$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bdb13c4d-36b9-422d-b558-2882286c1ab9.roa File: bdb13c4d-36b9-422d-b558-2882286c1ab9.roa (raw, json) Hash identifier: YT4rbr1oOeAu7UhhzTUQvV70EaHi1DtuWgMPRmCguK4= Subject key identifier: 8C:C8:CA:8D:95:30:38:A5:C7:1B:9B:CD:19:CA:97:11:E7:1D:F7:98 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1923B2967E548D008CAD0F108994A8543C3F3171 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bdb13c4d-36b9-422d-b558-2882286c1ab9.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:c080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:23:b2:96:7e:54:8d:00:8c:ad:0f:10:89:94:a8:54:3c:3f:31:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e3:25:12:5c:ca:c9:de:e0:09:16:3b:9c:28: 55:57:48:9a:a7:da:f2:53:1a:c2:cf:64:55:d6:3e: 22:60:af:79:d4:71:60:7b:d3:8c:6c:3d:43:75:9a: 19:28:61:7c:ad:a3:e4:d1:38:4a:0d:2d:fe:e0:bf: 53:81:e7:29:44:a3:9b:16:ee:e3:ec:ee:c7:e1:6f: 46:93:0b:66:da:78:93:b3:de:3a:14:b3:8b:4d:10: 6e:b9:4c:92:28:e5:8d:3f:b7:10:d4:ec:ab:65:0a: 6b:8d:13:b0:c4:03:b9:ed:4d:09:50:04:a1:21:7f: 0a:4d:1f:c3:23:0f:cf:35:b0:8d:08:46:62:2c:9d: b3:fd:9c:0d:36:d2:47:28:c4:9e:30:2b:8a:e7:9d: 57:e4:5a:4f:1d:a8:37:1b:8f:e1:48:d0:ac:8b:e7: 29:fe:e6:97:dd:b7:94:0d:e2:5e:c4:af:7f:b0:62: c6:99:b4:78:75:23:48:ed:61:f6:62:cb:b0:9e:bb: 4a:8f:43:c0:4d:ed:1a:9e:47:ba:cc:72:9c:e8:df: 0b:8b:e2:71:b0:9b:b4:5f:dd:95:cd:38:00:ea:ee: f3:70:96:11:98:91:e4:7a:40:82:1d:6b:19:2f:30: f5:1c:95:c7:83:f0:89:8b:3a:5a:8d:d6:35:4b:67: 8d:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:C8:CA:8D:95:30:38:A5:C7:1B:9B:CD:19:CA:97:11:E7:1D:F7:98 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bdb13c4d-36b9-422d-b558-2882286c1ab9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:c080::/46 Signature Algorithm: sha256WithRSAEncryption 83:60:d5:6a:b0:49:4f:c4:1f:36:47:aa:c2:66:d2:be:83:b7: f2:f2:19:66:88:bb:f8:da:34:f6:60:e8:ae:0f:21:99:6e:4d: 3c:bb:b1:b3:6c:0d:b6:f8:83:82:c9:16:87:23:2f:d9:a5:4a: e2:a5:77:57:91:ca:c9:ad:65:b8:01:cc:27:62:4d:22:fa:d5: 2b:e8:bb:6f:05:ce:55:40:2c:49:68:04:49:62:7c:9e:53:b3: 3d:db:a5:68:f8:b2:bd:10:4d:45:c3:09:45:15:5c:eb:c6:93: 9d:07:f1:61:07:3b:05:8c:cb:2f:8f:90:7f:7e:64:9d:7a:9d: 27:ed:43:ef:b6:bf:69:cc:bb:d8:40:53:e1:9b:18:38:4c:0f: e6:98:27:fe:92:c1:fe:2f:a4:52:87:6b:57:8c:08:d0:eb:30: bb:dd:4e:68:2b:5f:96:12:2f:23:99:b2:c5:fc:b5:b7:d7:28: ca:56:54:d7:cd:f4:01:b6:5a:ee:3d:28:22:d8:f6:a1:79:c2: b9:a8:39:d8:db:b4:f6:33:e6:c0:cc:fd:54:d9:fa:e4:70:44: d0:c6:27:01:61:5c:18:77:b0:a5:23:64:21:36:f8:a5:2a:f3: e4:86:aa:f9:5f:75:b8:9b:a7:be:f4:79:0c:9b:0a:b1:e3:89: 35:7e:f7:d9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGSOyln5UjQCMrQ8QiZSoVDw/MXEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAODI5OGI2ZTQzMzczOGMwNmU3ZmZm NTc2NWFlZmRkYmFkZGI2MzQ3MWNlYWFmOWQxYzQ1ZTBhZmM5YmIxMGI5ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+MlElzKyd7gCRY7nChVV0iap9ry UxrCz2RV1j4iYK951HFge9OMbD1DdZoZKGF8raPk0ThKDS3+4L9TgecpRKObFu7j 7O7H4W9Gkwtm2niTs946FLOLTRBuuUySKOWNP7cQ1OyrZQprjROwxAO57U0JUASh IX8KTR/DIw/PNbCNCEZiLJ2z/ZwNNtJHKMSeMCuK551X5FpPHag3G4/hSNCsi+cp /uaX3beUDeJexK9/sGLGmbR4dSNI7WH2YsuwnrtKj0PATe0anke6zHKc6N8Li+Jx sJu0X92VzTgA6u7zcJYRmJHkekCCHWsZLzD1HJXHg/CJizpajdY1S2eNVwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIzIyo2VMDilxxubzRnKlxHnHfeYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JkYjEzYzRkLTM2YjktNDIyZC1iNTU4LTI4ODIyODZjMWFiOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+8CAMA0GCSqGSIb3DQEBCwUAA4IBAQCDYNVqsElPxB82R6rC ZtK+g7fy8hlmiLv42jT2YOiuDyGZbk08u7GzbA22+IOCyRaHIy/ZpUripXdXkcrJ rWW4AcwnYk0i+tUr6LtvBc5VQCxJaARJYnyeU7M926Vo+LK9EE1FwwlFFVzrxpOd B/FhBzsFjMsvj5B/fmSdep0n7UPvtr9pzLvYQFPhmxg4TA/mmCf+ksH+L6RSh2tX jAjQ6zC73U5oK1+WEi8jmbLF/LW31yjKVlTXzfQBtlruPSgi2PahecK5qDnY27T2 M+bAzP1U2frkcETQxicBYVwYd7ClI2QhNvilKvPkhqr5X3W4m6e+9HkMmwqx44k1 fvfZ -----END CERTIFICATE-----Generated at Wed Feb 5 04:09:57 2025 by rpki-client