$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa File: dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa (raw, json) Hash identifier: B5Jdp9jeS+p2vM7HnaLylqoYbA4nvMFEKPTBeZNRpys= Subject key identifier: 65:65:4C:AA:05:41:B8:D0:78:B9:1F:24:F3:BE:6C:53:D3:51:C3:92 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36D47A1C038568D6F5056365D8C6EE72E54BB2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:80c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:d4:7a:1c:03:85:68:d6:f5:05:63:65:d8:c6:ee:72:e5:4b:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:1f:ec:15:da:c7:6e:6b:dd:04:72:28:67:d0: 5d:f3:08:79:77:d1:37:da:54:22:8f:65:55:f6:23: e3:39:af:ca:f1:56:e1:27:bb:0f:8c:a7:87:f4:f3: 0c:73:75:6f:9d:a3:8b:ba:11:1a:75:bb:64:50:82: c0:b2:bd:7c:7a:56:c9:7f:8e:43:ad:8d:13:0e:e5: 5f:f2:be:a3:f2:dd:2c:bd:b5:39:1b:b0:49:24:44: d9:68:00:4b:bd:5e:12:b0:19:e9:62:44:b1:ad:c5: de:bd:1b:a4:bd:c3:88:92:27:7a:81:fc:f2:d8:e4: 2e:5d:cf:f1:6a:86:c1:8a:41:e3:87:b3:e3:7c:e9: c9:d2:b0:24:9e:cf:6b:15:26:21:c7:66:98:8e:1e: 2c:84:27:b9:56:ba:65:bd:58:39:ff:f4:be:d8:b8: 78:98:78:56:c4:ed:ee:7d:4e:54:a2:a8:0b:9d:ee: a8:ea:15:70:97:49:26:83:69:69:cd:0b:bc:f7:06: 51:45:e8:36:66:6c:3a:d6:80:53:51:3a:00:4b:2d: 6f:91:bf:29:6a:ce:ef:82:8e:33:d9:15:da:73:28: f7:d2:80:cd:13:49:2a:07:a2:91:1b:f6:71:84:59: 3a:9c:5f:7d:e1:83:19:8d:03:e8:c7:aa:40:9a:61: 15:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:65:4C:AA:05:41:B8:D0:78:B9:1F:24:F3:BE:6C:53:D3:51:C3:92 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:80c0::/46 Signature Algorithm: sha256WithRSAEncryption 1e:b6:a3:a5:1c:a6:28:90:2f:e7:44:d1:c8:f7:59:92:ef:9e: 67:06:05:66:40:ab:18:87:7d:bc:d9:c4:f1:8b:07:2a:40:e4: 28:b1:73:44:fd:82:77:36:c8:2e:79:7f:b8:69:7c:b7:74:ec: 60:40:d1:b7:ef:d3:13:b1:05:92:86:35:b5:9d:11:27:d0:ab: 86:23:8b:39:a5:83:04:72:f0:78:9b:35:22:21:4a:af:eb:50: 7f:13:57:29:5d:b7:8c:bd:4e:25:27:b0:92:88:df:59:6b:51: 14:42:ee:53:7a:b2:d4:f8:50:43:e0:92:17:3e:2d:f3:29:54: 61:ea:2a:2d:7d:0e:04:5e:e0:c5:cd:33:b0:5f:e6:bf:ce:f6: 61:c2:38:fe:89:5f:39:bf:cc:2c:ac:84:c4:db:52:f8:dd:c2: b6:0a:90:40:06:a6:f1:c4:c2:9a:26:cb:78:e9:68:04:60:26: 41:da:ff:40:b7:80:9c:5c:38:7f:f1:56:fc:8b:67:f1:37:7a: c8:fe:ab:9e:71:d8:09:af:74:98:1d:73:a1:80:04:ba:8b:c1: bf:6a:be:ca:5d:7a:52:93:8d:b5:0c:01:cf:a0:68:f3:10:92: fd:b9:ae:62:1d:ae:8e:33:36:55:6f:68:3f:61:04:4e:49:6d: 38:b3:7c:84 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITNtR6HAOFaNb1BWNl2MbucuVLsjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwMjAzMDAwMDAwWhcN MjUwMzEwMjM1OTU5WjB6MUkwRwYDVQQFE0A2OTg0ZjQ5ODAxN2NlOTM3MWEyMzAx YTJmMjEzNmFmNzBiODVkNjgwZTVlMTEzMjBjODg4OTYyNDU3YWE4YjUyMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+H+wV2sdua90Ecihn0F3zCHl30Tfa VCKPZVX2I+M5r8rxVuEnuw+Mp4f08wxzdW+do4u6ERp1u2RQgsCyvXx6Vsl/jkOt jRMO5V/yvqPy3Sy9tTkbsEkkRNloAEu9XhKwGeliRLGtxd69G6S9w4iSJ3qB/PLY 5C5dz/FqhsGKQeOHs+N86cnSsCSez2sVJiHHZpiOHiyEJ7lWumW9WDn/9L7YuHiY eFbE7e59TlSiqAud7qjqFXCXSSaDaWnNC7z3BlFF6DZmbDrWgFNROgBLLW+Rvylq zu+CjjPZFdpzKPfSgM0TSSoHopEb9nGEWTqcX33hgxmNA+jHqkCaYRU5AgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQUZWVMqgVBuNB4uR8k875sU9NRw5IwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv ZGQ5NGU1MjktNTg5Zi00YWM2LTljNDEtY2Y0MmJlN2U0ZWRkLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwIkBtr7gMAwDQYJKoZIhvcNAQELBQADggEBAB62o6UcpiiQL+dE0cj3 WZLvnmcGBWZAqxiHfbzZxPGLBypA5Cixc0T9gnc2yC55f7hpfLd07GBA0bfv0xOx BZKGNbWdESfQq4YjizmlgwRy8HibNSIhSq/rUH8TVyldt4y9TiUnsJKI31lrURRC 7lN6stT4UEPgkhc+LfMpVGHqKi19DgRe4MXNM7Bf5r/O9mHCOP6JXzm/zCyshMTb UvjdwrYKkEAGpvHEwpomy3jpaARgJkHa/0C3gJxcOH/xVvyLZ/E3esj+q55x2Amv dJgdc6GABLqLwb9qvspdelKTjbUMAc+gaPMQkv25rmIdro4zNlVvaD9hBE5JbTiz fIQ= -----END CERTIFICATE-----Generated at Wed Feb 5 03:53:07 2025 by rpki-client