$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b148abe3-0284-4eae-805f-b83c0f2291f5.roa File: b148abe3-0284-4eae-805f-b83c0f2291f5.roa (raw, json) Hash identifier: wVcYkeNGmiGWnqS3W7jqW+orCE0wranteblRTdZQn6M= Subject key identifier: CD:8B:BD:A7:36:F1:25:D8:AF:17:00:0D:B7:AC:73:C9:E3:7A:78:6E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3C4470040188B207569CFC6C81D61AF0EED8C5ED Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b148abe3-0284-4eae-805f-b83c0f2291f5.roa Signing time: Fri 17 Jan 2025 00:00:00 +0000 ROA not before: Fri 17 Jan 2025 00:00:00 +0000 ROA not after: Fri 21 Feb 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:44:70:04:01:88:b2:07:56:9c:fc:6c:81:d6:1a:f0:ee:d8:c5:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 17 00:00:00 2025 GMT Not After : Feb 21 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:d2:62:d9:3a:0f:9c:c6:a8:f6:07:e3:f1:6c: 5e:4c:9a:c3:e8:dc:c2:33:97:9e:cb:14:42:57:7b: d7:28:47:8c:c9:49:5b:fe:42:d7:5d:13:b2:b5:8c: 94:f7:17:93:34:42:15:60:f5:55:b5:fe:eb:c2:4c: bc:04:d5:c3:11:3c:b8:a9:6a:82:a2:59:45:04:67: b2:94:16:d0:c8:b9:38:5b:f7:08:97:67:01:40:0c: 45:f5:1f:f7:2b:13:bc:4a:2e:c2:a4:8e:4f:90:6b: e9:fa:6b:25:bc:00:16:0b:7f:69:0a:b3:13:15:31: b9:18:aa:3e:ab:25:1d:c3:72:46:4f:03:67:bb:5d: ab:ec:e9:00:f6:5f:9f:98:23:ff:ec:54:9b:de:16: fb:32:d0:b2:ce:d3:94:b9:d1:aa:8d:30:c8:42:29: 5c:2c:6f:af:fc:d2:56:29:ee:61:f0:30:0f:bf:5b: c6:9d:d1:94:a0:78:4a:33:19:8f:7d:c2:87:8e:6e: ea:94:e8:7b:ba:6e:3e:6e:af:35:3c:e3:1b:2d:61: 2f:ff:06:c5:11:2b:38:66:10:45:3c:9d:52:a1:7b: 00:69:34:36:db:eb:0b:d6:1a:b7:36:32:cc:7d:36: 2e:be:d2:98:ea:9d:4e:10:13:2c:79:8d:5b:84:99: 54:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:8B:BD:A7:36:F1:25:D8:AF:17:00:0D:B7:AC:73:C9:E3:7A:78:6E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b148abe3-0284-4eae-805f-b83c0f2291f5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:2000::/40 Signature Algorithm: sha256WithRSAEncryption bf:2d:f3:63:50:86:a4:ef:91:4f:bb:76:2a:16:83:81:2c:80: 8f:0a:44:d7:ee:96:fb:68:40:ac:3b:34:21:25:26:13:d2:ef: 5d:d4:20:78:82:cc:24:81:27:5c:8a:50:45:5c:db:06:aa:80: 62:20:a5:52:ea:c0:19:9b:e9:d5:39:35:53:55:78:7c:14:ce: af:53:a1:1b:08:6d:25:c6:49:9a:5c:c2:e8:7b:c1:a5:78:99: 7b:99:99:2a:d8:9c:a1:66:97:a3:5a:d4:76:75:cc:db:4b:7d: 6f:ce:b0:9f:9f:40:5f:bc:61:98:05:1a:33:58:f6:60:38:98: 54:f2:22:92:27:6b:a2:de:26:56:d2:de:cf:7b:d3:ea:33:2b: 49:37:eb:3a:b2:ef:cc:66:4f:40:53:03:8f:8d:94:b3:69:c3: 4d:5c:48:06:04:51:1e:d5:a3:29:23:c0:b8:30:ee:06:83:6a: 63:e7:cc:7d:1e:0e:a8:ba:21:66:a1:7e:6a:f9:93:91:d4:b2: 4c:b0:4a:b5:31:cc:cb:1b:41:ba:3e:08:6e:56:ba:01:0e:b0: 7e:02:f9:11:75:9b:32:41:32:26:4e:98:d6:c8:ce:ec:ab:38: e4:58:9c:c1:78:c7:f4:0a:88:48:d8:0f:94:59:dc:24:4d:6a: 56:f4:91:d6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPERwBAGIsgdWnPxsgdYa8O7Yxe0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExNzAwMDAwMFoX DTI1MDIyMTIzNTk1OVowejFJMEcGA1UEBRNANTZlNzUxZWM4NzEwMjYzZDQ3ZjBl MWI0ZWE4ZDhjNjFhOWU2ZDFlMDI5OWJkN2UyMmM5ODExNGRlNGZjZjVjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdJi2ToPnMao9gfj8WxeTJrD6NzC M5eeyxRCV3vXKEeMyUlb/kLXXROytYyU9xeTNEIVYPVVtf7rwky8BNXDETy4qWqC ollFBGeylBbQyLk4W/cIl2cBQAxF9R/3KxO8Si7CpI5PkGvp+mslvAAWC39pCrMT FTG5GKo+qyUdw3JGTwNnu12r7OkA9l+fmCP/7FSb3hb7MtCyztOUudGqjTDIQilc LG+v/NJWKe5h8DAPv1vGndGUoHhKMxmPfcKHjm7qlOh7um4+bq81POMbLWEv/wbF ESs4ZhBFPJ1SoXsAaTQ22+sL1hq3NjLMfTYuvtKY6p1OEBMseY1bhJlUiQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM2Lvac28SXYrxcADbesc8njenhuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IxNDhhYmUzLTAyODQtNGVhZS04MDVmLWI4M2MwZjIyOTFmNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7yAwDQYJKoZIhvcNAQELBQADggEBAL8t82NQhqTvkU+7dioW g4EsgI8KRNfulvtoQKw7NCElJhPS713UIHiCzCSBJ1yKUEVc2waqgGIgpVLqwBmb 6dU5NVNVeHwUzq9ToRsIbSXGSZpcwuh7waV4mXuZmSrYnKFml6Na1HZ1zNtLfW/O sJ+fQF+8YZgFGjNY9mA4mFTyIpIna6LeJlbS3s970+ozK0k36zqy78xmT0BTA4+N lLNpw01cSAYEUR7VoykjwLgw7gaDamPnzH0eDqi6IWahfmr5k5HUskywSrUxzMsb Qbo+CG5WugEOsH4C+RF1mzJBMiZOmNbIzuyrOORYnMF4x/QKiEjYD5RZ3CRNalb0 kdY= -----END CERTIFICATE-----Generated at Wed Feb 5 03:57:21 2025 by rpki-client