$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa File: af674e28-8a6b-4881-bc24-1bd1d459637c.roa (raw, json) Hash identifier: dddlg2g6A8XoifW8S54m5iSZbdIubVeXYq02mIvN+rM= Subject key identifier: D0:5B:2C:8A:D2:FD:23:60:92:A3:40:0E:29:1F:4C:65:CE:CE:16:7A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 53B182F4D3762852F633EDE6A6D1408E8732C923 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:b1:82:f4:d3:76:28:52:f6:33:ed:e6:a6:d1:40:8e:87:32:c9:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:8f:07:ec:d9:32:59:01:ab:7c:ec:d3:84:15: a0:b1:6d:00:d0:c0:eb:4e:d2:5d:18:98:c4:0e:c9: f2:7e:3f:38:49:83:a8:9d:07:59:dd:88:84:c0:91: f6:af:7f:c7:64:e0:e1:e1:3e:80:b2:21:30:2a:ae: df:f6:f0:bd:64:19:60:20:8a:24:0b:14:06:ec:ed: 71:8b:18:f0:e3:90:46:41:5d:1d:11:d0:91:aa:54: 86:ad:60:e4:a5:09:fc:33:58:0c:45:be:92:3f:4f: 67:c6:85:ba:64:14:7c:ea:e6:91:da:86:b9:b0:dd: 1a:79:a9:de:ce:b0:a8:fc:31:e8:14:b2:d5:f1:96: 7d:56:a8:97:97:39:3c:05:0b:e7:31:52:ef:65:80: 28:b5:c2:b9:45:f8:1e:6d:bc:cf:79:a1:58:14:53: f8:95:65:40:15:c5:f6:43:98:56:85:95:7d:59:a6: aa:70:03:a8:53:01:75:11:01:b8:ae:ef:e4:ef:a8: d0:4d:19:d8:8c:a4:10:4f:f0:a4:08:97:77:b2:69: d2:71:84:b3:ff:ec:c9:21:7b:77:52:31:09:d8:13: 6c:e3:7b:63:7d:b5:dd:12:13:2c:72:b7:eb:28:eb: fe:08:ce:bb:c3:0b:8d:87:03:4d:84:f7:49:32:83: 60:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:5B:2C:8A:D2:FD:23:60:92:A3:40:0E:29:1F:4C:65:CE:CE:16:7A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:a000::/40 Signature Algorithm: sha256WithRSAEncryption c8:7b:ca:55:30:0e:04:8e:fe:d0:f2:97:e0:1e:70:04:50:70: dd:7c:3e:dc:a2:0e:e9:81:e9:ed:a5:d6:ae:7f:7e:d6:3a:1d: 38:0c:8c:9a:17:b9:15:ae:05:75:05:af:2a:27:e3:11:47:b6: 1e:f6:e6:c5:8a:be:77:42:66:71:f9:ec:64:25:12:6d:41:de: c6:4c:4a:5c:6b:fe:f5:f5:fd:2a:1d:3b:32:6d:1a:0a:63:6e: 35:c5:f0:24:5d:68:3d:1f:89:66:30:4f:74:fa:16:89:af:6c: ad:8d:63:60:ff:79:f2:55:c1:cf:85:e2:cd:63:f9:44:63:37: 6d:db:2f:2c:3d:ca:ea:20:c4:49:18:12:1a:df:87:3e:9b:f8: 50:49:81:fb:86:2b:e8:d1:bc:20:b2:11:f4:ab:44:b0:90:9f: bc:54:1c:d9:85:43:5c:57:56:bf:4b:64:e7:da:0d:b4:7d:2e: 68:72:8f:5a:77:e1:fd:66:9f:0c:80:38:0d:7a:eb:d9:67:51: fd:79:3c:d0:0c:89:48:54:a0:3f:23:0f:55:1a:94:35:70:15: 9d:24:27:73:79:f5:b8:3f:d0:c3:12:99:bf:c5:41:37:76:df: 04:23:41:d2:9b:eb:f4:28:96:98:69:01:cb:6a:71:33:eb:8f: 5f:33:36:90 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUU7GC9NN2KFL2M+3mptFAjocyySMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAOTdhMmJiNTljZjBmMTVjNWJlOWNm NDVmNWNmYjMzZjc5ZDhlODFlODU4NmM2OTU1Yjk1YzcwNDczMTVjNjQ3ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo8H7NkyWQGrfOzThBWgsW0A0MDr TtJdGJjEDsnyfj84SYOonQdZ3YiEwJH2r3/HZODh4T6AsiEwKq7f9vC9ZBlgIIok CxQG7O1xixjw45BGQV0dEdCRqlSGrWDkpQn8M1gMRb6SP09nxoW6ZBR86uaR2oa5 sN0aeanezrCo/DHoFLLV8ZZ9VqiXlzk8BQvnMVLvZYAotcK5RfgebbzPeaFYFFP4 lWVAFcX2Q5hWhZV9WaaqcAOoUwF1EQG4ru/k76jQTRnYjKQQT/CkCJd3smnScYSz /+zJIXt3UjEJ2BNs43tjfbXdEhMscrfrKOv+CM67wwuNhwNNhPdJMoNgNQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNBbLIrS/SNgkqNADikfTGXOzhZ6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNjc0ZTI4LThhNmItNDg4MS1iYzI0LTFiZDFkNDU5NjM3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoKAwDQYJKoZIhvcNAQELBQADggEBAMh7ylUwDgSO/tDyl+Ae cARQcN18PtyiDumB6e2l1q5/ftY6HTgMjJoXuRWuBXUFryon4xFHth725sWKvndC ZnH57GQlEm1B3sZMSlxr/vX1/SodOzJtGgpjbjXF8CRdaD0fiWYwT3T6FomvbK2N Y2D/efJVwc+F4s1j+URjN23bLyw9yuogxEkYEhrfhz6b+FBJgfuGK+jRvCCyEfSr RLCQn7xUHNmFQ1xXVr9LZOfaDbR9Lmhyj1p34f1mnwyAOA1669lnUf15PNAMiUhU oD8jD1UalDVwFZ0kJ3N59bg/0MMSmb/FQTd23wQjQdKb6/QolphpActqcTPrj18z NpA= -----END CERTIFICATE-----Generated at Sun Feb 16 15:26:52 2025 by rpki-client