$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0f73131-6db0-422b-b49d-d9d7f269ad5a.roa File: f0f73131-6db0-422b-b49d-d9d7f269ad5a.roa (raw, json) Hash identifier: LVDHTH+7WvocUWI3q0zT5PHhu+pqazHX3QM8zcl5q0E= Subject key identifier: C6:0F:09:DE:38:40:0B:E1:CC:34:0F:2A:CF:8E:E0:06:1D:35:78:F6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3243076F8EC1D4A812B747E52EB4F1293C2B2D6D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0f73131-6db0-422b-b49d-d9d7f269ad5a.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:43:07:6f:8e:c1:d4:a8:12:b7:47:e5:2e:b4:f1:29:3c:2b:2d:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:79:0c:b9:37:e2:48:f9:e5:0c:85:e4:2d:46: bb:0f:1f:88:ab:e9:1b:b3:24:70:9d:64:a8:df:4f: 12:a5:f4:64:f7:81:bd:27:5e:a1:20:c4:06:dc:d1: c2:df:24:e8:2d:41:df:e3:58:60:07:05:50:1c:21: 3d:e2:b9:c2:fe:fb:ce:62:c6:91:57:ec:0c:bf:c3: 63:6d:93:fa:12:42:0b:91:c2:59:4a:18:9c:e3:ff: 8b:9b:62:22:55:e1:36:0d:69:5d:29:0e:2c:f3:d7: 2c:62:65:ff:46:69:3e:45:26:74:7d:b8:3e:b7:bc: bc:13:6e:37:55:ac:65:f6:4e:fc:a5:5f:02:47:60: b7:d9:d1:92:6a:97:91:c8:3e:cb:64:a6:5b:b1:70: d7:f7:89:c6:ea:bb:c7:15:61:77:57:3f:60:a8:af: d9:a2:8d:b8:77:82:9c:e2:36:c5:75:7d:46:cc:68: 47:c6:27:10:fc:4b:e0:cc:d4:93:b6:ae:b0:16:73: 25:6d:86:a6:33:cb:45:70:1d:17:f3:f7:69:35:27: 93:4e:49:bb:86:4b:49:c8:47:ad:19:7f:03:51:24: 29:b1:07:86:27:8a:de:8a:d3:06:e1:c4:ec:f6:59: 34:be:ef:15:c1:a0:40:16:c9:ec:73:98:16:c2:c5: 86:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:0F:09:DE:38:40:0B:E1:CC:34:0F:2A:CF:8E:E0:06:1D:35:78:F6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0f73131-6db0-422b-b49d-d9d7f269ad5a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:4080::/48 Signature Algorithm: sha256WithRSAEncryption 72:69:1a:7d:a5:75:16:10:af:3f:cf:64:29:23:61:a9:b8:df: de:9d:3d:33:f0:74:7b:ea:05:00:32:51:7a:ca:09:e5:01:ef: 5c:2c:2c:56:21:2a:10:20:c6:20:ca:24:d9:4f:fe:05:e8:c1: 50:8d:7c:a0:88:f9:81:bc:9c:89:b6:b3:ff:ba:9c:d0:13:82: cb:c7:8a:1f:a2:62:fd:bb:6b:12:e0:3a:e5:8c:67:b5:e5:78: 2a:06:05:53:30:6d:06:57:56:46:36:55:9f:8b:5c:98:24:4a: 62:fd:80:89:a9:7f:89:7f:02:83:e8:e1:30:88:c8:8f:39:18: 24:cb:2a:27:7f:6b:a4:93:fa:13:cd:26:37:00:09:e2:51:d9: cb:a8:e6:42:12:5c:64:f3:4c:6e:e6:dc:b1:48:93:9a:98:e0: 2d:4f:fb:1b:62:70:9f:9d:df:ca:8e:57:5c:c0:c8:ce:98:fd: 2d:19:d0:e7:bf:72:90:3f:8d:90:52:85:a3:a9:31:21:f4:58: 31:59:22:87:33:10:e1:07:96:22:9c:12:c1:b7:84:60:42:96: 35:13:65:ad:05:3b:a2:40:0d:51:f6:85:44:44:77:b3:4e:3e: 88:0f:b3:0e:38:13:99:79:af:52:d2:44:ae:7f:9a:bf:36:fb: d5:33:33:de -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMkMHb47B1KgSt0flLrTxKTwrLW0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMmFhMmE3MTNmNjMyZWJmOWU2Zjcw MGNjYzQ4ZGQ0MGJiNWQwODU5YzdkZmQ3N2E0Zjg3NDA5MzI5Mzc1MTc5MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHkMuTfiSPnlDIXkLUa7Dx+Iq+kb syRwnWSo308SpfRk94G9J16hIMQG3NHC3yToLUHf41hgBwVQHCE94rnC/vvOYsaR V+wMv8NjbZP6EkILkcJZShic4/+Lm2IiVeE2DWldKQ4s89csYmX/Rmk+RSZ0fbg+ t7y8E243Vaxl9k78pV8CR2C32dGSapeRyD7LZKZbsXDX94nG6rvHFWF3Vz9gqK/Z oo24d4Kc4jbFdX1GzGhHxicQ/EvgzNSTtq6wFnMlbYamM8tFcB0X8/dpNSeTTkm7 hktJyEetGX8DUSQpsQeGJ4reitMG4cTs9lk0vu8VwaBAFsnsc5gWwsWG5QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMYPCd44QAvhzDQPKs+O4AYdNXj2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YwZjczMTMxLTZkYjAtNDIyYi1iNDlkLWQ5ZDdmMjY5YWQ1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9ECAMA0GCSqGSIb3DQEBCwUAA4IBAQByaRp9pXUWEK8/z2Qp I2GpuN/enT0z8HR76gUAMlF6ygnlAe9cLCxWISoQIMYgyiTZT/4F6MFQjXygiPmB vJyJtrP/upzQE4LLx4ofomL9u2sS4DrljGe15XgqBgVTMG0GV1ZGNlWfi1yYJEpi /YCJqX+JfwKD6OEwiMiPORgkyyonf2ukk/oTzSY3AAniUdnLqOZCElxk80xu5tyx SJOamOAtT/sbYnCfnd/KjldcwMjOmP0tGdDnv3KQP42QUoWjqTEh9FgxWSKHMxDh B5YinBLBt4RgQpY1E2WtBTuiQA1R9oVERHezTj6ID7MOOBOZea9S0kSuf5q/NvvV MzPe -----END CERTIFICATE-----Generated at Wed Feb 5 03:59:08 2025 by rpki-client