$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa File: f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa (raw, json) Hash identifier: 1mFGyGhIRYmGGX6nH87876aO8J+9GdDYwSBlIU8QqWs= Subject key identifier: DF:9E:02:F9:15:F4:7B:90:50:2E:F7:B4:07:51:8A:9F:B7:DD:24:21 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 03774253E9414B86C23DD8C3A52DB8CB0686970B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:77:42:53:e9:41:4b:86:c2:3d:d8:c3:a5:2d:b8:cb:06:86:97:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:25:f8:b1:46:06:58:1d:3e:9b:54:ce:6a:fa: 42:04:e8:58:69:e3:39:9e:fe:77:17:bc:07:b0:a0: 07:0a:ed:b9:eb:ef:25:ec:4b:1f:bd:9f:51:d7:ec: df:e8:72:0e:d2:69:f5:9c:12:95:a2:cc:f6:5a:a7: e1:bb:ef:23:55:10:0c:6b:c9:78:6f:8b:b2:e7:5c: 03:54:d8:04:b4:0a:f2:d4:61:44:45:45:58:a3:1f: 94:88:13:6e:b1:14:f5:c8:66:7d:5b:e6:85:2b:e9: 12:46:3b:2b:77:4c:53:32:7d:35:5a:3f:72:77:5a: 44:76:bd:ff:b3:3f:b4:e2:3a:45:9d:38:b8:c3:b5: 72:86:4e:c6:52:dd:b9:b6:b3:26:01:96:de:08:1d: 83:c7:c5:5a:2d:7c:eb:c7:85:18:21:57:0b:71:79: f1:f9:b1:cf:4c:6b:c9:4f:e9:d2:16:5d:d4:ba:eb: 6b:12:a1:a5:f5:1a:0d:a6:45:8e:f8:15:38:ae:03: 5a:46:cd:8c:f5:31:50:f3:0c:dc:6d:90:0e:1e:ba: 03:31:ce:1f:1e:a2:8d:6c:40:7c:68:ce:c6:bb:76: f0:e7:68:2a:d3:13:83:c2:f7:c1:1e:ad:e0:20:80: a3:32:bb:66:70:11:01:9e:4b:de:af:f7:39:c4:7c: 44:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:9E:02:F9:15:F4:7B:90:50:2E:F7:B4:07:51:8A:9F:B7:DD:24:21 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2020::/48 Signature Algorithm: sha256WithRSAEncryption 40:5c:be:1a:ab:5b:21:c5:ed:ad:86:02:7f:39:34:86:fe:11: 3f:46:10:99:7d:44:b8:cf:c2:d1:b9:b8:5a:11:22:32:00:49: 9d:ef:ca:bf:4d:fd:ea:be:a4:ec:9e:f4:af:22:da:23:aa:29: a6:1a:75:30:63:b7:75:e3:1a:46:41:62:a5:68:47:b9:c6:1c: eb:01:df:31:11:3f:79:fd:5f:07:c6:18:7d:e8:84:02:10:bc: e5:87:74:e2:9a:7a:a1:04:70:65:9f:2b:b2:43:45:bd:90:dd: fa:01:af:21:a0:8e:bc:5a:d3:88:69:44:23:2f:2d:b9:6a:eb: 80:09:8a:7b:47:49:d4:cd:67:68:55:92:8f:d2:75:d0:25:40: 34:17:63:ed:72:ae:55:20:5a:53:16:2b:77:57:be:ee:fa:20: 1b:69:e4:78:5f:c6:0c:fc:cd:43:66:bf:57:7f:d1:98:a6:3a: ed:93:d5:71:49:d1:f0:96:fc:8a:dd:51:12:2b:ae:29:40:d9: 16:83:8a:b1:9a:79:ff:97:95:f6:eb:ff:d2:29:c9:fe:86:18: 27:27:ec:c5:91:1e:a1:9a:0c:ea:b8:2e:6a:58:57:17:eb:65: 37:5e:34:73:62:73:c7:90:05:af:4d:33:cd:1c:84:6e:91:89: df:84:2e:d7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUA3dCU+lBS4bCPdjDpS24ywaGlwswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANmViMTRlOTY2MDcyNTZmMDg4OTIz ZmM5NmVhZWRkMDY0ZDUzZTQ3MjMzNDRlMGMyMzhkYTdlZDMxZGM0ZDI3NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iX4sUYGWB0+m1TOavpCBOhYaeM5 nv53F7wHsKAHCu256+8l7EsfvZ9R1+zf6HIO0mn1nBKVosz2Wqfhu+8jVRAMa8l4 b4uy51wDVNgEtAry1GFERUVYox+UiBNusRT1yGZ9W+aFK+kSRjsrd0xTMn01Wj9y d1pEdr3/sz+04jpFnTi4w7Vyhk7GUt25trMmAZbeCB2Dx8VaLXzrx4UYIVcLcXnx +bHPTGvJT+nSFl3UuutrEqGl9RoNpkWO+BU4rgNaRs2M9TFQ8wzcbZAOHroDMc4f HqKNbEB8aM7Gu3bw52gq0xODwvfBHq3gIICjMrtmcBEBnkver/c5xHxEkQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN+eAvkV9HuQUC73tAdRip+33SQhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzYmEzMjUxLWE1MDItNGNmOC05YmM1LTQ0OWIxMzc2YmUwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSAgMA0GCSqGSIb3DQEBCwUAA4IBAQBAXL4aq1shxe2thgJ/ OTSG/hE/RhCZfUS4z8LRubhaESIyAEmd78q/Tf3qvqTsnvSvItojqimmGnUwY7d1 4xpGQWKlaEe5xhzrAd8xET95/V8Hxhh96IQCELzlh3TimnqhBHBlnyuyQ0W9kN36 Aa8hoI68WtOIaUQjLy25auuACYp7R0nUzWdoVZKP0nXQJUA0F2Ptcq5VIFpTFit3 V77u+iAbaeR4X8YM/M1DZr9Xf9GYpjrtk9VxSdHwlvyK3VESK64pQNkWg4qxmnn/ l5X26//SKcn+hhgnJ+zFkR6hmgzquC5qWFcX62U3XjRzYnPHkAWvTTPNHIRukYnf hC7X -----END CERTIFICATE-----Generated at Wed Feb 5 04:10:51 2025 by rpki-client