$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f11193c8-37cb-42c1-9803-825500063384.roa File: f11193c8-37cb-42c1-9803-825500063384.roa (raw, json) Hash identifier: XrAxbkbg/XjuVhzXwU9ANI3m1TReppmAT4FfvXDt284= Subject key identifier: 20:53:4B:17:E8:12:6C:3C:DF:FC:0D:29:C1:CB:2D:32:4C:01:64:B8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43E0376916A51DFF1FDB849DF4624D02D739FA0C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f11193c8-37cb-42c1-9803-825500063384.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:c0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:e0:37:69:16:a5:1d:ff:1f:db:84:9d:f4:62:4d:02:d7:39:fa:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5e:07:7f:79:0d:49:00:23:ca:e8:20:61:c4: 21:aa:4d:08:ae:e7:74:2a:a4:ac:0b:91:e8:5b:a4: 43:b5:c6:9d:5a:93:f7:69:09:e3:bc:f0:74:7c:79: dd:ed:aa:7a:58:e9:05:07:9d:26:11:c1:cb:5d:c6: 59:9d:54:d4:69:09:62:97:1b:4d:69:90:49:fa:f3: 86:ba:b2:f6:03:42:cb:a4:38:3d:8c:f3:4d:6c:c1: b8:cc:ed:db:cd:24:80:22:62:77:44:18:1b:aa:a4: f1:94:7c:16:28:1a:5e:48:56:38:73:7c:ee:d7:b6: 52:d8:80:bd:47:f9:6f:38:8e:65:d3:89:51:3e:4d: 87:03:36:e4:3e:f0:da:43:5a:b1:45:7c:88:c9:78: 93:8a:c3:84:12:7e:37:2b:00:c5:03:92:c5:04:83: 4d:ce:89:d9:57:dd:4f:a0:33:89:93:81:f6:62:44: 4f:42:0e:32:bc:d3:8f:42:f6:12:a2:2c:9f:b7:7a: 25:ac:6c:a5:0b:14:4a:81:eb:23:0d:89:29:f2:c5: 31:af:a9:33:5d:90:02:c6:e3:86:14:c3:64:3b:a6: 0d:5f:82:d8:86:f0:ba:27:df:00:d0:0c:81:cf:90: 37:4a:44:53:ac:b7:af:6c:5d:d7:ed:d5:0e:96:a3: 53:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:53:4B:17:E8:12:6C:3C:DF:FC:0D:29:C1:CB:2D:32:4C:01:64:B8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f11193c8-37cb-42c1-9803-825500063384.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:c0c0::/46 Signature Algorithm: sha256WithRSAEncryption 2f:7d:64:28:df:d0:8f:d0:ac:c6:74:77:6c:d5:53:b7:96:04: 72:a6:21:54:4f:cc:5d:91:e6:40:22:95:95:03:ae:46:fe:10: 35:bd:1c:6f:23:f8:b7:0b:ec:66:22:96:f0:b7:ad:59:ad:1c: 92:21:24:f9:e3:fe:51:75:2d:3d:51:2e:7b:50:21:fd:16:f1: 58:be:f2:d8:99:2a:03:7d:fe:7e:96:ec:b8:b9:73:28:0f:f9: 84:14:16:a2:0f:90:04:27:96:4a:51:b1:ee:21:a0:82:70:ec: 38:5a:1d:22:b0:b1:b2:61:3b:f3:76:b5:cd:83:ff:8d:81:d5: 4d:19:85:5f:eb:fa:af:74:28:aa:99:54:bc:10:69:e4:71:1c: 04:33:78:a1:c6:b5:5f:b5:15:e1:55:cc:ca:15:f4:77:e9:f4: 09:2a:39:b3:09:be:8f:d7:09:49:14:a3:2b:16:9e:df:f2:73: d7:81:6d:24:c0:9e:a1:13:6a:73:1a:07:c5:fc:76:49:22:3c: c6:43:97:ae:db:4b:b3:7a:44:d8:05:91:75:e4:d0:d7:9a:df: 71:05:ee:ea:3f:42:ab:c4:8b:c5:ac:db:a4:66:f5:1c:35:6a: ca:a6:4e:43:f2:c2:3e:78:f2:d8:87:ad:aa:77:7b:21:92:ae: bb:5a:16:98 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQ+A3aRalHf8f24Sd9GJNAtc5+gwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYmJhODYzYzg3NmQxMzNlMzg5MDQ5 OWY1ZTgyYjYyN2I0MzdiNmEwZTFmZTEwYThjOWEyNTA2NzQwODg4MzQ3ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv14Hf3kNSQAjyuggYcQhqk0Irud0 KqSsC5HoW6RDtcadWpP3aQnjvPB0fHnd7ap6WOkFB50mEcHLXcZZnVTUaQlilxtN aZBJ+vOGurL2A0LLpDg9jPNNbMG4zO3bzSSAImJ3RBgbqqTxlHwWKBpeSFY4c3zu 17ZS2IC9R/lvOI5l04lRPk2HAzbkPvDaQ1qxRXyIyXiTisOEEn43KwDFA5LFBINN zonZV91PoDOJk4H2YkRPQg4yvNOPQvYSoiyft3olrGylCxRKgesjDYkp8sUxr6kz XZACxuOGFMNkO6YNX4LYhvC6J98A0AyBz5A3SkRTrLevbF3X7dUOlqNToQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCBTSxfoEmw83/wNKcHLLTJMAWS4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YxMTE5M2M4LTM3Y2ItNDJjMS05ODAzLTgyNTUwMDA2MzM4NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaacDAMA0GCSqGSIb3DQEBCwUAA4IBAQAvfWQo39CP0KzGdHds 1VO3lgRypiFUT8xdkeZAIpWVA65G/hA1vRxvI/i3C+xmIpbwt61ZrRySIST54/5R dS09US57UCH9FvFYvvLYmSoDff5+luy4uXMoD/mEFBaiD5AEJ5ZKUbHuIaCCcOw4 Wh0isLGyYTvzdrXNg/+NgdVNGYVf6/qvdCiqmVS8EGnkcRwEM3ihxrVftRXhVczK FfR36fQJKjmzCb6P1wlJFKMrFp7f8nPXgW0kwJ6hE2pzGgfF/HZJIjzGQ5eu20uz ekTYBZF15NDXmt9xBe7qP0KrxIvFrNukZvUcNWrKpk5D8sI+ePLYh62qd3shkq67 WhaY -----END CERTIFICATE-----Generated at Wed Feb 5 03:55:58 2025 by rpki-client