$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf40bbcd-0211-4289-921c-c7d5e705cbda.roa File: bf40bbcd-0211-4289-921c-c7d5e705cbda.roa (raw, json) Hash identifier: WbtDhdmYYx7t4kxQSFYaHgE2q/ocYYtCxFVyKScWMFM= Subject key identifier: 3B:60:0D:5B:EF:F5:6E:67:C2:27:73:5E:14:6E:E1:A0:8A:BB:6A:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19ACD7E5EA7FCBFE09E440025400543AD7E4D570 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf40bbcd-0211-4289-921c-c7d5e705cbda.roa Signing time: Tue 04 Feb 2025 00:00:00 +0000 ROA not before: Tue 04 Feb 2025 00:00:00 +0000 ROA not after: Tue 11 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:ac:d7:e5:ea:7f:cb:fe:09:e4:40:02:54:00:54:3a:d7:e4:d5:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 4 00:00:00 2025 GMT Not After : Mar 11 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b6:66:82:ff:d1:10:53:b7:2c:d9:33:8b:15: 45:c1:b5:ec:d2:f1:ed:23:dc:82:8b:d1:14:c6:b6: 00:c8:3e:b9:a8:95:4e:b7:d3:0b:f9:59:9c:0f:38: ab:9d:a7:62:2d:f4:6d:86:76:1d:c5:ff:e8:6b:44: 99:e7:6b:ca:b8:7f:ff:6a:2e:f7:dd:a7:6e:29:40: 18:22:5c:d3:8b:a7:8f:aa:12:83:80:13:b8:8e:b0: 88:06:81:16:b1:97:e1:71:0b:98:41:e3:8c:f8:d2: d3:ae:fb:ef:73:d2:98:2c:02:49:ab:ba:3a:86:9a: a3:0a:5a:91:a5:92:c9:46:3d:00:99:1a:fe:6f:7e: 36:7e:5a:d9:2c:26:03:b3:c0:33:97:0f:da:08:e8: a1:17:c6:c0:71:f8:d2:71:8f:d1:d7:71:80:41:2f: dd:e4:a9:f4:d3:c2:1b:9a:4d:8b:ff:61:73:52:8c: b3:2d:ac:aa:ab:1e:eb:70:d2:de:6a:1f:93:27:4a: 16:14:76:b3:0b:40:53:64:a1:e6:4c:d5:87:33:d7: c9:57:6f:e2:97:90:b1:54:d0:7f:5f:21:22:b4:83: e6:1f:0f:98:30:cb:c6:33:bb:db:37:6e:71:48:bc: 89:bc:b6:eb:35:dd:7c:c8:59:50:d3:8d:5b:70:8b: a2:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:60:0D:5B:EF:F5:6E:67:C2:27:73:5E:14:6E:E1:A0:8A:BB:6A:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf40bbcd-0211-4289-921c-c7d5e705cbda.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:f000::/40 Signature Algorithm: sha256WithRSAEncryption 8a:bd:86:d7:64:68:d7:f9:f7:9f:02:ed:c8:d2:6c:a3:86:12: 4f:3c:cf:2f:49:e6:d7:4f:08:b9:bd:d4:d9:ed:1d:79:89:14: 8d:09:3a:a0:49:c7:f5:bc:74:6a:9f:1a:47:21:43:40:98:73: c9:9b:cb:60:1f:d4:56:96:bb:3e:8e:20:67:44:f2:23:cd:6c: b9:18:ac:53:fa:5b:a9:77:dd:7f:67:b0:af:a7:2c:44:9c:6f: f6:21:06:99:bc:fe:43:b4:a0:48:e7:7c:7b:f7:6f:1c:a5:8a: 2f:49:56:e4:e8:4a:bf:10:e2:ef:8c:55:87:46:2a:41:c0:20: e2:7b:f2:da:c0:c2:27:28:40:69:c8:04:50:7f:3e:0e:d8:ae: c4:4a:86:37:cb:05:83:bd:1d:c5:ef:72:a2:b0:37:c1:72:48: 57:e9:3e:c0:67:23:4b:48:c1:0e:ad:df:01:f4:93:03:d0:ba: d3:34:b0:8f:37:48:04:a2:cb:02:a4:c4:a2:e8:ca:bf:17:b3: 54:e0:c7:10:d3:24:a8:9b:99:fa:d1:ee:4f:24:7d:f3:6d:dc: 95:a7:bd:8f:70:2f:f6:a2:8d:96:18:97:42:b3:de:23:ea:c2: 5d:8a:b8:92:c5:12:eb:2d:58:da:5b:cd:14:77:7b:d4:bc:68: d9:a8:29:df -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGazX5ep/y/4J5EACVABUOtfk1XAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwNDAwMDAwMFoX DTI1MDMxMTIzNTk1OVowejFJMEcGA1UEBRNAYzZmOWY4ZjVlZTMyZGJmZGI1ZGFi NDQ5Y2UxM2RjZTc4M2U4MDFjMWMwOTQ3MDFiOTI2NTQ5NGE0MzAyYmNhNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybZmgv/REFO3LNkzixVFwbXs0vHt I9yCi9EUxrYAyD65qJVOt9ML+VmcDzirnadiLfRthnYdxf/oa0SZ52vKuH//ai73 3aduKUAYIlzTi6ePqhKDgBO4jrCIBoEWsZfhcQuYQeOM+NLTrvvvc9KYLAJJq7o6 hpqjClqRpZLJRj0AmRr+b342flrZLCYDs8Azlw/aCOihF8bAcfjScY/R13GAQS/d 5Kn008Ibmk2L/2FzUoyzLayqqx7rcNLeah+TJ0oWFHazC0BTZKHmTNWHM9fJV2/i l5CxVNB/XyEitIPmHw+YMMvGM7vbN25xSLyJvLbrNd18yFlQ041bcIuiVQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDtgDVvv9W5nwidzXhRu4aCKu2ocMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmNDBiYmNkLTAyMTEtNDI4OS05MjFjLWM3ZDVlNzA1Y2JkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+PAwDQYJKoZIhvcNAQELBQADggEBAIq9htdkaNf5958C7cjS bKOGEk88zy9J5tdPCLm91NntHXmJFI0JOqBJx/W8dGqfGkchQ0CYc8mby2Af1FaW uz6OIGdE8iPNbLkYrFP6W6l33X9nsK+nLEScb/YhBpm8/kO0oEjnfHv3bxylii9J VuToSr8Q4u+MVYdGKkHAIOJ78trAwicoQGnIBFB/Pg7YrsRKhjfLBYO9HcXvcqKw N8FySFfpPsBnI0tIwQ6t3wH0kwPQutM0sI83SASiywKkxKLoyr8Xs1TgxxDTJKib mfrR7k8kffNt3JWnvY9wL/aijZYYl0Kz3iPqwl2KuJLFEustWNpbzRR3e9S8aNmo Kd8= -----END CERTIFICATE-----Generated at Sun Feb 16 15:25:55 2025 by rpki-client