$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa File: d50e303a-6697-4780-b749-2eb970425fe8.roa (raw, json) Hash identifier: qWcnpvQpcBXz1c/goKrA2wqVs3NSU2K/ZtLayfvYRMM= Subject key identifier: 90:19:89:D8:BE:8B:6B:3B:8C:B6:58:7F:23:EA:7E:C6:34:DC:DC:6F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 67CBD8937C5C03B148F6ACF36E33F6746C7E15A5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:cb:d8:93:7c:5c:03:b1:48:f6:ac:f3:6e:33:f6:74:6c:7e:15:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:64:27:15:3c:30:07:0f:63:b3:31:88:27:4c: 39:73:34:bb:62:37:ae:82:cb:2f:d7:e8:32:cf:67: 00:26:87:e0:d5:3f:68:76:65:38:4b:4a:12:fd:d1: ee:b1:b2:a6:3e:d3:1e:a7:e7:eb:61:33:d5:fa:8a: 09:37:05:62:a2:4c:1b:fe:66:70:bb:60:5e:e3:29: a1:b8:d3:9c:92:2c:29:c7:7d:b3:a3:c0:c5:b2:39: 4b:a7:5d:f4:e9:46:5f:a0:ca:16:24:76:3d:f3:49: 29:f9:51:67:41:66:76:5c:64:6d:e2:20:b2:6f:4e: 71:3c:1c:54:94:0b:c4:f8:98:fe:18:62:bf:46:da: 54:f0:4a:d9:bd:0c:c5:b5:4e:b0:0c:94:cb:82:c3: 9d:2f:5d:6e:0f:69:26:0f:55:ad:66:ff:bb:d1:6b: 4c:d0:3f:8a:0a:01:6b:0f:58:51:e8:05:ba:f5:fc: 8d:bc:04:bf:67:0e:5c:8e:e7:23:b4:6b:5f:fe:97: 71:94:d0:1f:ac:83:8a:8c:f1:5d:46:8b:24:9e:2c: 13:3d:e2:a2:0d:c2:84:85:df:0d:a4:47:94:03:64: 90:69:05:f8:01:a6:5a:e6:c5:0d:fc:b8:33:f9:23: e5:fd:1a:5b:35:02:67:7a:90:6a:dc:4f:d4:f7:2c: f3:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:19:89:D8:BE:8B:6B:3B:8C:B6:58:7F:23:EA:7E:C6:34:DC:DC:6F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:7000::/40 Signature Algorithm: sha256WithRSAEncryption 0a:06:91:6a:e3:f2:10:78:bb:a7:5d:a3:f4:91:62:86:6a:d6: 62:8b:92:51:be:e6:b1:c5:8e:c3:d9:12:9b:4b:92:83:01:5e: e9:a6:50:ad:af:98:c3:66:6f:0e:f3:61:13:25:2c:ce:b2:c9: b9:fb:cb:68:48:78:0b:b6:94:4e:92:af:a4:2e:f8:30:64:9c: 10:d7:66:7d:58:96:e9:ef:c3:5f:86:82:a3:1d:b1:06:c4:5d: 74:7d:68:7a:19:65:90:49:23:f7:c1:71:ed:73:75:76:01:54: 9e:85:59:53:98:91:ab:5f:a3:ec:29:8d:31:c0:2f:7b:e8:cc: 77:0f:7b:04:79:2e:76:01:67:5b:58:6a:13:b4:98:eb:2f:c9: a5:3d:9e:1d:a4:57:3c:43:14:83:3c:b2:27:f3:8b:5d:54:11: 48:33:46:a4:c9:1a:f5:bf:51:54:b1:96:1c:76:2a:96:32:e4: 61:ff:6a:9c:03:f5:1f:6c:e6:87:0c:09:21:f4:cf:d5:46:40: c3:67:8c:7c:67:70:db:16:21:45:c3:f1:e1:65:ff:4b:5d:1e: c3:0e:5e:a3:da:43:81:02:24:c2:94:62:59:94:86:02:97:a5: 2c:bf:3a:a8:36:78:a2:5c:62:a2:44:4f:69:16:11:83:5f:b2: be:d6:76:96 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZ8vYk3xcA7FI9qzzbjP2dGx+FaUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAN2NmY2VmOTFhYTZiZWY5ZDc4MDRh MzU1MmJiYzhhYjc4ZGU1OTc5YWI1ZDQxYWQ3YWE0NDZkZDJkNjNmM2IyOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGQnFTwwBw9jszGIJ0w5czS7Yjeu gssv1+gyz2cAJofg1T9odmU4S0oS/dHusbKmPtMep+frYTPV+ooJNwViokwb/mZw u2Be4ymhuNOckiwpx32zo8DFsjlLp1306UZfoMoWJHY980kp+VFnQWZ2XGRt4iCy b05xPBxUlAvE+Jj+GGK/RtpU8ErZvQzFtU6wDJTLgsOdL11uD2kmD1WtZv+70WtM 0D+KCgFrD1hR6AW69fyNvAS/Zw5cjucjtGtf/pdxlNAfrIOKjPFdRoskniwTPeKi DcKEhd8NpEeUA2SQaQX4AaZa5sUN/Lgz+SPl/RpbNQJnepBq3E/U9yzzkwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJAZidi+i2s7jLZYfyPqfsY03NxvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q1MGUzMDNhLTY2OTctNDc4MC1iNzQ5LTJlYjk3MDQyNWZlOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9nAwDQYJKoZIhvcNAQELBQADggEBAAoGkWrj8hB4u6ddo/SR YoZq1mKLklG+5rHFjsPZEptLkoMBXummUK2vmMNmbw7zYRMlLM6yybn7y2hIeAu2 lE6Sr6Qu+DBknBDXZn1Ylunvw1+GgqMdsQbEXXR9aHoZZZBJI/fBce1zdXYBVJ6F WVOYkatfo+wpjTHAL3vozHcPewR5LnYBZ1tYahO0mOsvyaU9nh2kVzxDFIM8sifz i11UEUgzRqTJGvW/UVSxlhx2KpYy5GH/apwD9R9s5ocMCSH0z9VGQMNnjHxncNsW IUXD8eFl/0tdHsMOXqPaQ4ECJMKUYlmUhgKXpSy/Oqg2eKJcYqJET2kWEYNfsr7W dpY= -----END CERTIFICATE-----Generated at Wed Feb 5 03:50:32 2025 by rpki-client