$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c53a68e4-6b3d-4fba-a3e7-7c778c3b46b6.roa File: c53a68e4-6b3d-4fba-a3e7-7c778c3b46b6.roa (raw, json) Hash identifier: vaRW7AeUyRpEixLclmySuYTGkvWPxD1kgcx23igH1b4= Subject key identifier: 2A:65:BC:09:9B:EC:BF:A1:3A:52:F1:8F:08:1B:71:38:1E:27:3A:FF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 52827F93C8C67B4C0226149768E250913DFC65C8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c53a68e4-6b3d-4fba-a3e7-7c778c3b46b6.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:b040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:82:7f:93:c8:c6:7b:4c:02:26:14:97:68:e2:50:91:3d:fc:65:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:35:c7:21:f1:49:f7:be:7f:f3:d7:da:a3:5f: 56:a7:58:19:6b:fa:45:30:4e:24:f1:2c:42:fb:65: ea:77:72:fc:98:49:b7:90:6d:d4:8c:f3:40:65:dc: 3f:a8:7d:ba:ef:49:0b:a3:e4:83:42:53:80:4d:44: 53:2e:c6:72:6f:f3:3f:fc:0c:ec:3f:56:97:bf:59: bc:c3:9c:e1:fb:2e:f3:c6:18:f6:11:99:4c:a5:f9: b6:ae:01:38:53:5c:5b:25:cb:39:87:8a:04:19:d0: c2:11:86:19:2d:10:3e:6e:02:c7:a6:91:86:0b:ac: 86:85:3c:d8:eb:4f:f4:0c:5e:a4:c1:9f:e4:48:21: c1:ca:98:ab:47:c1:67:cd:24:cc:02:c9:42:5d:b8: c4:35:6c:b5:28:29:de:06:c8:a3:5c:0c:fd:51:72: 1a:e3:af:07:7b:eb:de:ef:bd:aa:41:ac:68:4a:dc: aa:ea:9c:4a:d8:80:e2:5c:4f:11:22:1d:28:a8:66: 53:ed:b9:41:40:03:3a:82:55:c4:15:4b:e7:6e:8c: 4f:ba:5c:39:fb:36:d9:cc:dd:96:28:e3:2f:d7:c2: f1:39:2e:77:de:aa:0a:49:ba:13:aa:22:2a:7c:be: 7c:b5:01:83:f5:de:a0:c6:d3:64:fb:3c:9b:99:2b: 89:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:65:BC:09:9B:EC:BF:A1:3A:52:F1:8F:08:1B:71:38:1E:27:3A:FF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c53a68e4-6b3d-4fba-a3e7-7c778c3b46b6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:b040::/46 Signature Algorithm: sha256WithRSAEncryption 3b:a1:5b:bb:71:ac:b1:3b:78:56:86:bf:85:87:41:93:a6:8a: 7e:a4:bb:96:0f:c7:f4:fb:fe:a9:ba:a0:13:36:bf:f0:1a:68: fb:01:f4:12:02:6b:43:8f:c3:9b:87:73:7f:5f:bf:c5:a4:3a: d6:1d:66:12:17:c6:1f:6d:ba:cf:b9:4e:cf:97:06:d8:db:b4: 45:12:3b:76:b6:99:fc:1b:ea:c3:29:99:cd:de:42:c5:c1:f6: 10:2b:5f:b7:80:2f:ca:c7:b8:47:d3:39:9f:34:67:a9:7f:c9: 66:52:52:26:93:16:29:06:6a:4e:55:52:3e:da:75:e2:bd:c3: 93:d0:a4:e1:5a:04:56:93:39:8b:96:ef:b1:4a:09:37:67:e9: 5d:91:95:b2:00:ca:0f:1e:2a:77:31:32:31:cf:6e:f0:07:53: c8:a7:92:07:58:f9:5c:7a:87:9e:b3:19:d7:04:4d:b8:8b:40: d0:ac:29:fc:de:f4:75:e6:73:ae:2d:c8:16:d5:7c:28:d0:1a: 7e:fc:94:d8:dc:84:94:bf:4a:c5:4a:0a:1e:4a:89:82:aa:fd: 73:1a:1c:31:d1:a7:79:2e:14:f6:e9:08:82:5d:39:0d:3d:19: b4:ce:ae:f7:5c:e7:06:1c:3b:ba:28:3a:10:de:ed:b0:ec:1d: 40:2c:fa:64 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUoJ/k8jGe0wCJhSXaOJQkT38ZcgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAY2NiMDg1ZjY2YTZmODg3NmQzNjIx NDZmZTBjNmU4Y2Q3ZmM4ZDE5MjQ0MmIzMmU3ZjU4NmNhMjQxNzhiZDcyYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jXHIfFJ975/89fao19Wp1gZa/pF ME4k8SxC+2Xqd3L8mEm3kG3UjPNAZdw/qH2670kLo+SDQlOATURTLsZyb/M//Azs P1aXv1m8w5zh+y7zxhj2EZlMpfm2rgE4U1xbJcs5h4oEGdDCEYYZLRA+bgLHppGG C6yGhTzY60/0DF6kwZ/kSCHBypirR8FnzSTMAslCXbjENWy1KCneBsijXAz9UXIa 468He+ve772qQaxoStyq6pxK2IDiXE8RIh0oqGZT7blBQAM6glXEFUvnboxPulw5 +zbZzN2WKOMv18LxOS533qoKSboTqiIqfL58tQGD9d6gxtNk+zybmSuJwQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCplvAmb7L+hOlLxjwgbcTgeJzr/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M1M2E2OGU0LTZiM2QtNGZiYS1hM2U3LTdjNzc4YzNiNDZiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba97BAMA0GCSqGSIb3DQEBCwUAA4IBAQA7oVu7cayxO3hWhr+F h0GTpop+pLuWD8f0+/6puqATNr/wGmj7AfQSAmtDj8Obh3N/X7/FpDrWHWYSF8Yf bbrPuU7PlwbY27RFEjt2tpn8G+rDKZnN3kLFwfYQK1+3gC/Kx7hH0zmfNGepf8lm UlImkxYpBmpOVVI+2nXivcOT0KThWgRWkzmLlu+xSgk3Z+ldkZWyAMoPHip3MTIx z27wB1PIp5IHWPlceoeesxnXBE24i0DQrCn83vR15nOuLcgW1Xwo0Bp+/JTY3ISU v0rFSgoeSomCqv1zGhwx0ad5LhT26QiCXTkNPRm0zq73XOcGHDu6KDoQ3u2w7B1A LPpk -----END CERTIFICATE-----Generated at Wed Feb 5 03:49:22 2025 by rpki-client