$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8058c69-4025-477b-844b-ad5268c2470c.roa File: a8058c69-4025-477b-844b-ad5268c2470c.roa (raw, json) Hash identifier: BPvNC6JjhrPttsSHSaaPRWPaahgyg2dIwZrSBcO6hVs= Subject key identifier: 26:DA:14:CC:98:33:4A:06:FD:CD:FE:67:0F:AC:05:05:8F:DA:BD:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0D8C660BA724867D5FE3BBDD036DF87E268036CD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8058c69-4025-477b-844b-ad5268c2470c.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:8840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:8c:66:0b:a7:24:86:7d:5f:e3:bb:dd:03:6d:f8:7e:26:80:36:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:9e:a9:d8:99:d1:6e:9e:f9:27:92:b5:81:b8: 25:b9:71:4d:62:aa:c2:47:9e:25:06:71:06:5b:89: ce:6d:77:a9:26:94:93:27:8c:da:70:0a:aa:c8:63: a1:49:f4:c6:5e:e7:5a:c8:13:be:2d:72:98:b9:c6: 7f:f6:12:85:0a:8c:32:8e:29:96:00:8a:50:f9:9f: da:dc:82:8e:97:c9:7f:14:77:60:33:2c:4f:56:d4: e4:a1:86:09:8e:db:ff:09:9f:14:2c:78:52:8c:4b: f5:94:ca:b8:88:ce:d9:14:f6:73:c3:f6:91:ce:e9: 2d:2e:c7:7c:2a:d5:06:05:75:19:0a:e5:c8:1b:44: 58:57:d3:46:7a:73:dd:01:30:0a:28:eb:e8:c9:0f: a8:10:45:7c:9e:a9:0a:83:99:62:59:c9:0c:49:d5: 93:e7:65:fa:d9:62:2e:b5:92:98:f5:63:e6:62:00: 3b:4d:a1:96:c4:48:51:09:98:c9:9b:fd:68:8c:fb: d3:96:9e:df:b2:24:e9:9f:9d:6b:80:60:65:44:fe: 12:c9:a9:31:d9:b1:5e:03:27:ca:d2:21:48:e5:2d: ae:6e:3c:30:ae:3f:9a:5b:6c:4e:0f:32:1b:84:3e: 71:b8:30:e2:da:c1:4a:b5:43:2d:36:e2:6d:56:05: 08:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:DA:14:CC:98:33:4A:06:FD:CD:FE:67:0F:AC:05:05:8F:DA:BD:B7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8058c69-4025-477b-844b-ad5268c2470c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:8840::/48 Signature Algorithm: sha256WithRSAEncryption 8f:0a:52:00:1d:59:5e:dd:51:cd:26:43:25:8d:fe:c2:d2:8d: 25:f1:8e:11:24:1b:a8:b4:8f:ab:c2:05:fc:08:2e:20:dc:1e: 06:a8:02:d1:16:1a:2e:e1:b4:c4:f8:5f:a2:1e:74:5a:51:9b: 1f:99:f4:9e:7e:82:36:85:35:40:98:2b:95:4f:e6:9a:54:fa: 7b:21:19:55:80:d5:91:3c:f7:3a:cd:93:6f:ff:01:b3:ba:26: e2:0d:63:07:52:2e:44:c0:6c:14:68:cb:d0:13:ed:83:fc:5e: 18:be:5e:df:25:f0:65:32:42:49:ba:81:14:93:e1:a8:6a:1f: df:21:79:09:11:4c:2b:b3:ed:41:b1:18:b6:5c:66:ed:c1:98: 2e:fb:89:79:3e:fd:d3:74:5a:7f:d9:23:ab:3e:f6:f1:92:48: ed:0a:bd:11:fe:91:cf:b1:03:45:43:12:a9:ab:0f:75:c8:3e: 57:0e:f3:e0:35:a3:51:50:3f:41:36:67:29:fb:36:89:08:5a: be:e6:52:e0:f9:6b:6b:99:13:a7:ca:fe:ca:0c:35:9e:c6:12: e9:7e:35:35:5b:7a:25:0e:47:33:ee:6b:98:51:1e:7a:bb:25: 8b:c8:02:24:93:82:5e:3b:d0:42:1b:d3:40:f5:a9:38:18:71: 34:1e:44:91 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDYxmC6ckhn1f47vdA234fiaANs0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZmJhOTc0OTJlZTMxN2U3NWUyNzgx NjhlMDhlMmMxNjY4MTk1OGVlYmIzOWRjZmM1ZTFiZGQ3NzliNTIzZjkyMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup6p2JnRbp75J5K1gbgluXFNYqrC R54lBnEGW4nObXepJpSTJ4zacAqqyGOhSfTGXudayBO+LXKYucZ/9hKFCowyjimW AIpQ+Z/a3IKOl8l/FHdgMyxPVtTkoYYJjtv/CZ8ULHhSjEv1lMq4iM7ZFPZzw/aR zuktLsd8KtUGBXUZCuXIG0RYV9NGenPdATAKKOvoyQ+oEEV8nqkKg5liWckMSdWT 52X62WIutZKY9WPmYgA7TaGWxEhRCZjJm/1ojPvTlp7fsiTpn51rgGBlRP4Syakx 2bFeAyfK0iFI5S2ubjwwrj+aW2xODzIbhD5xuDDi2sFKtUMtNuJtVgUICwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCbaFMyYM0oG/c3+Zw+sBQWP2r23MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4MDU4YzY5LTQwMjUtNDc3Yi04NDRiLWFkNTI2OGMyNDcwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOIhAMA0GCSqGSIb3DQEBCwUAA4IBAQCPClIAHVle3VHNJkMl jf7C0o0l8Y4RJBuotI+rwgX8CC4g3B4GqALRFhou4bTE+F+iHnRaUZsfmfSefoI2 hTVAmCuVT+aaVPp7IRlVgNWRPPc6zZNv/wGzuibiDWMHUi5EwGwUaMvQE+2D/F4Y vl7fJfBlMkJJuoEUk+Goah/fIXkJEUwrs+1BsRi2XGbtwZgu+4l5Pv3TdFp/2SOr PvbxkkjtCr0R/pHPsQNFQxKpqw91yD5XDvPgNaNRUD9BNmcp+zaJCFq+5lLg+Wtr mROnyv7KDDWexhLpfjU1W3olDkcz7muYUR56uyWLyAIkk4JeO9BCG9NA9ak4GHE0 HkSR -----END CERTIFICATE-----Generated at Wed Feb 5 04:07:59 2025 by rpki-client