$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa File: cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa (raw, json) Hash identifier: 8rG3uToXU0R4ibQ0nVdiPfaKFiA81W8MHEv54Syi1/k= Subject key identifier: D4:5D:D7:FB:E9:AD:C9:46:E2:79:B5:ED:B3:3C:49:0D:AE:3C:C6:7B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E4C5A956D0C338EE0D940F2EC37A5228D9E041D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:4c:5a:95:6d:0c:33:8e:e0:d9:40:f2:ec:37:a5:22:8d:9e:04:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:c0:e3:8f:b6:68:21:e8:ba:f1:e9:ec:36:51: 20:25:86:c7:1b:bc:93:6c:db:69:3f:24:e4:2e:d2: 04:bf:2d:c3:f6:2e:bb:b6:86:02:5d:a0:f6:12:0e: 17:60:fa:15:82:2a:b6:bc:c3:22:11:4d:44:c3:02: 39:27:9f:ca:57:e9:45:d2:10:3f:1c:02:a5:52:bf: af:23:eb:cb:56:5f:44:da:f6:5a:ad:4a:89:f2:54: 24:cd:32:e5:66:07:11:95:fd:88:48:57:bf:a5:cb: 69:ae:c4:68:1d:b7:2a:45:b6:4f:cc:cf:6a:67:01: 5d:6b:c1:0d:2e:f7:3f:57:6c:da:67:69:0a:03:a4: a6:df:2c:a0:c3:56:e0:8e:f5:4e:2b:03:08:0e:72: b3:b6:ab:0f:54:fd:63:30:46:a2:72:8a:04:2b:8a: 24:ab:92:8e:3c:26:9a:ea:13:87:91:86:0c:a2:76: 6d:05:7a:12:92:ea:4e:0d:26:7a:84:98:70:75:00: 7d:5f:09:81:8b:79:d7:b3:f1:f8:45:b1:16:94:2a: 29:02:76:37:f4:13:09:9f:6e:3e:e3:b8:ca:fc:d5: e3:bd:0a:bf:43:79:03:4e:1e:9d:fe:25:ce:63:f8: 80:0c:47:18:35:a8:79:3f:eb:07:72:37:28:7d:d7: c0:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:5D:D7:FB:E9:AD:C9:46:E2:79:B5:ED:B3:3C:49:0D:AE:3C:C6:7B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 21:d8:2d:0e:76:5d:3e:f9:c7:e9:04:00:a4:07:68:77:47:f8: 3c:17:ab:e1:b1:71:57:3f:ef:3a:db:a4:3d:56:43:6d:a9:24: d1:81:09:66:8b:5a:31:96:17:da:e5:0e:70:e1:fd:df:13:f1: c8:b4:d9:a3:c5:d9:26:02:fa:d8:9d:38:e9:fd:18:90:fe:7b: db:16:f0:96:af:64:0d:81:fd:74:80:0b:2b:05:7e:ea:14:83: 4a:33:06:9f:34:68:0b:ce:a1:a6:93:ac:61:26:06:0a:13:9d: c0:ad:00:17:d2:89:f8:77:5f:db:ca:7a:26:b0:c6:cf:17:7b: 73:7d:36:f3:80:74:bb:cd:81:b0:27:97:2a:5b:ae:06:82:ce: 64:71:59:4d:98:d2:3d:0d:f7:bf:d4:46:08:0e:e0:d2:24:f6: e0:89:bf:5a:1d:be:51:2f:8e:e5:fc:fb:c6:b5:59:6a:dd:21: 28:f3:73:eb:e7:65:af:cd:db:9f:69:a7:5c:20:8f:b3:6d:3b: fb:09:55:af:8f:17:5c:86:62:59:89:c4:ee:32:ea:ea:97:29: c6:48:42:98:26:3a:71:06:4a:82:f6:dd:94:9f:c6:25:f9:8d: f6:07:a7:a5:e7:4a:6f:b7:ae:9f:2d:33:c4:eb:ac:42:28:4e: 37:78:05:0e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPkxalW0MM47g2UDy7DelIo2eBB0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNAOWM1Y2VjZWFmNTk4OTcyNmQyZGJi NTEwYTFkN2Y1NDk0MjA4OTQ1NmY0NDUwMTFkZjM5NTU4OGNjY2ZjYjI1ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cDjj7ZoIei68ensNlEgJYbHG7yT bNtpPyTkLtIEvy3D9i67toYCXaD2Eg4XYPoVgiq2vMMiEU1EwwI5J5/KV+lF0hA/ HAKlUr+vI+vLVl9E2vZarUqJ8lQkzTLlZgcRlf2ISFe/pctprsRoHbcqRbZPzM9q ZwFda8ENLvc/V2zaZ2kKA6Sm3yygw1bgjvVOKwMIDnKztqsPVP1jMEaicooEK4ok q5KOPCaa6hOHkYYMonZtBXoSkupODSZ6hJhwdQB9XwmBi3nXs/H4RbEWlCopAnY3 9BMJn24+47jK/NXjvQq/Q3kDTh6d/iXOY/iADEcYNah5P+sHcjcofdfA9wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNRd1/vprclG4nm17bM8SQ2uPMZ7MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmNmY2ZTc1LTZiYWItNGJjMS04ODIyLTFiN2VjMWZjMTQ4ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mDAMA0GCSqGSIb3DQEBCwUAA4IBAQAh2C0Odl0++cfpBACk B2h3R/g8F6vhsXFXP+8626Q9VkNtqSTRgQlmi1oxlhfa5Q5w4f3fE/HItNmjxdkm AvrYnTjp/RiQ/nvbFvCWr2QNgf10gAsrBX7qFINKMwafNGgLzqGmk6xhJgYKE53A rQAX0on4d1/bynomsMbPF3tzfTbzgHS7zYGwJ5cqW64Ggs5kcVlNmNI9Dfe/1EYI DuDSJPbgib9aHb5RL47l/PvGtVlq3SEo83Pr52WvzdufaadcII+zbTv7CVWvjxdc hmJZicTuMurqlynGSEKYJjpxBkqC9t2Un8Yl+Y32B6el50pvt66fLTPE66xCKE43 eAUO -----END CERTIFICATE-----Generated at Wed Feb 5 03:58:41 2025 by rpki-client