$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa File: b0c7485a-6d94-4adf-ad68-d031efad9d50.roa (raw, json) Hash identifier: R/h983pierv7sA1osO/L7vIfQpaB5sGaVWBQxMoJzCo= Subject key identifier: EA:D0:64:55:05:59:27:E1:E6:A8:DE:F8:B6:25:59:27:2E:BE:FA:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2F86226F977C2B4A07D2C49E6935C13B254E5D61 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:86:22:6f:97:7c:2b:4a:07:d2:c4:9e:69:35:c1:3b:25:4e:5d:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:2f:fa:bb:55:5b:5e:e3:b6:f8:2a:9e:58:e7: 01:85:56:46:69:b3:db:0f:13:4f:92:5c:b8:71:bf: d3:99:a2:45:64:ed:e1:35:68:a7:6f:07:3f:e0:0e: c9:73:1d:db:b6:ad:44:9d:df:b5:89:22:bf:a9:f6: 6b:ea:a8:c3:ed:b4:f5:0b:0b:ff:6b:e8:51:e8:a0: 73:d6:0e:6a:94:a6:70:86:be:9f:43:ce:4d:94:13: 99:ff:0a:c1:0f:23:f6:5d:57:7a:53:02:df:49:cd: 8d:9b:cd:be:46:8f:60:cf:03:33:c8:8c:fd:16:c7: 30:d6:63:f4:5d:2f:f1:ee:a2:0e:68:62:a9:56:a3: 98:d2:4a:0c:0b:9d:5e:72:77:35:eb:75:aa:77:b0: 07:a7:59:47:37:45:7c:f6:32:d0:b2:ef:ff:63:a5: 6a:46:56:22:27:f4:5b:b6:7c:b5:bb:97:ac:a0:b0: 14:85:07:3f:eb:c5:91:0b:d8:27:58:73:c5:5f:45: 86:5a:06:f7:fa:27:4e:76:ef:26:6a:4e:b2:ef:eb: 8b:26:e2:cd:4d:31:c7:c7:3c:fb:f6:9f:02:34:67: 39:19:6d:79:b2:6d:e6:2e:86:82:c4:48:6f:79:19: bb:8a:87:b3:2d:c8:b6:01:a1:27:46:f6:c9:87:eb: 7e:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:D0:64:55:05:59:27:E1:E6:A8:DE:F8:B6:25:59:27:2E:BE:FA:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9080::/48 Signature Algorithm: sha256WithRSAEncryption 7b:17:f0:a5:54:10:91:5a:c6:f7:e3:a9:33:0b:fa:20:e7:9a: 60:47:8f:fc:4c:9f:e8:ca:c8:be:b5:00:2a:8e:d8:2b:56:98: c2:09:d6:6a:e9:2b:71:bb:8a:81:21:af:4b:c4:3a:76:b3:b8: 7c:ca:56:70:c8:df:ab:88:16:6d:35:e3:3a:b3:3f:c6:d7:b9: 69:02:b2:fb:88:b7:f7:11:13:d6:c3:23:d6:79:bf:2d:d0:58: 31:3c:c8:f0:32:49:ce:31:be:bc:07:6c:ef:8a:e6:27:e7:ec: 9e:6c:70:a7:96:eb:06:f6:65:83:cb:73:04:07:53:e5:60:43: 2d:5f:55:8d:85:55:ca:08:66:cc:97:be:db:6a:f4:12:84:16: fc:2a:a3:21:91:82:a5:7c:40:48:23:a1:9f:da:1d:f9:c3:c5: 42:06:af:12:47:c9:77:19:6f:50:90:da:19:f6:13:30:bd:26: 89:49:07:6b:23:ec:5b:c9:a0:f5:d6:79:f6:c2:69:b5:7a:2b: 57:25:78:39:79:9f:60:ad:32:52:c8:5c:c9:7a:98:9f:ff:88: 97:5d:fc:9a:46:be:10:27:81:1c:32:36:30:05:2c:ea:32:c2: 2f:01:ff:20:93:61:c7:bf:72:a0:bc:c2:9f:f4:c7:0d:56:60: bb:fc:12:93 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUL4Yib5d8K0oH0sSeaTXBOyVOXWEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANTNiOGRkMzg5MTliOWQ5OGNhNjNh ZTBlM2JmN2NjZDI4NmU5ZGQxZDc1YzA2ODI4MzI4MzEwNWEyNGY5ODI0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC/6u1VbXuO2+CqeWOcBhVZGabPb DxNPkly4cb/TmaJFZO3hNWinbwc/4A7Jcx3btq1End+1iSK/qfZr6qjD7bT1Cwv/ a+hR6KBz1g5qlKZwhr6fQ85NlBOZ/wrBDyP2XVd6UwLfSc2Nm82+Ro9gzwMzyIz9 Fscw1mP0XS/x7qIOaGKpVqOY0koMC51ecnc163Wqd7AHp1lHN0V89jLQsu//Y6Vq RlYiJ/Rbtny1u5esoLAUhQc/68WRC9gnWHPFX0WGWgb3+idOdu8mak6y7+uLJuLN TTHHxzz79p8CNGc5GW15sm3mLoaCxEhveRm7ioezLci2AaEnRvbJh+t+cQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOrQZFUFWSfh5qje+LYlWScuvvq/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwYzc0ODVhLTZkOTQtNGFkZi1hZDY4LWQwMzFlZmFkOWQ1MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAJCAMA0GCSqGSIb3DQEBCwUAA4IBAQB7F/ClVBCRWsb346kz C/og55pgR4/8TJ/oysi+tQAqjtgrVpjCCdZq6Stxu4qBIa9LxDp2s7h8ylZwyN+r iBZtNeM6sz/G17lpArL7iLf3ERPWwyPWeb8t0FgxPMjwMknOMb68B2zviuYn5+ye bHCnlusG9mWDy3MEB1PlYEMtX1WNhVXKCGbMl77bavQShBb8KqMhkYKlfEBII6Gf 2h35w8VCBq8SR8l3GW9QkNoZ9hMwvSaJSQdrI+xbyaD11nn2wmm1eitXJXg5eZ9g rTJSyFzJepif/4iXXfyaRr4QJ4EcMjYwBSzqMsIvAf8gk2HHv3KgvMKf9McNVmC7 /BKT -----END CERTIFICATE-----Generated at Wed Feb 5 04:11:14 2025 by rpki-client