$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe226c2-aed5-404b-b74e-3b543fc887f0.roa File: cbe226c2-aed5-404b-b74e-3b543fc887f0.roa (raw, json) Hash identifier: Ckl50tZQnuyJUjvgn6ProgMpSyO1J/brkczN2vWri18= Subject key identifier: A6:3D:0B:7C:5B:90:3F:EE:CF:A6:07:8C:2F:30:79:6D:17:4E:1E:17 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 58CC3B922A529830CDD549D5BEB8E2F75018FA47 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe226c2-aed5-404b-b74e-3b543fc887f0.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:f0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:cc:3b:92:2a:52:98:30:cd:d5:49:d5:be:b8:e2:f7:50:18:fa:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:5d:78:3f:c4:1d:25:d5:6c:a2:7b:24:29:4e: a4:00:7e:22:0b:7f:7b:1e:e5:31:5f:22:5a:dc:ed: 32:31:1b:3a:c4:83:c5:f9:89:02:45:9f:9c:fe:c8: eb:e3:d9:b4:3a:bb:12:aa:35:3e:9e:14:63:d9:30: 6e:b7:e5:14:61:33:05:ab:6d:1a:a2:a2:fe:cd:bd: 51:3d:f0:c5:b0:95:ba:fc:d4:c7:e8:1e:5d:3c:48: db:e0:09:b6:97:ef:83:f8:bc:a2:a4:91:c6:ec:15: ae:bc:74:2c:7e:25:cc:1c:4c:8e:cf:a8:04:a5:34: f8:5c:d9:6a:01:af:35:0a:4b:3c:02:6c:b0:10:2a: 14:92:d9:8e:60:cd:4f:3a:b8:5a:b0:aa:f2:a7:5b: 3c:84:14:49:c2:fe:48:0d:00:e5:e8:99:40:fd:72: 81:cf:16:1b:15:68:bf:02:fa:df:ab:3d:b8:d9:ce: fd:5d:70:8b:df:af:b4:1e:d4:03:5b:f9:fd:3c:28: ff:3f:0d:11:20:77:c7:45:7d:fa:05:13:c7:8a:7d: fd:18:6c:1e:be:71:eb:9f:60:1f:50:12:34:80:b7: b5:9c:2c:60:f6:3f:d9:e7:02:e1:c1:c3:34:17:45: b6:ba:2e:c5:91:f5:65:9e:3a:69:f8:58:4d:9e:58: 9a:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:3D:0B:7C:5B:90:3F:EE:CF:A6:07:8C:2F:30:79:6D:17:4E:1E:17 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe226c2-aed5-404b-b74e-3b543fc887f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:f0c0::/46 Signature Algorithm: sha256WithRSAEncryption 32:1d:d2:42:24:b4:eb:99:81:29:30:bb:1a:3b:ca:68:1b:28: 7a:fe:36:4b:fb:2f:fa:cf:7b:89:a1:52:39:6a:58:cb:ba:90: 35:ca:c0:83:0c:59:09:34:f6:c8:3c:dd:51:a9:d2:02:2a:11: ad:6c:28:d9:54:1d:b2:42:0b:11:67:bb:3d:58:f0:d7:1d:23: bf:56:8a:5c:23:c3:01:8a:a1:fd:dc:e9:29:70:a2:3c:f0:28: d2:fa:3e:b8:f8:2c:f2:e3:7c:0a:8c:04:c1:c1:17:23:8d:bb: f6:55:6a:be:3c:ec:d7:af:63:e7:fd:0e:04:79:38:3e:c6:93: aa:7f:34:db:f2:cd:9a:cf:c6:ac:91:e2:dd:c3:4e:81:ca:8d: d0:5b:bd:04:37:4d:2a:fa:7f:71:2f:c3:7c:e2:78:ba:72:3e: d6:fb:69:ce:22:95:a7:9e:bb:90:70:12:71:87:4a:cc:e1:fe: 5f:b1:68:d2:a6:3b:50:28:e8:0f:a1:e8:ef:c2:a7:cf:e6:be: 38:35:7f:8b:73:80:b6:fe:55:c9:08:8f:16:e8:ad:5f:61:f8: d2:40:c1:13:92:42:71:74:7d:c3:34:e6:1d:da:06:3c:ee:24: e1:a4:3b:ef:9b:8a:9a:b6:17:f9:e9:48:8c:46:6d:ea:80:de: 8a:29:29:cc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWMw7kipSmDDN1UnVvrji91AY+kcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMGMxODZkYjgxZGM4MDRmNzZkOGM1 MGM1MjQxYmQ0MDM0MTNlYTYwMDViY2VmMGRjZmFjZTQwMzkyMzE3MWQ5NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjF14P8QdJdVsonskKU6kAH4iC397 HuUxXyJa3O0yMRs6xIPF+YkCRZ+c/sjr49m0OrsSqjU+nhRj2TBut+UUYTMFq20a oqL+zb1RPfDFsJW6/NTH6B5dPEjb4Am2l++D+LyipJHG7BWuvHQsfiXMHEyOz6gE pTT4XNlqAa81Cks8AmywECoUktmOYM1POrhasKryp1s8hBRJwv5IDQDl6JlA/XKB zxYbFWi/Avrfqz242c79XXCL36+0HtQDW/n9PCj/Pw0RIHfHRX36BRPHin39GGwe vnHrn2AfUBI0gLe1nCxg9j/Z5wLhwcM0F0W2ui7FkfVlnjpp+FhNnliaVQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKY9C3xbkD/uz6YHjC8weW0XTh4XMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NiZTIyNmMyLWFlZDUtNDA0Yi1iNzRlLTNiNTQzZmM4ODdmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaafDAMA0GCSqGSIb3DQEBCwUAA4IBAQAyHdJCJLTrmYEpMLsa O8poGyh6/jZL+y/6z3uJoVI5aljLupA1ysCDDFkJNPbIPN1RqdICKhGtbCjZVB2y QgsRZ7s9WPDXHSO/VopcI8MBiqH93OkpcKI88CjS+j64+Czy43wKjATBwRcjjbv2 VWq+POzXr2Pn/Q4EeTg+xpOqfzTb8s2az8askeLdw06Byo3QW70EN00q+n9xL8N8 4ni6cj7W+2nOIpWnnruQcBJxh0rM4f5fsWjSpjtQKOgPoejvwqfP5r44NX+Lc4C2 /lXJCI8W6K1fYfjSQMETkkJxdH3DNOYd2gY87iThpDvvm4qathf56UiMRm3qgN6K KSnM -----END CERTIFICATE-----Generated at Wed Feb 5 03:54:41 2025 by rpki-client