuBdAm2PtHEa6/Q1SIiF5FqArym5JmpyceOGD4k8= Subject key identifier: 79:74:A0:E9:59:66:C4:D1:6B:51:BA:4C:F8:81:07:C4:4B:CB:04:C1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0DBC1BBFB0FE9A74273E92EC371629A08AD11FBC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4010::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:bc:1b:bf:b0:fe:9a:74:27:3e:92:ec:37:16:29:a0:8a:d1:1f:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:67:73:07:b7:9a:5e:03:a9:81:f7:00:44:19: a7:24:ca:c1:fb:9e:b2:27:24:de:d5:c3:53:42:47: 87:2a:37:fe:4a:53:a0:4a:fe:33:86:15:e6:99:09: 1f:8c:31:79:6a:da:5b:74:be:cc:74:d0:b8:f1:e2: a6:64:41:71:37:e4:d7:10:10:e1:6c:8c:01:3e:0f: 58:22:e2:17:bf:49:ec:cd:b5:1c:fd:76:80:ce:0b: 6e:bb:72:9d:2a:4a:6b:ba:c3:ab:d6:9a:3b:df:c9: ab:02:c7:9f:0b:9f:d6:36:71:56:10:d5:e8:01:b9: 04:ea:f1:6b:c4:b5:b5:ce:fa:43:90:bc:53:69:11: 19:47:d5:16:5c:8f:70:e5:f6:c8:77:06:4f:fc:c5: 06:e2:6f:93:fd:fc:30:b8:d7:ff:ea:36:63:30:2f: 6e:94:14:47:e3:eb:3f:5c:65:bd:ec:a5:fd:68:0b: cd:3f:ac:58:8a:2e:9b:25:78:e0:d1:9f:c2:ce:44: 88:7b:fb:f8:d6:6d:5d:8e:de:9a:e7:4e:8b:5d:54: 9c:2a:d4:8c:22:d2:ad:e0:3b:76:f9:da:e2:64:c3: c2:f9:e1:80:1c:12:d4:c4:b9:52:7d:60:42:22:43: 79:c7:c7:bd:83:37:d0:10:1a:54:9b:4c:34:77:22: 7d:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:74:A0:E9:59:66:C4:D1:6B:51:BA:4C:F8:81:07:C4:4B:CB:04:C1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4010::/48 Signature Algorithm: sha256WithRSAEncryption bd:a1:26:26:d8:6c:bb:e5:89:1c:73:f3:3c:bb:e3:d7:91:54: dc:b7:49:0b:7d:67:9c:58:20:ef:c6:49:cb:fa:04:d3:6d:d2: f8:4b:dc:cf:48:d7:be:b9:0a:8e:d4:8f:92:06:dc:16:49:33: a5:aa:a9:f1:1e:c9:b1:36:80:35:bf:01:c9:6c:47:bb:a1:61: 75:0e:5f:be:f0:d8:77:08:fd:2f:db:c5:6c:90:1a:ed:2f:aa: 9c:62:0e:e1:8d:1e:5a:31:e0:f8:c2:3b:7d:1e:8a:0a:76:b9: 22:dc:71:ea:0c:99:4a:e9:1c:67:53:b1:78:3e:41:6c:b7:47: 87:bd:42:b6:fe:d9:ba:74:72:40:5a:76:3e:18:7a:e5:3e:27: e2:9e:40:51:fe:1e:d9:89:d8:d7:17:8a:a0:14:3b:0c:e1:bb: 7a:65:fd:b8:a8:68:a2:fe:a0:91:59:12:ee:d7:7c:ca:d8:04: 1c:9a:aa:69:98:cf:f0:31:72:01:10:1e:d7:f0:06:f1:74:a2: ce:54:d3:f1:43:03:d2:c7:16:2b:83:97:ee:f7:e6:bf:58:37: 74:f1:53:7c:53:97:d4:95:82:d0:a3:4f:80:31:2e:39:d8:90: dd:c0:54:d2:e9:5d:a8:b7:22:72:99:ab:bd:46:26:aa:e1:95: a3:8a:ba:e5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDbwbv7D+mnQnPpLsNxYpoIrRH7wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZDBlZDM3ODVmMDNlZjAyY2NmYzhi Nzc5YTM1NTJlODk2MGMzZjM2ZDEyYzM5YmFmMWJkNDE5N2UzODhmZTY3NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGdzB7eaXgOpgfcARBmnJMrB+56y JyTe1cNTQkeHKjf+SlOgSv4zhhXmmQkfjDF5atpbdL7MdNC48eKmZEFxN+TXEBDh bIwBPg9YIuIXv0nszbUc/XaAzgtuu3KdKkprusOr1po738mrAsefC5/WNnFWENXo AbkE6vFrxLW1zvpDkLxTaREZR9UWXI9w5fbIdwZP/MUG4m+T/fwwuNf/6jZjMC9u lBRH4+s/XGW97KX9aAvNP6xYii6bJXjg0Z/CzkSIe/v41m1djt6a506LXVScKtSM ItKt4Dt2+driZMPC+eGAHBLUxLlSfWBCIkN5x8e9gzfQEBpUm0w0dyJ9LQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHl0oOlZZsTRa1G6TPiBB8RLywTBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyZTBmOWZmLTViOGItNGI1OS04YmRlLTlmODYxN2NhZGMwNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEAQMA0GCSqGSIb3DQEBCwUAA4IBAQC9oSYm2Gy75Ykcc/M8 u+PXkVTct0kLfWecWCDvxknL+gTTbdL4S9zPSNe+uQqO1I+SBtwWSTOlqqnxHsmx NoA1vwHJbEe7oWF1Dl++8Nh3CP0v28VskBrtL6qcYg7hjR5aMeD4wjt9HooKdrki 3HHqDJlK6RxnU7F4PkFst0eHvUK2/tm6dHJAWnY+GHrlPifinkBR/h7ZidjXF4qg FDsM4bt6Zf24qGii/qCRWRLu13zK2AQcmqppmM/wMXIBEB7X8AbxdKLOVNPxQwPS xxYrg5fu9+a/WDd08VN8U5fUlYLQo0+AMS452JDdwFTS6V2otyJymau9Riaq4ZWj irrl -----END CERTIFICATE-----Generated at Wed Feb 5 03:50:01 2025 by rpki-client