$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa File: af6b0407-66be-4076-87b3-370d845449ef.roa (raw, json) Hash identifier: fwvjFRrHz7DIcyFHTXLMdCRbjEKof5WPFfS9w8oNmco= Subject key identifier: 32:3B:17:E2:AC:84:7E:6B:35:C7:87:5D:85:ED:D5:D2:D4:64:8D:B0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 212ED2BD80B5A489C6809418C16CF3425D1D2132 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:2e:d2:bd:80:b5:a4:89:c6:80:94:18:c1:6c:f3:42:5d:1d:21:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:42:0f:25:17:ee:51:d7:a0:d8:d5:c7:1c:80: 1d:12:9e:34:a4:85:49:d1:58:76:69:0c:84:89:58: f2:9a:46:2e:75:8e:ae:fc:b3:5c:61:fa:aa:98:79: 21:55:ae:a8:15:40:5f:96:f0:83:8e:1c:ab:f3:20: de:fc:47:d0:e4:a7:fa:12:aa:e1:db:8d:f9:6a:36: 74:f3:bd:8f:00:6f:d1:41:07:3c:ec:82:8a:46:bc: 5c:bd:4b:ae:da:5a:b6:19:4e:8f:a7:f5:3f:82:17: 5d:e9:c5:be:b7:d0:d6:b8:b1:0c:9a:0d:47:1b:be: 9c:a4:06:02:30:06:bd:54:9e:4e:cb:d9:08:67:e8: 7e:5f:51:da:5e:7b:48:25:7f:bd:1c:fe:17:9c:55: 5a:11:36:af:da:8b:21:1c:f3:13:31:77:83:bf:af: f5:3a:70:72:44:77:47:0a:f6:4f:2e:7f:fe:29:6f: e0:b3:30:dd:60:15:f0:6f:2b:da:34:41:d0:e3:75: 6b:72:ef:a5:f8:31:0e:f8:d1:57:e0:db:db:02:a4: 5a:e5:d1:fe:ec:98:1f:e6:a2:a7:d4:54:03:3e:7a: cc:b6:68:b0:7b:0b:73:84:f8:7c:55:7f:c6:46:87: 06:46:14:45:8f:b3:49:34:e2:78:d9:fb:c2:d0:ae: 43:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:3B:17:E2:AC:84:7E:6B:35:C7:87:5D:85:ED:D5:D2:D4:64:8D:B0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:6040::/48 Signature Algorithm: sha256WithRSAEncryption 36:93:c7:70:9b:09:e7:f7:25:ec:6d:97:b2:cd:a0:37:1f:9e: d2:a1:21:9e:0a:2b:2f:e5:91:50:e0:ee:3e:21:65:66:22:b4: 7c:93:d7:2f:5f:7f:b1:03:60:ec:c6:4d:29:9b:13:4c:d4:50: 21:cb:3a:68:ff:cb:0a:78:1f:b2:f4:a5:2a:36:5c:29:c1:fe: 86:90:dc:94:86:b7:22:78:3c:a9:9f:04:66:cd:ea:cd:3b:2c: 9c:c1:58:0a:33:51:6d:a9:4c:e4:4a:30:30:e6:e4:e0:45:d5: 89:99:c3:e3:15:0c:1c:61:78:f7:77:09:b9:ca:a5:c3:03:bd: 9c:bf:ee:6f:41:e6:b7:a1:43:14:9d:84:5e:69:ff:0a:33:c3: b1:ae:33:57:81:9e:26:7b:c3:a0:b7:de:66:04:84:cd:8b:3f: 3f:af:2b:8b:6d:bb:da:d3:4b:07:0d:97:9f:48:19:a5:fd:6a: 96:be:6b:70:8b:3d:1f:9e:f6:86:26:0a:82:75:df:7c:e9:a3: e1:b3:05:ed:3e:41:e0:b6:34:60:12:e5:96:60:03:0f:f2:9b: cb:6d:27:bb:8b:1e:91:c6:b4:84:de:b1:4d:5e:69:60:f8:7f: ee:6a:09:dd:32:59:57:7b:fd:7b:cb:9d:ae:62:8f:7e:d6:e5: e2:c8:f2:f3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIS7SvYC1pInGgJQYwWzzQl0dITIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNANTA4MTRlYzEwZTUyNDJmNjc3MjY1 MWUyNDExMGM1MTY2ZGM2MDg1Nzk4YzNhM2I1ZDhjNTVkY2UxMWQ0M2Y4MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkIPJRfuUdeg2NXHHIAdEp40pIVJ 0Vh2aQyEiVjymkYudY6u/LNcYfqqmHkhVa6oFUBflvCDjhyr8yDe/EfQ5Kf6Eqrh 2435ajZ0872PAG/RQQc87IKKRrxcvUuu2lq2GU6Pp/U/ghdd6cW+t9DWuLEMmg1H G76cpAYCMAa9VJ5Oy9kIZ+h+X1HaXntIJX+9HP4XnFVaETav2oshHPMTMXeDv6/1 OnByRHdHCvZPLn/+KW/gszDdYBXwbyvaNEHQ43Vrcu+l+DEO+NFX4NvbAqRa5dH+ 7Jgf5qKn1FQDPnrMtmiwewtzhPh8VX/GRocGRhRFj7NJNOJ42fvC0K5DJQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDI7F+KshH5rNceHXYXt1dLUZI2wMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNmIwNDA3LTY2YmUtNDA3Ni04N2IzLTM3MGQ4NDU0NDllZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mBAMA0GCSqGSIb3DQEBCwUAA4IBAQA2k8dwmwnn9yXsbZey zaA3H57SoSGeCisv5ZFQ4O4+IWVmIrR8k9cvX3+xA2Dsxk0pmxNM1FAhyzpo/8sK eB+y9KUqNlwpwf6GkNyUhrcieDypnwRmzerNOyycwVgKM1FtqUzkSjAw5uTgRdWJ mcPjFQwcYXj3dwm5yqXDA72cv+5vQea3oUMUnYReaf8KM8OxrjNXgZ4me8Ogt95m BITNiz8/ryuLbbva00sHDZefSBml/WqWvmtwiz0fnvaGJgqCdd986aPhswXtPkHg tjRgEuWWYAMP8pvLbSe7ix6RxrSE3rFNXmlg+H/uagndMllXe/17y52uYo9+1uXi yPLz -----END CERTIFICATE-----Generated at Wed Feb 5 04:00:37 2025 by rpki-client