$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea66f72f-02a5-49e5-86f6-bd91534d2929.roa File: ea66f72f-02a5-49e5-86f6-bd91534d2929.roa (raw, json) Hash identifier: TOmuWL5g9MS50z1VeeiUkAXQTYZvlDzdRk20T1R2JlM= Subject key identifier: BD:16:19:97:D9:B3:BD:4F:03:70:72:D6:2B:9E:35:FA:34:18:01:79 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7323F21469D20B831BFB9E65801ADFC7533A8986 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea66f72f-02a5-49e5-86f6-bd91534d2929.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:b0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:23:f2:14:69:d2:0b:83:1b:fb:9e:65:80:1a:df:c7:53:3a:89:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:06:ed:db:73:d4:4c:1f:20:53:8b:2e:d9:4a: 57:03:d3:73:89:e2:7b:70:75:48:72:6a:7b:bd:76: c1:d0:8d:c0:40:df:1e:57:f5:cf:aa:1f:e8:e5:06: ec:7b:f3:0b:10:03:de:b2:f8:8c:84:1a:71:93:64: d5:aa:d1:68:57:de:c7:32:2d:f0:50:be:8d:2e:18: 8d:d4:29:84:29:3b:e5:52:42:5b:35:f5:8a:46:a1: 93:68:bd:5f:43:d8:4f:92:9b:0e:05:fd:bc:f5:6e: e1:ee:e9:3d:15:19:ad:90:80:c1:70:71:60:df:6b: 1f:fb:61:4e:ab:d2:82:2e:40:78:c8:64:15:06:af: 20:e8:ad:74:95:a9:cb:a8:07:15:d5:22:13:cf:91: 1d:13:8e:7e:2d:9b:40:09:7a:69:6b:d3:5b:e7:fc: e1:ed:bd:27:f6:c9:2a:91:ca:09:da:9b:dd:ec:09: 42:eb:12:ad:cf:d2:ea:2f:5d:c3:e0:fd:74:cf:69: f3:0a:cc:59:fa:fb:e9:58:6f:de:36:bb:64:63:4a: 4e:7a:69:61:9b:c0:51:81:ad:ca:4f:ba:42:53:57: 82:2a:c3:70:1a:2b:df:ac:56:5d:fd:b4:de:01:f1: d0:6d:de:75:e8:83:2b:9a:00:7b:75:a7:c9:dc:84: ec:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:16:19:97:D9:B3:BD:4F:03:70:72:D6:2B:9E:35:FA:34:18:01:79 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea66f72f-02a5-49e5-86f6-bd91534d2929.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:b0c0::/46 Signature Algorithm: sha256WithRSAEncryption 86:d6:15:ae:39:22:bc:3a:b5:a8:61:0f:48:79:38:eb:f2:43: 9e:bc:f7:4a:9c:f7:8f:21:b1:37:44:7e:d7:34:6f:71:82:75: 5f:ae:0e:71:0b:14:e0:41:3d:8d:fe:06:8c:75:75:c2:bd:96: 0d:a6:b3:50:d0:0d:c7:2d:79:1a:ba:20:bf:cc:0d:7b:8a:cc: d0:a1:68:b8:1e:ff:80:58:88:18:04:0f:ad:59:c5:82:04:84: 57:53:a9:ef:44:bc:2e:bc:67:33:34:98:62:32:48:d5:c7:e9: f2:74:d0:ae:61:a4:77:fa:26:7e:29:52:a5:5b:be:69:2d:09: 32:ed:82:31:94:74:0b:99:c8:1c:8c:7f:fe:dd:75:5d:3c:f5: b5:f9:17:3e:95:10:65:a7:1d:85:e4:23:b2:36:78:a8:21:ab: 53:30:dc:84:a1:97:06:8a:4c:88:2e:a5:48:cc:76:5e:7b:c2: 9a:3f:dd:21:24:99:3f:7e:33:bb:26:73:05:db:b2:f8:96:c1: 27:58:a1:f5:30:e9:8b:38:a9:0a:d7:84:1f:6b:51:cb:39:a5: e6:5c:1e:7b:57:b2:29:34:cd:88:6d:8c:eb:b9:8b:e4:65:5a: e0:df:66:49:ee:ca:98:64:12:3e:a8:b7:32:6d:ac:3d:98:d5: 78:37:8d:9d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUcyPyFGnSC4Mb+55lgBrfx1M6iYYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMTAwNzAwZDQ2MzU3NjU5MTBjOGY5 NTk1MmVlMDQ4ZmQ1ZTdlODc2NWZmZjczMjQzNjc3NmYwMDM5Mzk2MDE5NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAbt23PUTB8gU4su2UpXA9NzieJ7 cHVIcmp7vXbB0I3AQN8eV/XPqh/o5Qbse/MLEAPesviMhBpxk2TVqtFoV97HMi3w UL6NLhiN1CmEKTvlUkJbNfWKRqGTaL1fQ9hPkpsOBf289W7h7uk9FRmtkIDBcHFg 32sf+2FOq9KCLkB4yGQVBq8g6K10lanLqAcV1SITz5EdE45+LZtACXppa9Nb5/zh 7b0n9skqkcoJ2pvd7AlC6xKtz9LqL13D4P10z2nzCsxZ+vvpWG/eNrtkY0pOemlh m8BRga3KT7pCU1eCKsNwGivfrFZd/bTeAfHQbd516IMrmgB7dafJ3ITs6wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL0WGZfZs71PA3By1iueNfo0GAF5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhNjZmNzJmLTAyYTUtNDllNS04NmY2LWJkOTE1MzRkMjkyOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba97DAMA0GCSqGSIb3DQEBCwUAA4IBAQCG1hWuOSK8OrWoYQ9I eTjr8kOevPdKnPePIbE3RH7XNG9xgnVfrg5xCxTgQT2N/gaMdXXCvZYNprNQ0A3H LXkauiC/zA17iszQoWi4Hv+AWIgYBA+tWcWCBIRXU6nvRLwuvGczNJhiMkjVx+ny dNCuYaR3+iZ+KVKlW75pLQky7YIxlHQLmcgcjH/+3XVdPPW1+Rc+lRBlpx2F5COy NnioIatTMNyEoZcGikyILqVIzHZee8KaP90hJJk/fjO7JnMF27L4lsEnWKH1MOmL OKkK14Qfa1HLOaXmXB57V7IpNM2IbYzruYvkZVrg32ZJ7sqYZBI+qLcybaw9mNV4 N42d -----END CERTIFICATE-----Generated at Wed Feb 5 03:51:49 2025 by rpki-client