$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa File: afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa (raw, json) Hash identifier: nG8q6wBf+yY0cBxcDMbV7orkH+mbfYQilkRjUS2DcSQ= Subject key identifier: 67:BA:96:66:45:EF:1D:7B:13:64:D6:FC:1E:CE:A0:8B:BE:72:95:7C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78FFD03030FAD1E969EBE90F40F7DA7582B89549 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa Signing time: Fri 17 Jan 2025 00:00:00 +0000 ROA not before: Fri 17 Jan 2025 00:00:00 +0000 ROA not after: Fri 21 Feb 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1a:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:ff:d0:30:30:fa:d1:e9:69:eb:e9:0f:40:f7:da:75:82:b8:95:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 17 00:00:00 2025 GMT Not After : Feb 21 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:99:76:5a:93:38:59:26:b7:88:85:ec:4f:77: 36:a8:cf:bf:b7:1f:ba:ec:bb:59:fa:07:35:4d:21: c9:0e:60:81:b4:9d:99:68:ec:bf:67:42:2a:75:06: 39:ab:f3:e3:4a:ae:11:8f:19:24:d6:68:70:23:b8: d0:b2:34:74:49:ec:46:5e:18:d2:da:93:df:64:e5: 63:48:7a:92:c0:1d:e2:17:ef:77:de:dd:b4:b4:0d: 28:b7:97:5e:f5:00:f2:07:f5:a6:d1:db:3a:4d:7b: 54:7c:52:63:d2:6f:ba:cb:30:65:c8:60:81:59:04: e1:d8:ad:1d:21:87:9c:b9:2b:27:ad:ec:11:67:42: cc:62:06:26:06:2b:4b:f3:fe:bc:27:27:ca:98:1c: 00:76:a6:d8:00:30:1e:8a:d5:fe:02:9b:07:18:de: 76:5d:f8:96:87:37:fb:41:2b:e8:61:29:88:8e:a4: 15:89:bf:01:89:f5:a3:b3:ce:d9:2e:5b:1e:ba:60: ee:17:11:c1:4f:eb:1e:c5:fc:82:ce:96:2b:a0:7a: 3d:14:72:1f:ad:9a:07:8c:1c:a3:43:38:fb:38:b1: 8a:d1:75:9a:04:4a:90:0f:ce:16:6e:e4:80:fe:f0: f5:d2:3f:5a:9b:07:2f:43:d9:a7:91:b7:df:90:d4: 5f:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:BA:96:66:45:EF:1D:7B:13:64:D6:FC:1E:CE:A0:8B:BE:72:95:7C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1a:8000::/36 Signature Algorithm: sha256WithRSAEncryption c1:6f:74:bc:22:16:7c:42:4f:55:9d:e6:4c:8d:be:f8:af:2a: df:04:13:92:f5:ef:54:bd:b5:bc:10:8e:a9:c2:cc:ce:6f:32: 33:f9:9d:33:b3:be:d4:7e:77:82:ae:a7:f0:9e:00:19:21:10: ca:aa:3b:d4:af:a9:5d:78:df:a7:5a:51:c9:08:a3:f7:98:11: 45:db:51:32:60:2c:b3:aa:82:71:0e:54:ca:60:7d:06:df:f6: 6f:4e:62:0b:39:78:0c:74:36:e9:bf:b4:00:2c:ce:b2:b5:d6: d6:eb:b4:7c:20:df:23:14:e2:9e:d6:53:ef:ef:4a:e5:09:72: b2:00:f0:37:e4:4b:e7:6a:f1:33:0f:f5:40:e8:ac:e7:a7:d6: a1:34:bb:41:6d:60:0d:cf:fc:d8:8f:44:80:2f:b0:b3:17:62: ef:b6:87:28:f0:a1:d2:a7:a4:9c:1f:bf:d5:0c:d5:d7:0e:26: 0f:9f:b6:2f:7e:89:df:f5:6d:cb:5e:3b:ce:c7:08:d0:e6:74: a4:a1:36:8d:38:db:1d:b1:b5:f5:ae:57:46:6b:a6:87:29:1e: ab:2c:d7:bf:90:b5:40:3c:5e:be:95:fd:f8:e9:28:58:5d:60: 5c:fc:65:e2:82:b2:4c:4d:04:c4:fb:00:22:ae:76:26:89:10: 7f:01:8a:e9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeP/QMDD60elp6+kPQPfadYK4lUkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExNzAwMDAwMFoX DTI1MDIyMTIzNTk1OVowejFJMEcGA1UEBRNAZTc0Mzc2ZDkxMjhkZTI4ZmFmOTg4 YjU4OWU5YTZlNWE3YjcxMzliOWJiYzE1ZjAwMDcyYzVlMGRhZTI4YWYwMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Jl2WpM4WSa3iIXsT3c2qM+/tx+6 7LtZ+gc1TSHJDmCBtJ2ZaOy/Z0IqdQY5q/PjSq4Rjxkk1mhwI7jQsjR0SexGXhjS 2pPfZOVjSHqSwB3iF+933t20tA0ot5de9QDyB/Wm0ds6TXtUfFJj0m+6yzBlyGCB WQTh2K0dIYecuSsnrewRZ0LMYgYmBitL8/68JyfKmBwAdqbYADAeitX+ApsHGN52 XfiWhzf7QSvoYSmIjqQVib8BifWjs87ZLlseumDuFxHBT+sexfyCzpYroHo9FHIf rZoHjByjQzj7OLGK0XWaBEqQD84WbuSA/vD10j9amwcvQ9mnkbffkNRfbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGe6lmZF7x17E2TW/B7OoIu+cpV8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmZDVhMmQwLTVlMTQtNDkzOS05ZTM5LTFmOWYyNmUyZjY3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGoAwDQYJKoZIhvcNAQELBQADggEBAMFvdLwiFnxCT1Wd5kyN vvivKt8EE5L171S9tbwQjqnCzM5vMjP5nTOzvtR+d4Kup/CeABkhEMqqO9SvqV14 36daUckIo/eYEUXbUTJgLLOqgnEOVMpgfQbf9m9OYgs5eAx0Num/tAAszrK11tbr tHwg3yMU4p7WU+/vSuUJcrIA8DfkS+dq8TMP9UDorOen1qE0u0FtYA3P/NiPRIAv sLMXYu+2hyjwodKnpJwfv9UM1dcOJg+fti9+id/1bcteO87HCNDmdKShNo042x2x tfWuV0ZrpocpHqss17+QtUA8Xr6V/fjpKFhdYFz8ZeKCskxNBMT7ACKudiaJEH8B iuk= -----END CERTIFICATE-----Generated at Wed Feb 5 04:01:36 2025 by rpki-client