$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa File: e34a1112-42b9-4563-9cde-de9af887a3d6.roa (raw, json) Hash identifier: sbUSPTSf71rAnCm9p9FLZP7XMJT27/i4DD+RPWxYnv4= Subject key identifier: 6C:6F:1C:D3:F2:F5:FB:27:7E:26:53:F7:E7:28:A7:CF:D8:B3:D0:4B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6268968698D623CC550DA0FDEFD47725CE7AB5F4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa Signing time: Tue 04 Feb 2025 00:00:00 +0000 ROA not before: Tue 04 Feb 2025 00:00:00 +0000 ROA not after: Tue 11 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:68:96:86:98:d6:23:cc:55:0d:a0:fd:ef:d4:77:25:ce:7a:b5:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 4 00:00:00 2025 GMT Not After : Mar 11 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:00:db:b3:25:a1:ea:0f:e9:9a:09:0e:3b:a2: f6:7d:2c:a5:84:c6:6b:5d:80:e0:f5:b9:66:12:20: 98:51:f1:0c:d5:a1:1b:f9:9e:a9:e0:51:0a:58:c1: 71:a9:5f:56:55:93:5f:73:71:17:a9:50:82:2a:c3: ef:73:39:39:61:95:bc:71:5c:ab:57:14:b5:99:b8: b8:03:27:c1:0b:1a:f7:8a:9f:cc:d8:95:38:ce:16: 25:18:29:a6:e7:0d:ef:a0:28:fa:1e:99:d6:ee:ac: df:cb:9d:38:6d:c0:52:1b:f1:a6:3e:85:5d:38:74: 82:26:3f:af:ff:79:6c:44:e5:47:85:04:e3:9d:34: 93:27:20:ad:73:a3:5a:98:08:6b:10:a4:b5:b3:26: 15:60:6b:2c:4d:d4:68:d7:ca:7c:36:7c:76:d9:bb: c4:6d:7f:a9:7a:1e:2a:cb:07:71:05:f1:08:e0:9a: 6e:00:ee:82:6e:34:ba:fe:b8:f2:9d:f2:56:f1:4d: 21:52:76:26:59:f4:e8:68:44:e1:cb:4c:73:4b:20: 3b:4e:09:d7:e7:e8:2d:ac:f5:9a:cd:06:7e:6b:f6: 54:58:ad:8f:df:0c:5a:55:02:d8:4c:13:14:9f:eb: 35:01:14:68:ab:3e:5c:a1:12:a5:41:54:70:e6:b1: 02:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:6F:1C:D3:F2:F5:FB:27:7E:26:53:F7:E7:28:A7:CF:D8:B3:D0:4B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:2000::/40 Signature Algorithm: sha256WithRSAEncryption 92:69:79:d9:d9:82:da:0a:92:98:3a:ef:e8:3e:a2:93:79:f9: 44:81:98:88:76:e6:17:88:4c:01:f8:4d:21:57:f4:55:e4:76: 77:90:74:2e:f5:c7:6d:99:f0:0a:a4:7b:b4:4a:b5:68:7c:84: 68:73:b5:79:e6:2a:30:c5:dc:05:32:3e:de:9b:55:e2:4d:e4: 1c:f4:5b:1f:b1:13:72:53:41:4b:bb:87:53:c0:d9:1f:c5:03: 81:c0:05:a5:e4:a9:59:6a:b7:3a:15:b7:46:0f:6a:5e:8b:ea: 4b:28:00:c5:e8:20:9e:b0:c7:d0:1b:3a:39:1d:10:36:4b:75: f9:70:f8:09:5c:b9:55:48:fd:6d:37:d9:34:77:dc:f2:2a:cd: 9e:b1:96:d9:c8:66:ac:19:64:8a:1a:61:fe:3a:7f:c3:e5:55: 7c:45:af:98:38:08:49:fa:19:40:8c:16:c2:26:5d:09:f3:28: 67:25:9d:42:f2:8e:7f:c7:48:23:86:38:08:e2:a4:dc:26:b3: e6:f5:28:4b:b1:9b:14:b3:fa:15:fa:6f:0e:9c:f5:57:c0:92: 33:81:b4:42:a2:f3:34:9a:ad:f4:e0:54:54:a6:a9:22:99:1b: 97:4d:11:cf:44:b2:11:fb:dc:63:1a:1b:2d:b1:40:6d:ae:83: f1:89:63:12 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYmiWhpjWI8xVDaD979R3Jc56tfQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwNDAwMDAwMFoX DTI1MDMxMTIzNTk1OVowejFJMEcGA1UEBRNANTQzZTEzZDEzYzRhNmI0NzBmMTBi YzMzNzQxZTk4Y2ZkZjY2YjEzNDQwN2Q3ZTlhOWIyNzhkNjBiM2Y4YTRhOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswDbsyWh6g/pmgkOO6L2fSylhMZr XYDg9blmEiCYUfEM1aEb+Z6p4FEKWMFxqV9WVZNfc3EXqVCCKsPvczk5YZW8cVyr VxS1mbi4AyfBCxr3ip/M2JU4zhYlGCmm5w3voCj6HpnW7qzfy504bcBSG/GmPoVd OHSCJj+v/3lsROVHhQTjnTSTJyCtc6NamAhrEKS1syYVYGssTdRo18p8Nnx22bvE bX+peh4qywdxBfEI4JpuAO6CbjS6/rjynfJW8U0hUnYmWfToaEThy0xzSyA7TgnX 5+gtrPWazQZ+a/ZUWK2P3wxaVQLYTBMUn+s1ARRoqz5coRKlQVRw5rEC8QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGxvHNPy9fsnfiZT9+cop8/Ys9BLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzNGExMTEyLTQyYjktNDU2My05Y2RlLWRlOWFmODg3YTNkNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOCAwDQYJKoZIhvcNAQELBQADggEBAJJpednZgtoKkpg67+g+ opN5+USBmIh25heITAH4TSFX9FXkdneQdC71x22Z8Aqke7RKtWh8hGhztXnmKjDF 3AUyPt6bVeJN5Bz0Wx+xE3JTQUu7h1PA2R/FA4HABaXkqVlqtzoVt0YPal6L6kso AMXoIJ6wx9AbOjkdEDZLdflw+AlcuVVI/W032TR33PIqzZ6xltnIZqwZZIoaYf46 f8PlVXxFr5g4CEn6GUCMFsImXQnzKGclnULyjn/HSCOGOAjipNwms+b1KEuxmxSz +hX6bw6c9VfAkjOBtEKi8zSarfTgVFSmqSKZG5dNEc9EshH73GMaGy2xQG2ug/GJ YxI= -----END CERTIFICATE-----Generated at Sun Feb 16 15:16:31 2025 by rpki-client