$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da22e8df-40cd-402b-b04f-8b5954d0b173.roa File: da22e8df-40cd-402b-b04f-8b5954d0b173.roa (raw, json) Hash identifier: CDNqqjpXZgoHqol272p4L9l8u/iDjZ0Te0jezOrxwoo= Subject key identifier: 57:AE:12:9E:EA:86:7B:C3:CE:13:45:AA:E9:4A:8E:D9:A7:B1:7E:69 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6300798F65FD2EDAC13BF419F21C7FEB2F396295 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da22e8df-40cd-402b-b04f-8b5954d0b173.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:a040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:00:79:8f:65:fd:2e:da:c1:3b:f4:19:f2:1c:7f:eb:2f:39:62:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:b1:1e:89:86:38:10:f1:4c:e9:18:05:20:95: 85:07:b5:de:2e:47:2c:9b:43:1c:5a:d2:48:73:15: 94:7c:13:ad:41:3a:8e:5a:ad:ba:de:19:16:71:76: d2:10:cf:f7:d4:e3:6c:2b:fa:ec:fb:32:f8:96:bb: 46:88:fd:de:60:a3:18:ca:a1:2a:04:34:c0:d9:0b: 7c:e1:f3:d1:aa:71:0f:bc:70:f5:10:3d:81:b2:b3: 67:13:0f:e9:b7:1f:c3:2d:ca:de:54:65:a4:00:c1: ee:21:b0:1d:6f:ca:e7:57:1f:d2:95:c1:19:8d:15: 7b:87:f3:95:fa:82:02:89:7b:4e:44:b8:a9:e5:30: b0:f1:f2:36:02:90:a2:dd:62:29:f5:19:54:82:bb: 0c:81:f2:a1:3f:cc:dd:8c:48:2e:2b:0b:44:35:fd: be:23:49:9b:c7:85:85:4e:24:1e:bc:5d:a4:41:52: 4a:6b:b8:a9:5c:57:65:49:64:7e:ad:cc:84:a5:25: 36:4d:d7:c2:8d:a3:10:c7:64:4c:b4:c5:be:d9:0d: ae:62:d6:1b:d7:54:88:59:f8:e2:a9:8f:d3:d7:31: 66:cd:32:52:bc:3f:21:0d:84:00:da:07:53:db:c3: 55:3c:5e:a5:18:50:5f:65:bd:c8:66:d8:d7:ef:79: 19:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:AE:12:9E:EA:86:7B:C3:CE:13:45:AA:E9:4A:8E:D9:A7:B1:7E:69 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da22e8df-40cd-402b-b04f-8b5954d0b173.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:a040::/46 Signature Algorithm: sha256WithRSAEncryption bd:66:c7:55:85:42:74:89:d3:0a:80:42:e5:01:5c:95:c6:e4: a1:b0:8d:d2:ac:02:c8:25:b2:ee:99:95:43:bf:15:02:d9:fe: ce:a7:67:5a:1d:9f:9b:0e:f4:60:ad:59:b9:88:73:4e:e4:04: c6:ac:07:b0:54:92:53:eb:97:73:74:02:54:b1:fe:0e:26:66: 53:b0:7a:38:d7:94:9d:05:57:f6:2e:1b:24:2d:0c:7d:9c:d9: 8f:a2:49:ff:11:ce:d1:1e:a0:93:9c:a0:bb:2c:c3:39:08:c3: f1:f8:2c:2d:57:f1:f4:45:ca:67:af:47:2b:01:be:5e:0c:63: 95:54:39:b6:6d:76:e8:f6:3b:e9:38:bd:e4:c9:ad:e8:01:8a: f9:ef:c3:4f:d8:d5:bf:0e:57:11:6b:60:76:0a:4d:c6:10:05: f2:72:68:b9:16:55:50:98:a6:24:0b:03:d0:c7:28:11:b8:8c: d0:b6:85:b9:ba:c0:5c:ac:1a:8f:40:0c:d1:34:99:21:95:11: 14:32:24:fb:9a:e0:d8:38:e4:87:68:97:76:01:ca:46:5b:f2: d8:d5:e6:e1:e6:d2:ed:d0:21:c4:9b:73:ac:c8:58:09:f3:5f: 9b:a1:d1:7e:0b:1e:23:1f:53:3f:4e:2d:8b:f9:c2:c8:f6:f9: a2:b1:ee:b2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYwB5j2X9LtrBO/QZ8hx/6y85YpUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYzk0YTUwZDJlMWFlYzU5MzA2Njlh NGYyNjVlZmYwOGQ0NjA5YTQ4YzNlYzE1ZjNkZDJhOGZkNGVmMzEzMjFiZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rEeiYY4EPFM6RgFIJWFB7XeLkcs m0McWtJIcxWUfBOtQTqOWq263hkWcXbSEM/31ONsK/rs+zL4lrtGiP3eYKMYyqEq BDTA2Qt84fPRqnEPvHD1ED2BsrNnEw/ptx/DLcreVGWkAMHuIbAdb8rnVx/SlcEZ jRV7h/OV+oICiXtORLip5TCw8fI2ApCi3WIp9RlUgrsMgfKhP8zdjEguKwtENf2+ I0mbx4WFTiQevF2kQVJKa7ipXFdlSWR+rcyEpSU2TdfCjaMQx2RMtMW+2Q2uYtYb 11SIWfjiqY/T1zFmzTJSvD8hDYQA2gdT28NVPF6lGFBfZb3IZtjX73kZUQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFeuEp7qhnvDzhNFqulKjtmnsX5pMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RhMjJlOGRmLTQwY2QtNDAyYi1iMDRmLThiNTk1NGQwYjE3My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+6BAMA0GCSqGSIb3DQEBCwUAA4IBAQC9ZsdVhUJ0idMKgELl AVyVxuShsI3SrALIJbLumZVDvxUC2f7Op2daHZ+bDvRgrVm5iHNO5ATGrAewVJJT 65dzdAJUsf4OJmZTsHo415SdBVf2LhskLQx9nNmPokn/Ec7RHqCTnKC7LMM5CMPx +CwtV/H0Rcpnr0crAb5eDGOVVDm2bXbo9jvpOL3kya3oAYr578NP2NW/DlcRa2B2 Ck3GEAXycmi5FlVQmKYkCwPQxygRuIzQtoW5usBcrBqPQAzRNJkhlREUMiT7muDY OOSHaJd2AcpGW/LY1ebh5tLt0CHEm3OsyFgJ81+bodF+Cx4jH1M/Ti2L+cLI9vmi se6y -----END CERTIFICATE-----Generated at Wed Feb 5 04:06:06 2025 by rpki-client