$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa File: acf96eac-505d-42a3-ad3b-20402c0f43ed.roa (raw, json) Hash identifier: 6WFpMVr7HfS0eTaL5nXCyYmOe3ApVE6uMPwZI1voZZA= Subject key identifier: BD:50:0B:67:55:DE:5E:10:89:65:6B:17:56:27:F5:64:C0:02:B7:D4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2302407D89B359569A6979AE43016119178EB117 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa Signing time: Tue 04 Feb 2025 00:00:00 +0000 ROA not before: Tue 04 Feb 2025 00:00:00 +0000 ROA not after: Tue 11 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1d::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:02:40:7d:89:b3:59:56:9a:69:79:ae:43:01:61:19:17:8e:b1:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 4 00:00:00 2025 GMT Not After : Mar 11 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:31:3f:ef:24:b1:30:dc:48:4f:fe:81:15:d2: b0:4d:b7:96:75:4d:df:69:63:a0:66:ea:e9:ab:e1: ba:24:84:63:19:3b:ad:de:02:b8:af:da:95:8e:8f: 12:8e:fb:39:85:46:aa:f6:76:0e:ad:8d:d5:16:05: 97:92:2c:cc:1c:af:5c:eb:78:ab:76:4f:f5:23:e7: 6b:e2:1b:36:60:7e:57:63:38:f4:55:7a:e4:60:40: e8:35:25:a8:7e:f0:26:b3:3f:e3:63:39:8d:db:bc: b0:bd:6f:de:04:5b:84:25:37:ac:ae:be:58:2a:5b: 2e:bc:f5:ff:e7:f6:a9:95:44:dc:56:cc:a4:a8:f5: a9:26:fa:91:18:40:f5:88:95:c9:b0:44:ac:48:94: 6f:a3:b6:de:03:8e:d1:bb:0a:3b:af:56:7f:11:9e: 0a:18:78:89:58:fb:91:c3:a1:8e:23:be:1b:2a:34: 99:55:4c:ab:b3:45:4d:1b:6d:8e:18:a3:d9:12:3a: ba:7f:2d:7b:8e:39:63:b2:00:1e:07:03:69:ed:96: 15:ae:cc:5b:31:a5:71:1f:ff:3c:6d:4c:95:b6:3d: 55:7f:b6:fa:f3:b0:52:67:4b:e6:a6:f5:65:5d:5d: 0f:20:3d:60:db:4d:8e:0f:49:f1:4d:50:e6:40:46: 79:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:50:0B:67:55:DE:5E:10:89:65:6B:17:56:27:F5:64:C0:02:B7:D4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1d::/36 Signature Algorithm: sha256WithRSAEncryption b1:dc:52:23:0d:e1:a8:38:af:a0:73:f2:c0:36:15:b1:8c:a2: 1c:ac:b9:9a:05:36:26:59:e8:64:7c:4c:be:1f:33:8c:5a:b7: ca:f9:cd:68:2c:06:17:42:f8:f2:2b:32:0e:35:81:72:dd:80: 4a:96:1f:81:83:98:ba:a4:60:dd:13:e9:d2:9e:f8:61:4d:df: 65:8f:1b:91:9e:20:d6:4e:df:c0:8b:34:24:5f:43:79:ab:5b: b4:11:3f:3b:90:95:fa:b7:ca:dc:3e:3c:78:ba:bb:5b:e1:c3: d7:8b:2c:53:f9:23:f0:ac:0d:15:4b:7b:78:a2:f2:ec:fd:0c: aa:ed:b4:9f:1a:7b:ae:fd:20:d3:f2:39:40:aa:ad:92:bd:ae: c9:01:c4:53:db:ea:ef:50:f9:f5:1a:ef:e0:b2:32:a7:29:15: e7:f9:9b:4a:8e:d5:e9:43:5f:ba:95:c8:17:c2:bd:b7:8c:c9: 5f:a5:f5:a3:47:48:0f:94:eb:af:85:64:5e:59:ae:51:9a:1f: 66:1b:b4:d7:22:9a:9b:28:7b:89:58:a3:2f:a0:f1:f3:98:8a: 4d:62:76:c2:a4:65:6a:a2:25:70:42:8b:e7:24:42:cb:e6:72: fe:18:ab:25:1e:dd:ac:ad:b9:37:7c:b8:91:b9:e4:e0:32:29: 9a:88:cb:79 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIwJAfYmzWVaaaXmuQwFhGReOsRcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwNDAwMDAwMFoX DTI1MDMxMTIzNTk1OVowejFJMEcGA1UEBRNAMTkxNTAwYjBmNDNlM2M3ZmFmMzRl M2I1MWYzN2IwNjc0ZWRlMjdmYTNmMWM4ZWJkOTgzNDQzMGU4MDhiZWRhZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojE/7ySxMNxIT/6BFdKwTbeWdU3f aWOgZurpq+G6JIRjGTut3gK4r9qVjo8Sjvs5hUaq9nYOrY3VFgWXkizMHK9c63ir dk/1I+dr4hs2YH5XYzj0VXrkYEDoNSWofvAmsz/jYzmN27ywvW/eBFuEJTesrr5Y KlsuvPX/5/aplUTcVsykqPWpJvqRGED1iJXJsESsSJRvo7beA47Ruwo7r1Z/EZ4K GHiJWPuRw6GOI74bKjSZVUyrs0VNG22OGKPZEjq6fy17jjljsgAeBwNp7ZYVrsxb MaVxH/88bUyVtj1Vf7b687BSZ0vmpvVlXV0PID1g202OD0nxTVDmQEZ5MQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL1QC2dV3l4QiWVrF1Yn9WTAArfUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjZjk2ZWFjLTUwNWQtNDJhMy1hZDNiLTIwNDAyYzBmNDNlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaHQAwDQYJKoZIhvcNAQELBQADggEBALHcUiMN4ag4r6Bz8sA2 FbGMohysuZoFNiZZ6GR8TL4fM4xat8r5zWgsBhdC+PIrMg41gXLdgEqWH4GDmLqk YN0T6dKe+GFN32WPG5GeINZO38CLNCRfQ3mrW7QRPzuQlfq3ytw+PHi6u1vhw9eL LFP5I/CsDRVLe3ii8uz9DKrttJ8ae679INPyOUCqrZK9rskBxFPb6u9Q+fUa7+Cy MqcpFef5m0qO1elDX7qVyBfCvbeMyV+l9aNHSA+U66+FZF5ZrlGaH2YbtNcimpso e4lYoy+g8fOYik1idsKkZWqiJXBCi+ckQsvmcv4YqyUe3aytuTd8uJG55OAyKZqI y3k= -----END CERTIFICATE-----Generated at Sun Feb 16 15:42:35 2025 by rpki-client