$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d877f905-a5ae-4729-96f2-03659354b7bc.roa File: d877f905-a5ae-4729-96f2-03659354b7bc.roa (raw, json) Hash identifier: 6NQ0M7jmiPQIXfBRgwh6iIFHAjXdn18QpTb6I4Fv1vU= Subject key identifier: 5F:A6:6C:7D:39:57:B5:F3:2A:B5:FD:D4:AA:73:07:7A:BA:E2:B3:51 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1765DC7C6A4418CF4AB8AA04FBEDD4745992B5FE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d877f905-a5ae-4729-96f2-03659354b7bc.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:2840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:65:dc:7c:6a:44:18:cf:4a:b8:aa:04:fb:ed:d4:74:59:92:b5:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:a1:94:9c:87:57:62:56:c3:6f:31:bc:87:9d: d5:5e:af:cf:2b:98:cd:77:a4:02:29:a4:6f:91:fd: af:ea:4b:16:a7:61:ff:2c:36:59:5e:27:ae:e2:e4: 63:4e:3d:d8:19:2f:f3:31:0a:13:df:1f:63:66:18: 8e:a9:5f:06:a7:3c:58:21:78:ce:67:14:f9:ee:eb: a7:73:3f:d6:e6:74:b2:4f:a1:cf:32:a9:3d:46:2a: 9a:8b:3c:64:1c:bb:d5:f5:c2:5b:ff:81:c7:50:60: 86:7e:94:ed:8d:5a:c5:22:5b:1e:9f:8e:bd:63:67: e2:16:e0:de:b9:31:79:33:ee:54:84:03:f1:9a:cf: e5:ab:ca:29:83:85:e1:78:24:01:1b:a6:fd:9a:82: 47:47:3a:56:0e:f5:d4:0e:71:83:a9:8d:ec:62:0e: c7:45:36:78:f4:12:b8:c5:c8:4c:ea:f8:98:7b:89: 00:e1:49:0b:b3:1b:67:df:3d:86:32:7f:74:bc:d9: bb:e8:70:29:e3:e5:c7:15:21:4e:86:66:88:2b:53: 7c:57:30:b6:ec:ed:ef:29:a9:6a:e3:10:27:6e:36: 2e:f9:9d:9e:92:44:07:27:e6:e8:d4:73:70:63:d0: 7d:5b:c4:61:6a:7f:d3:58:a1:55:38:b9:00:14:df: 78:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:A6:6C:7D:39:57:B5:F3:2A:B5:FD:D4:AA:73:07:7A:BA:E2:B3:51 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d877f905-a5ae-4729-96f2-03659354b7bc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:2840::/48 Signature Algorithm: sha256WithRSAEncryption 94:67:43:17:e3:90:43:eb:fa:2c:74:16:7c:cd:f2:4d:0d:f6: 80:ba:15:a5:96:23:4f:68:eb:ff:2d:78:82:cc:e4:4d:6e:a9: 1f:46:c7:14:cd:34:29:0c:4f:bf:1b:c2:dc:62:39:88:a9:8f: 56:57:dc:25:ba:6a:c0:17:17:9f:7d:ac:9e:8f:9a:2d:b7:45: c2:29:04:d9:7b:d1:37:93:2b:45:1e:c4:9f:f9:08:89:63:39: a7:6d:d2:f5:f3:09:9f:b5:82:e9:47:64:ff:9b:ee:7b:6e:8d: 21:e1:70:cf:5f:94:dc:5c:f7:eb:ac:5f:0a:2c:04:40:eb:83: e4:ae:15:f1:d4:89:b7:48:cc:b9:9b:64:fb:0c:70:e4:2e:61: 77:8f:72:b2:5b:85:c4:39:db:ef:d7:12:ce:38:ce:eb:e1:e0: ed:f9:3b:91:30:1e:d0:e0:ab:fa:7a:89:19:e3:9d:95:bc:aa: 89:b4:78:5b:09:9f:e2:13:11:63:4b:1d:13:ef:68:16:7b:fe: 63:66:16:d6:cd:56:c9:4f:76:5f:b8:a7:4b:9a:f7:92:73:61: 4a:09:be:f5:cb:c5:f0:01:21:7a:9c:ed:09:f6:68:e7:6a:ab: 3a:d5:90:cd:1c:63:63:a1:28:c5:27:16:69:df:5e:b3:30:01: a3:04:26:88 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUF2XcfGpEGM9KuKoE++3UdFmStf4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMWMyMmZlZDcxYmI4OTI1N2Y2NWVm YmU0MzMyNjljMmFhYWEyMWIzYWFkNDgzZWFjZTU5ZmIxZDE5Y2YwOGQwYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKGUnIdXYlbDbzG8h53VXq/PK5jN d6QCKaRvkf2v6ksWp2H/LDZZXieu4uRjTj3YGS/zMQoT3x9jZhiOqV8GpzxYIXjO ZxT57uuncz/W5nSyT6HPMqk9RiqaizxkHLvV9cJb/4HHUGCGfpTtjVrFIlsen469 Y2fiFuDeuTF5M+5UhAPxms/lq8opg4XheCQBG6b9moJHRzpWDvXUDnGDqY3sYg7H RTZ49BK4xchM6viYe4kA4UkLsxtn3z2GMn90vNm76HAp4+XHFSFOhmaIK1N8VzC2 7O3vKalq4xAnbjYu+Z2ekkQHJ+bo1HNwY9B9W8Rhan/TWKFVOLkAFN94bwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFF+mbH05V7XzKrX91KpzB3q64rNRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NzdmOTA1LWE1YWUtNDcyOS05NmYyLTAzNjU5MzU0YjdiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9ChAMA0GCSqGSIb3DQEBCwUAA4IBAQCUZ0MX45BD6/osdBZ8 zfJNDfaAuhWlliNPaOv/LXiCzORNbqkfRscUzTQpDE+/G8LcYjmIqY9WV9wlumrA Fxeffayej5ott0XCKQTZe9E3kytFHsSf+QiJYzmnbdL18wmftYLpR2T/m+57bo0h 4XDPX5TcXPfrrF8KLARA64PkrhXx1Im3SMy5m2T7DHDkLmF3j3KyW4XEOdvv1xLO OM7r4eDt+TuRMB7Q4Kv6eokZ452VvKqJtHhbCZ/iExFjSx0T72gWe/5jZhbWzVbJ T3ZfuKdLmveSc2FKCb71y8XwASF6nO0J9mjnaqs61ZDNHGNjoSjFJxZp316zMAGj BCaI -----END CERTIFICATE-----Generated at Wed Feb 5 04:02:42 2025 by rpki-client