$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa File: cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa (raw, json) Hash identifier: Xvjej7i2t80vRwObnnu8QUKMSwDZyfbLf+v5Yi6PB44= Subject key identifier: 53:84:F6:BA:BC:B8:A8:49:55:F0:07:6A:CC:B1:9D:F7:3B:2E:32:08 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1920C8B598CFCA6574D39797E53C4884B9ED8CB0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:20:c8:b5:98:cf:ca:65:74:d3:97:97:e5:3c:48:84:b9:ed:8c:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:2b:0c:f4:5e:08:30:aa:65:3b:fe:ea:b9:91: a2:13:fa:0f:65:fe:95:f0:83:85:71:31:40:60:df: 35:c5:3d:ad:cf:b8:60:f1:dc:a5:fc:70:0a:ac:38: fc:1d:e3:b2:ae:e3:50:66:53:bf:0d:e5:a6:a3:f5: e1:b4:54:c3:cc:08:5c:53:05:59:a0:0a:d6:3b:9d: 20:8f:3f:5d:6c:7b:15:85:d8:33:c7:3f:e9:f7:d8: dc:ea:2b:7e:8c:3f:58:fa:66:9b:7f:7a:d6:38:46: 72:36:ae:3f:47:ae:b2:4d:35:fc:de:bc:24:c2:32: 68:ba:f8:09:01:c5:a1:6d:b1:aa:d4:70:e9:08:72: d5:a5:89:2e:1a:27:0d:af:ff:d2:cc:87:b5:89:5d: a3:86:4d:ea:a7:5c:3e:eb:92:0e:0e:af:60:d6:c5: 25:e2:49:da:14:1f:e3:31:6f:af:42:b5:4a:ff:8c: d9:95:bd:97:d5:09:bd:05:11:4e:2e:bb:14:d5:ee: bf:38:75:8c:25:08:af:76:11:48:c1:26:bd:c9:6f: 75:04:3c:a6:50:25:ff:63:4a:19:43:e9:88:b2:2e: c5:b2:02:cc:d5:19:93:16:87:df:09:42:20:89:78: d0:a7:ea:3e:42:58:a3:78:93:14:9c:01:86:30:11: a4:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:84:F6:BA:BC:B8:A8:49:55:F0:07:6A:CC:B1:9D:F7:3B:2E:32:08 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:9000::/40 Signature Algorithm: sha256WithRSAEncryption c5:9d:fd:8e:d2:32:b4:44:76:29:ff:6a:53:ec:5a:44:45:18: 96:30:b7:ed:45:d7:3e:e4:af:8e:ea:6b:c0:2d:2d:0f:9d:3f: ea:7a:10:aa:75:4b:a9:17:99:15:0e:40:46:67:d8:1b:e8:20: 76:7a:de:93:9e:c6:8e:f1:0f:59:52:dd:8a:a7:92:ad:4c:d7: b7:53:9b:c0:ed:ca:cf:11:cd:e8:84:04:0f:58:fa:5f:f5:de: 1f:39:25:08:fd:8c:00:dc:47:9c:b6:94:e0:06:8c:0c:64:4a: 50:71:68:3e:82:5e:25:04:bd:57:87:83:c4:3b:06:7d:22:ca: be:c6:88:37:42:67:cb:12:56:a3:fb:e1:2e:68:b1:4b:9f:ec: 02:3a:e7:0c:77:e1:02:cd:ab:b7:4e:e7:14:2a:8a:71:a2:2d: ab:d3:b2:63:c0:3d:21:06:c6:c2:a4:85:6b:e5:7e:ea:13:25: 91:9b:03:07:0d:c1:99:c1:37:9d:88:5e:36:21:59:a2:c2:f8: 88:90:81:f0:ec:7c:b1:27:6b:e2:eb:12:bb:f9:1b:b7:15:b7: 77:06:b5:ef:2e:63:0b:d6:60:73:f7:1d:c4:42:6f:28:44:a3: 4d:f6:4a:a0:e2:b2:57:8b:04:1e:61:0b:24:99:99:8c:02:16: 1b:dc:23:74 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGSDItZjPymV005eX5TxIhLntjLAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYWI2MzkyMDcxOTRhYTk1NDkxOWFk ZTljNmNiZWE0Y2JmNTczNzNmYWUzZjcxNTlmZTk3YTk0MDViMjJjNjVlYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArisM9F4IMKplO/7quZGiE/oPZf6V 8IOFcTFAYN81xT2tz7hg8dyl/HAKrDj8HeOyruNQZlO/DeWmo/XhtFTDzAhcUwVZ oArWO50gjz9dbHsVhdgzxz/p99jc6it+jD9Y+mabf3rWOEZyNq4/R66yTTX83rwk wjJouvgJAcWhbbGq1HDpCHLVpYkuGicNr//SzIe1iV2jhk3qp1w+65IODq9g1sUl 4knaFB/jMW+vQrVK/4zZlb2X1Qm9BRFOLrsU1e6/OHWMJQivdhFIwSa9yW91BDym UCX/Y0oZQ+mIsi7FsgLM1RmTFoffCUIgiXjQp+o+QlijeJMUnAGGMBGkswIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFOE9rq8uKhJVfAHasyxnfc7LjIIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NlZjZiMWQ0LWE1MDEtNDZkNC1iOGQ4LTMyYjJmNTZhZTE5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaZAwDQYJKoZIhvcNAQELBQADggEBAMWd/Y7SMrREdin/alPs WkRFGJYwt+1F1z7kr47qa8AtLQ+dP+p6EKp1S6kXmRUOQEZn2BvoIHZ63pOexo7x D1lS3Yqnkq1M17dTm8Dtys8RzeiEBA9Y+l/13h85JQj9jADcR5y2lOAGjAxkSlBx aD6CXiUEvVeHg8Q7Bn0iyr7GiDdCZ8sSVqP74S5osUuf7AI65wx34QLNq7dO5xQq inGiLavTsmPAPSEGxsKkhWvlfuoTJZGbAwcNwZnBN52IXjYhWaLC+IiQgfDsfLEn a+LrErv5G7cVt3cGte8uYwvWYHP3HcRCbyhEo032SqDisleLBB5hCySZmYwCFhvc I3Q= -----END CERTIFICATE-----Generated at Wed Feb 5 03:57:01 2025 by rpki-client