$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a41ae715-9e63-4e83-af61-a9364bcaac32.roa File: a41ae715-9e63-4e83-af61-a9364bcaac32.roa (raw, json) Hash identifier: yQqv/ePFrfW6UyaZdjSXoER4x9Gff+nk8JR5N0ypC+Q= Subject key identifier: 64:D4:93:85:EA:D9:54:E5:B5:4C:B1:7B:56:A0:11:C4:9E:FE:D0:2A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0D248440D2BBE1D08A4803EE95AB4FAD8676CC9E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a41ae715-9e63-4e83-af61-a9364bcaac32.roa Signing time: Fri 17 Jan 2025 00:00:00 +0000 ROA not before: Fri 17 Jan 2025 00:00:00 +0000 ROA not after: Fri 21 Feb 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:24:84:40:d2:bb:e1:d0:8a:48:03:ee:95:ab:4f:ad:86:76:cc:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 17 00:00:00 2025 GMT Not After : Feb 21 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:3e:23:41:4f:99:4c:31:66:61:cc:a8:ab:01: c3:38:02:4b:ff:e2:35:57:e2:cb:11:04:73:9a:9a: d7:83:45:ee:d9:e1:9f:6b:2f:8c:47:69:1b:ad:65: ca:eb:d3:1a:56:a9:2a:d1:86:41:bb:34:78:f5:0c: 70:f3:eb:e9:3d:44:35:d4:d2:54:ec:3a:0c:26:d5: ec:b7:a3:00:93:6a:1a:b9:fa:83:79:40:de:96:ae: aa:1a:05:00:10:08:74:7d:31:64:6f:4a:1c:fb:bd: c4:cf:06:bd:62:cd:ad:6a:eb:7d:b7:45:8f:e6:6b: 34:be:e0:2e:1f:41:3f:30:db:66:91:bc:f2:9a:cf: b1:d4:c9:d5:c6:5a:6c:43:69:40:15:f9:00:41:97: e5:d1:df:7f:e0:0c:ff:1f:68:65:b7:c0:a7:41:d0: 37:b9:01:98:bf:d0:5d:8c:80:0e:82:6c:b2:7d:77: eb:4c:3e:06:20:f9:cc:90:49:c2:bc:57:f3:b0:7e: 64:23:50:79:51:05:17:09:b5:25:5c:d7:11:1d:6c: 32:0f:da:7b:a8:86:02:09:82:d4:04:cc:ef:80:14: 53:e3:15:85:c4:64:c2:16:94:49:c8:72:2e:34:f4: 0d:6f:07:d6:f5:8c:4b:b6:fb:47:fd:71:99:9b:35: 8e:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:D4:93:85:EA:D9:54:E5:B5:4C:B1:7B:56:A0:11:C4:9E:FE:D0:2A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a41ae715-9e63-4e83-af61-a9364bcaac32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60::/32 Signature Algorithm: sha256WithRSAEncryption 82:96:56:61:07:61:22:34:1c:10:86:2c:b6:1a:86:54:47:28: a3:2d:6d:c2:d5:af:f7:61:4d:22:d5:52:bf:41:32:05:3b:f9: 9b:8a:d1:3b:c0:fe:01:0d:59:8a:5f:93:9c:52:9e:25:e9:c2: 7c:96:77:dd:30:60:e1:d7:4b:06:55:59:ce:48:2f:76:56:55: f9:81:69:c2:d1:d7:b6:e2:66:ba:92:44:67:24:62:a2:ac:21: 7f:4d:f0:f3:82:07:86:2e:26:3b:57:e7:2e:97:8a:d7:a3:0a: 5f:b4:e2:b4:49:51:59:1e:af:60:a4:d3:90:e4:8f:7e:96:ed: db:2d:67:e0:ea:23:7b:03:c9:9f:fc:a1:ba:74:70:1e:ba:14: ec:b7:a5:69:51:84:96:84:43:40:6a:5b:85:b5:e1:ef:09:f8: af:3e:03:8c:bd:1f:7c:01:3e:42:5c:88:82:bf:f9:f2:25:d2: 6c:70:1f:aa:d1:31:18:ed:ee:b3:8d:86:13:82:11:b3:78:8a: 96:7b:1d:a9:c7:78:20:25:3b:89:2b:08:22:77:ca:b0:ac:c3: de:38:d8:24:10:78:f9:c5:bd:9a:ec:e6:50:ae:2b:11:28:fd: 5f:bc:93:8c:86:03:79:02:3e:7c:39:43:9a:de:e2:8a:8e:51: f0:c2:78:55 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUDSSEQNK74dCKSAPulatPrYZ2zJ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExNzAwMDAwMFoX DTI1MDIyMTIzNTk1OVowejFJMEcGA1UEBRNANTljODAwNWRlMTM2NWQzNGViNjkz ZWExYjMwMDQ0NWU2MDU2YzBmMWI4ZjVlNmEzYTAwMzBmNjViMTJiMWU1ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD4jQU+ZTDFmYcyoqwHDOAJL/+I1 V+LLEQRzmprXg0Xu2eGfay+MR2kbrWXK69MaVqkq0YZBuzR49Qxw8+vpPUQ11NJU 7DoMJtXst6MAk2oaufqDeUDelq6qGgUAEAh0fTFkb0oc+73Ezwa9Ys2taut9t0WP 5ms0vuAuH0E/MNtmkbzyms+x1MnVxlpsQ2lAFfkAQZfl0d9/4Az/H2hlt8CnQdA3 uQGYv9BdjIAOgmyyfXfrTD4GIPnMkEnCvFfzsH5kI1B5UQUXCbUlXNcRHWwyD9p7 qIYCCYLUBMzvgBRT4xWFxGTCFpRJyHIuNPQNbwfW9YxLtvtH/XGZmzWOcQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFGTUk4Xq2VTltUyxe1agEcSe/tAqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E0MWFlNzE1LTllNjMtNGU4My1hZjYxLWE5MzY0YmNhYWMzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaYDANBgkqhkiG9w0BAQsFAAOCAQEAgpZWYQdhIjQcEIYsthqG VEcooy1twtWv92FNItVSv0EyBTv5m4rRO8D+AQ1Zil+TnFKeJenCfJZ33TBg4ddL BlVZzkgvdlZV+YFpwtHXtuJmupJEZyRioqwhf03w84IHhi4mO1fnLpeK16MKX7Ti tElRWR6vYKTTkOSPfpbt2y1n4OojewPJn/yhunRwHroU7LelaVGEloRDQGpbhbXh 7wn4rz4DjL0ffAE+QlyIgr/58iXSbHAfqtExGO3us42GE4IRs3iKlnsdqcd4ICU7 iSsIInfKsKzD3jjYJBB4+cW9muzmUK4rESj9X7yTjIYDeQI+fDlDmt7iio5R8MJ4 VQ== -----END CERTIFICATE-----Generated at Wed Feb 5 04:12:24 2025 by rpki-client