$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa File: bbddded6-dcdb-4e7d-afd3-a45288409de7.roa (raw, json) Hash identifier: AalBr1ENNLwZgnrqd76GYJx31uOWWrBdvYyUVtD8ZF0= Subject key identifier: 4E:4F:AC:2B:C7:2F:E9:9F:71:AF:84:33:2B:6C:F6:CD:1A:9E:14:5C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 66678A0DC96DA8250B8039438E82D083B700A58F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:e0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:67:8a:0d:c9:6d:a8:25:0b:80:39:43:8e:82:d0:83:b7:00:a5:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:37:10:67:0e:ec:50:1f:49:50:26:a2:a4:09: 83:d0:e5:25:48:19:01:ee:5e:a2:dc:65:e0:6b:1a: b9:dd:b1:90:20:b0:e8:4c:be:d6:04:9a:ad:d8:bf: bd:18:b1:13:f9:b3:e4:48:68:d5:81:1c:f3:cd:43: d4:75:cd:ff:2b:6a:42:d7:34:ee:ba:cd:cd:1e:ad: 46:0a:78:99:a5:e4:e8:68:23:5f:31:37:fc:94:5d: 83:43:9f:ad:ea:4e:ec:44:f9:de:e1:79:ce:b8:0d: 18:a9:f9:d3:9d:51:05:af:31:2d:f6:b6:f0:9c:ed: 77:92:87:dc:a0:a9:72:7a:27:2e:b1:e3:6b:b0:1e: 44:83:df:9d:a7:10:38:90:73:c6:e4:89:ff:05:46: 7b:d2:54:e5:35:6c:b9:85:8f:81:00:ee:75:77:da: 27:c2:7e:da:8f:67:04:fe:4b:e2:06:79:25:93:80: db:dc:a9:c3:11:23:a4:b4:4e:92:f0:28:68:04:1e: 58:1d:73:b4:56:f8:94:fa:fa:72:e4:50:68:b0:35: 15:0e:56:1d:55:c9:8a:1d:aa:59:51:56:e9:3e:6c: 49:68:eb:34:87:23:99:a0:33:87:9a:17:6c:cf:07: f2:a7:55:84:c6:d5:84:aa:5b:da:64:10:fd:f5:a8: b3:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:4F:AC:2B:C7:2F:E9:9F:71:AF:84:33:2B:6C:F6:CD:1A:9E:14:5C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:e0c0::/46 Signature Algorithm: sha256WithRSAEncryption 4e:31:20:73:a1:ea:d2:73:05:f2:35:68:9f:7a:4a:b9:6d:71: e9:40:7c:b8:33:c0:ab:64:b6:e0:fb:e5:56:29:4f:97:3f:71: c2:4c:fd:0f:9d:0b:a4:c4:50:92:a9:79:49:42:67:44:1d:a1: 73:db:82:b3:80:38:cf:62:b6:00:24:e2:ab:97:ad:6c:6a:9d: 4d:1b:ea:73:74:fe:2e:60:3b:9b:db:33:98:52:53:dc:af:ed: 8b:f1:47:8b:e5:48:b3:06:80:62:a3:10:93:a1:09:05:78:8e: 7a:7b:59:71:a7:7d:94:4b:84:f5:20:08:1b:5f:11:65:d6:e6: e5:19:70:45:bc:97:b6:89:ca:b3:ab:3d:28:fa:5e:39:d7:34: dd:a2:e3:49:47:c3:08:a3:9d:0d:59:9e:a5:d6:fc:fe:3d:ef: 80:6f:89:02:5e:69:ff:82:1a:be:a5:0b:64:b9:a1:10:c7:6d: 2b:c3:0c:c5:c2:e2:e8:80:62:b3:39:16:c0:e0:ce:45:bb:79: de:b3:70:cd:dd:2c:30:de:8a:a4:6a:c9:81:76:34:e6:2f:5e: b3:9f:1d:33:f4:a8:6d:36:fe:42:5c:dc:f9:34:f1:03:cf:6f: 70:9e:51:17:70:ce:bb:5d:28:f2:fc:1b:75:b4:81:5e:85:7e: 1a:2f:e6:24 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZmeKDcltqCULgDlDjoLQg7cApY8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZjc2OWMzZGM0ZmUyNjEzZWQ4ZDI3 Y2Y2OGQ3OGNlODI0NDlkZmJjZmJhM2I0NWVlOTRlZTExNzQ2YjA2Y2FkODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjcQZw7sUB9JUCaipAmD0OUlSBkB 7l6i3GXgaxq53bGQILDoTL7WBJqt2L+9GLET+bPkSGjVgRzzzUPUdc3/K2pC1zTu us3NHq1GCniZpeToaCNfMTf8lF2DQ5+t6k7sRPne4XnOuA0YqfnTnVEFrzEt9rbw nO13kofcoKlyeicuseNrsB5Eg9+dpxA4kHPG5In/BUZ70lTlNWy5hY+BAO51d9on wn7aj2cE/kviBnklk4Db3KnDESOktE6S8ChoBB5YHXO0VviU+vpy5FBosDUVDlYd VcmKHapZUVbpPmxJaOs0hyOZoDOHmhdszwfyp1WExtWEqlvaZBD99aizkwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFE5PrCvHL+mfca+EMyts9s0anhRcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JiZGRkZWQ2LWRjZGItNGU3ZC1hZmQzLWE0NTI4ODQwOWRlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba9+DAMA0GCSqGSIb3DQEBCwUAA4IBAQBOMSBzoerScwXyNWif ekq5bXHpQHy4M8CrZLbg++VWKU+XP3HCTP0PnQukxFCSqXlJQmdEHaFz24KzgDjP YrYAJOKrl61sap1NG+pzdP4uYDub2zOYUlPcr+2L8UeL5UizBoBioxCToQkFeI56 e1lxp32US4T1IAgbXxFl1ublGXBFvJe2icqzqz0o+l451zTdouNJR8MIo50NWZ6l 1vz+Pe+Ab4kCXmn/ghq+pQtkuaEQx20rwwzFwuLogGKzORbA4M5Fu3nes3DN3Sww 3oqkasmBdjTmL16znx0z9KhtNv5CXNz5NPEDz29wnlEXcM67XSjy/Bt1tIFehX4a L+Yk -----END CERTIFICATE-----Generated at Wed Feb 5 03:59:58 2025 by rpki-client