$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc8e290b-8648-47ee-bd2f-426c31d42b90.roa File: cc8e290b-8648-47ee-bd2f-426c31d42b90.roa (raw, json) Hash identifier: aEgD2KTqUd21Q9NJb5QKyuy/ktqTSmKJboJSXkvIZic= Subject key identifier: C2:65:CE:59:40:91:71:90:D9:DC:B3:06:B3:65:C8:4D:08:B6:26:B6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7271A7705C9070E9799A372F5F0FF7EE41328503 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc8e290b-8648-47ee-bd2f-426c31d42b90.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:71:a7:70:5c:90:70:e9:79:9a:37:2f:5f:0f:f7:ee:41:32:85:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:7e:90:73:a6:51:51:37:c1:1d:28:48:20:bf: ff:f5:fc:f0:f0:82:f0:47:ff:aa:5b:61:fc:b5:4e: d8:e7:ea:8d:73:db:46:d9:db:44:6e:57:92:3f:e4: 6e:60:32:bb:0d:43:95:11:77:91:63:4a:24:53:cd: 03:15:2e:f9:8e:80:c2:cc:35:5b:6d:43:2a:d2:37: 65:56:c2:96:ff:4f:90:48:84:f4:00:be:e8:f8:ea: 4e:7b:e3:bc:39:29:03:a2:ea:8d:0c:77:62:87:ba: fe:5a:8b:16:18:47:ab:3f:66:01:59:ee:83:6d:af: 77:03:cb:28:d4:49:c7:7c:27:4c:27:33:b9:44:6f: e6:0f:d8:89:15:0f:b6:04:e7:8f:e9:4e:e7:0f:90: 66:cd:14:22:cb:ac:ec:c3:73:e7:57:17:4d:9c:10: 99:0c:0c:6e:f4:4d:6b:5d:b2:01:e1:3d:2f:ec:9e: 81:f6:ae:c6:db:ff:87:cc:fa:df:44:48:ba:8a:3f: 0a:56:98:48:b1:43:80:be:41:e9:e7:a6:99:69:83: 9d:d3:9b:0f:bf:b2:fa:81:a0:b3:83:7b:f2:54:72: ab:78:1f:4c:09:9e:39:fc:4a:47:c4:e2:b3:b5:bd: 4d:28:f1:44:f7:42:9a:d5:2e:82:cf:a0:35:51:51: cc:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:65:CE:59:40:91:71:90:D9:DC:B3:06:B3:65:C8:4D:08:B6:26:B6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc8e290b-8648-47ee-bd2f-426c31d42b90.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:4000::/40 Signature Algorithm: sha256WithRSAEncryption 2d:b1:c9:a7:79:7e:c3:e7:44:31:d5:d5:85:55:26:95:78:8a: 89:29:06:41:f5:8f:5c:8e:1b:05:08:30:a7:47:e4:0f:87:cb: 64:7d:f0:de:42:cb:89:44:a3:ee:3f:40:a1:2a:e0:1b:a5:8f: 3e:92:fb:fa:1a:0b:37:28:13:0a:69:ff:53:cd:a7:54:bc:7a: ec:a5:32:49:5c:10:7b:d7:9b:32:ae:7f:d4:da:e4:af:6e:43: 3c:ce:5d:20:50:45:fb:5f:4d:89:5f:7b:ac:5d:c2:01:15:f7: 69:fb:0b:31:3a:f9:6a:6d:39:96:6a:33:7c:6c:39:b6:ed:16: ed:59:c7:72:24:0b:f0:7a:91:46:fc:e5:27:35:20:29:b5:94: 7d:e9:b8:07:25:2f:df:7f:1e:ca:d8:39:e6:62:ca:c3:04:cd: ac:74:40:ed:f4:d4:65:8d:72:ba:86:11:e0:46:46:32:d6:c8: 46:0f:ca:42:69:ad:00:85:1c:9d:15:6f:33:90:42:f5:0e:bd: 70:4a:02:5a:49:30:29:d3:12:f8:9c:b4:91:c7:49:e4:e0:74: 07:f7:d7:93:a5:a0:63:97:4c:3c:c0:a0:f9:9f:15:65:28:b3: 03:be:64:19:1c:da:83:98:2e:e0:e4:44:44:24:e2:5e:d8:bb: d0:0b:2d:6b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcnGncFyQcOl5mjcvXw/37kEyhQMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMTI5YzM4ZjM5YjJmMzg5MjZiNDkw Y2MzZWVkYjQ5ZGExNTAzOTQ4NmI5YWNlMzQ3MTdlMzVjNGVmODRkNDI5ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5n6Qc6ZRUTfBHShIIL//9fzw8ILw R/+qW2H8tU7Y5+qNc9tG2dtEbleSP+RuYDK7DUOVEXeRY0okU80DFS75joDCzDVb bUMq0jdlVsKW/0+QSIT0AL7o+OpOe+O8OSkDouqNDHdih7r+WosWGEerP2YBWe6D ba93A8so1EnHfCdMJzO5RG/mD9iJFQ+2BOeP6U7nD5BmzRQiy6zsw3PnVxdNnBCZ DAxu9E1rXbIB4T0v7J6B9q7G2/+HzPrfREi6ij8KVphIsUOAvkHp56aZaYOd05sP v7L6gaCzg3vyVHKreB9MCZ45/EpHxOKztb1NKPFE90Ka1S6Cz6A1UVHMtwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMJlzllAkXGQ2dyzBrNlyE0Itia2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NjOGUyOTBiLTg2NDgtNDdlZS1iZDJmLTQyNmMzMWQ0MmI5MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+EAwDQYJKoZIhvcNAQELBQADggEBAC2xyad5fsPnRDHV1YVV JpV4iokpBkH1j1yOGwUIMKdH5A+Hy2R98N5Cy4lEo+4/QKEq4Buljz6S+/oaCzco Ewpp/1PNp1S8euylMklcEHvXmzKuf9Ta5K9uQzzOXSBQRftfTYlfe6xdwgEV92n7 CzE6+WptOZZqM3xsObbtFu1Zx3IkC/B6kUb85Sc1ICm1lH3puAclL99/HsrYOeZi ysMEzax0QO301GWNcrqGEeBGRjLWyEYPykJprQCFHJ0VbzOQQvUOvXBKAlpJMCnT EvictJHHSeTgdAf315OloGOXTDzAoPmfFWUoswO+ZBkc2oOYLuDkREQk4l7Yu9AL LWs= -----END CERTIFICATE-----Generated at Sun Feb 16 15:44:13 2025 by rpki-client