$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8b129c9-1c2e-44bc-977b-01a32e0afd20.roa File: a8b129c9-1c2e-44bc-977b-01a32e0afd20.roa (raw, json) Hash identifier: SR+pmEyPw42T/zWIw7PiB5CccGZbkyXM21Y0uLKq3XE= Subject key identifier: 7D:50:03:F7:12:30:62:82:25:7D:A0:C3:2C:E2:90:AB:B3:B7:06:68 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 278C349DA28DD815D83B02E6501DAC0025BA03E6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8b129c9-1c2e-44bc-977b-01a32e0afd20.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:b080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:8c:34:9d:a2:8d:d8:15:d8:3b:02:e6:50:1d:ac:00:25:ba:03:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:39:de:99:e6:39:6c:e9:82:f7:81:45:ad:37: 34:d0:f8:72:ca:aa:84:84:f3:2c:84:f2:b7:84:b6: e9:2f:0d:24:17:9a:08:70:c6:5e:44:5b:18:5e:6b: 4b:78:c8:66:aa:f3:3f:56:00:02:3a:5b:1b:60:8e: 45:da:da:b9:60:49:d4:a2:c8:fe:eb:cb:a9:82:80: dc:21:a9:3f:28:d0:25:d9:45:7a:37:fa:65:3a:ab: 78:9b:b3:22:53:13:38:29:f1:b0:cf:c4:a3:f7:2e: 73:f8:15:93:55:be:31:ec:6f:ad:ff:34:76:7c:64: 14:93:f7:8f:bd:6c:81:e1:c0:69:90:0d:53:b4:47: 14:43:f1:17:db:95:4f:eb:00:cf:f5:5b:45:1c:f6: b0:9c:d0:99:ba:46:03:49:6d:3d:50:6f:d8:81:48: 98:69:58:09:81:58:ed:12:99:09:71:68:db:9d:4f: bb:98:1b:d4:76:5a:02:1f:43:eb:8e:2e:2f:bc:c2: f5:5f:e2:23:8c:72:b0:c9:1d:39:5e:e2:4a:b9:77: 88:b5:d1:1e:2b:70:a3:ab:ec:c0:15:92:ed:1b:e8: 2d:1b:dd:c1:ea:a6:63:a5:c0:c3:ec:de:c8:aa:c1: 30:cb:d8:65:d8:ae:17:6d:22:91:b4:a1:8f:26:c6: 40:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:50:03:F7:12:30:62:82:25:7D:A0:C3:2C:E2:90:AB:B3:B7:06:68 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8b129c9-1c2e-44bc-977b-01a32e0afd20.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:b080::/46 Signature Algorithm: sha256WithRSAEncryption 9e:b5:1a:00:7e:1c:16:54:13:72:66:e0:f2:d8:bb:af:00:b1: 45:86:70:d9:37:03:87:1b:f9:a8:83:1b:b5:63:19:ae:81:2e: bb:c8:60:e7:91:46:1c:c9:ef:a0:e8:d3:72:8e:c7:07:ef:f0: 1a:35:3e:57:39:2d:ed:41:53:9c:04:8b:29:7d:e8:38:5a:92: 1f:ce:64:71:33:81:51:fd:61:6d:49:80:39:59:29:f1:7e:3c: 10:71:92:78:f9:0b:86:6b:88:c7:67:49:a1:33:75:bb:96:95: a3:06:09:e7:ad:03:4a:fe:21:f7:3e:2c:d5:f8:d9:73:15:07: 39:be:e6:27:20:14:68:86:09:8a:c0:a6:e3:0d:41:2e:3a:d2: 3a:80:98:7c:70:46:b1:2c:82:16:3c:2f:22:b3:b2:9c:ad:dd: c8:70:47:60:f6:bb:73:27:3e:6a:2e:9a:72:70:b8:fc:6b:6e: c3:63:1b:7c:dc:41:30:24:a5:8b:c0:e4:45:e8:40:d5:ad:0d: bc:a6:a9:b0:fe:55:3b:59:ad:3d:69:65:58:86:e7:08:de:b9: e4:fd:5f:ee:0e:f6:b1:d4:a6:1b:b3:68:c2:dc:20:4b:b0:2c: 60:a5:ef:1b:c8:5f:ea:d3:0c:b8:19:44:74:3b:a8:d4:be:e8: 1e:27:70:d8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJ4w0naKN2BXYOwLmUB2sACW6A+YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAY2IyNGE1NjRmNDJlNTYyOGI1YTlm ZWQ4ZGI2NjgwNTJlZGMyNjQwYzA4ZDdiMjA5MTc2ODBjY2FiMmYyOWE3NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTnemeY5bOmC94FFrTc00PhyyqqE hPMshPK3hLbpLw0kF5oIcMZeRFsYXmtLeMhmqvM/VgACOlsbYI5F2tq5YEnUosj+ 68upgoDcIak/KNAl2UV6N/plOqt4m7MiUxM4KfGwz8Sj9y5z+BWTVb4x7G+t/zR2 fGQUk/ePvWyB4cBpkA1TtEcUQ/EX25VP6wDP9VtFHPawnNCZukYDSW09UG/YgUiY aVgJgVjtEpkJcWjbnU+7mBvUdloCH0Prji4vvML1X+IjjHKwyR05XuJKuXeItdEe K3Cjq+zAFZLtG+gtG93B6qZjpcDD7N7IqsEwy9hl2K4XbSKRtKGPJsZA7QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFH1QA/cSMGKCJX2gwyzikKuztwZoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4YjEyOWM5LTFjMmUtNDRiYy05NzdiLTAxYTMyZTBhZmQyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaabCAMA0GCSqGSIb3DQEBCwUAA4IBAQCetRoAfhwWVBNyZuDy 2LuvALFFhnDZNwOHG/mogxu1YxmugS67yGDnkUYcye+g6NNyjscH7/AaNT5XOS3t QVOcBIspfeg4WpIfzmRxM4FR/WFtSYA5WSnxfjwQcZJ4+QuGa4jHZ0mhM3W7lpWj BgnnrQNK/iH3PizV+NlzFQc5vuYnIBRohgmKwKbjDUEuOtI6gJh8cEaxLIIWPC8i s7Kcrd3IcEdg9rtzJz5qLppycLj8a27DYxt83EEwJKWLwORF6EDVrQ28pqmw/lU7 Wa09aWVYhucI3rnk/V/uDvax1KYbs2jC3CBLsCxgpe8byF/q0wy4GUR0O6jUvuge J3DY -----END CERTIFICATE-----Generated at Wed Feb 5 03:50:06 2025 by rpki-client