$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ade3dab3-e842-4ec1-9bdb-aba4a2fddab4.roa File: ade3dab3-e842-4ec1-9bdb-aba4a2fddab4.roa (raw, json) Hash identifier: bDdcWXEMge1kczNDX148i0uptGn1XGSoJlNLMnITWnk= Subject key identifier: 35:E8:7B:7B:3A:42:E0:5A:A9:5E:C5:DD:36:37:2A:74:EF:B6:36:97 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1D514AEB08CB48FDEC559C6A9F05029CF58E46FF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ade3dab3-e842-4ec1-9bdb-aba4a2fddab4.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:51:4a:eb:08:cb:48:fd:ec:55:9c:6a:9f:05:02:9c:f5:8e:46:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ec:95:31:44:a5:3b:89:8e:3f:88:e5:40:23: 05:5a:32:69:fb:a2:d8:44:34:98:9f:51:e2:c7:ec: 4e:1c:4e:fb:2d:b0:86:e7:7e:38:5a:a5:46:e4:a6: 12:de:ff:06:fb:57:fa:ee:4e:d6:b1:d9:78:cf:28: e3:3c:89:22:79:77:f0:b0:da:6d:3d:ed:94:40:6d: d5:1c:f9:a7:6c:ac:5d:f9:e4:2f:69:8d:bd:02:58: 1c:a8:5f:db:a9:f1:1b:1a:c5:18:aa:85:2a:fc:40: 75:bc:b9:a6:a5:f2:e8:d5:41:b3:44:4e:00:94:4e: 25:22:e3:a1:6d:5a:af:c7:40:76:78:b3:c6:b4:92: 54:a7:d9:46:77:51:f9:1f:88:89:b7:bd:e5:39:90: 63:15:2d:ec:50:86:a0:4b:cc:7c:34:7b:c9:88:0e: 37:2d:2d:83:04:0e:41:41:37:47:55:d8:dd:ac:ff: ec:6b:e5:97:75:3d:4d:a4:8b:2b:b5:f9:9c:d2:7f: 72:62:d3:a0:e8:f6:67:e0:49:be:50:22:21:fa:a6: 5d:96:d9:12:87:5d:16:59:2a:75:99:ca:19:5a:cd: 03:f5:41:45:59:91:49:07:5f:5a:3d:19:e9:2d:8f: 18:0b:02:cf:b0:11:0b:40:ab:37:0f:c7:57:40:28: ac:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:E8:7B:7B:3A:42:E0:5A:A9:5E:C5:DD:36:37:2A:74:EF:B6:36:97 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ade3dab3-e842-4ec1-9bdb-aba4a2fddab4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c080::/48 Signature Algorithm: sha256WithRSAEncryption 22:c9:ef:61:e2:67:a4:1e:dc:76:02:56:31:cb:dc:ea:d4:25: a8:90:44:78:fe:f4:30:89:00:cd:e9:fb:30:14:ac:ca:d2:94: 6c:5d:11:3c:40:39:53:43:f2:c7:8a:bc:8c:bb:33:3b:aa:d9: 97:e7:b3:db:24:1a:42:bd:f0:e1:8c:25:98:20:bc:5b:4d:ff: 14:12:41:ab:da:7f:ee:ca:9d:41:9e:89:64:1c:e6:06:31:7c: a5:1b:b3:db:9a:0c:1e:06:46:7d:aa:20:f0:c7:77:a3:ab:b2: 69:bc:38:82:15:36:2d:fb:29:bc:d2:11:17:f4:6a:fa:61:2a: c7:84:4f:2d:91:f4:46:fb:0c:e8:5c:f3:a6:01:c9:a3:03:a4: 08:b6:12:9c:57:9c:49:a4:cc:da:1d:0b:6b:08:5a:0f:f7:46: f4:23:23:88:23:3b:93:75:be:e9:a9:86:c6:27:15:31:fa:7c: 70:96:1f:a2:e5:3f:44:1f:35:0a:fd:0e:dd:fb:e2:07:ce:3b: 14:32:97:6f:d0:97:ec:5f:74:b9:af:66:22:fa:74:2a:57:13: dc:89:c4:ad:51:01:1b:2f:2c:39:09:fc:06:ca:65:42:de:f9: cb:22:f4:dd:8c:82:ed:84:9c:b0:eb:5d:07:74:89:44:26:03: 7d:15:fe:9f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHVFK6wjLSP3sVZxqnwUCnPWORv8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNANDk5NDk5NjZjOWJmNWI3NTgzMjc5 ZDI4YmJkOWM4MzFmNzhkMDY4YmI2ZjEwOGM2MjE4Nzg2ZjBiNGMzMzE4MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeyVMUSlO4mOP4jlQCMFWjJp+6LY RDSYn1Hix+xOHE77LbCG5344WqVG5KYS3v8G+1f67k7Wsdl4zyjjPIkieXfwsNpt Pe2UQG3VHPmnbKxd+eQvaY29AlgcqF/bqfEbGsUYqoUq/EB1vLmmpfLo1UGzRE4A lE4lIuOhbVqvx0B2eLPGtJJUp9lGd1H5H4iJt73lOZBjFS3sUIagS8x8NHvJiA43 LS2DBA5BQTdHVdjdrP/sa+WXdT1NpIsrtfmc0n9yYtOg6PZn4Em+UCIh+qZdltkS h10WWSp1mcoZWs0D9UFFWZFJB19aPRnpLY8YCwLPsBELQKs3D8dXQCisawIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDXoe3s6QuBaqV7F3TY3KnTvtjaXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FkZTNkYWIzLWU4NDItNGVjMS05YmRiLWFiYTRhMmZkZGFiNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8CAMA0GCSqGSIb3DQEBCwUAA4IBAQAiye9h4mekHtx2AlYx y9zq1CWokER4/vQwiQDN6fswFKzK0pRsXRE8QDlTQ/LHiryMuzM7qtmX57PbJBpC vfDhjCWYILxbTf8UEkGr2n/uyp1BnolkHOYGMXylG7PbmgweBkZ9qiDwx3ejq7Jp vDiCFTYt+ym80hEX9Gr6YSrHhE8tkfRG+wzoXPOmAcmjA6QIthKcV5xJpMzaHQtr CFoP90b0IyOIIzuTdb7pqYbGJxUx+nxwlh+i5T9EHzUK/Q7d++IHzjsUMpdv0Jfs X3S5r2Yi+nQqVxPcicStUQEbLyw5CfwGymVC3vnLIvTdjILthJyw610HdIlEJgN9 Ff6f -----END CERTIFICATE-----Generated at Wed Feb 5 03:55:59 2025 by rpki-client