$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa File: f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa (raw, json) Hash identifier: Wp3LnPFrqpHclME8OF0oxKo8luruOWkH3FBif1MIB/M= Subject key identifier: 55:9D:B5:AE:72:1D:77:07:D4:F5:17:52:36:0B:FA:7F:F9:E4:77:32 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43F202C0F05876F0827AB2CC83E60B223C071A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:f2:02:c0:f0:58:76:f0:82:7a:b2:cc:83:e6:0b:22:3c:07:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ef:68:85:d6:f5:70:e0:3c:46:14:02:3a:2d: 63:f2:67:ce:73:6d:3f:92:e3:29:da:2a:cd:77:0d: 08:06:bc:72:59:66:0d:82:c7:dd:10:67:9d:67:f9: 9d:17:ed:23:86:fc:0b:aa:ee:f6:51:37:6d:a2:c2: 50:1d:d5:6e:3a:f0:be:18:a8:cc:ae:f2:f5:9b:44: 5b:3e:d4:35:59:23:e2:9f:3d:df:a6:f0:09:0b:53: 44:ff:75:78:7c:a6:cb:7b:02:f6:aa:cd:7b:dc:50: 64:23:de:3e:8d:f2:6b:b9:2c:6a:70:f9:ff:04:79: af:62:1b:89:db:11:5b:8e:1e:19:03:5c:f0:33:4d: 5d:41:53:10:d2:ca:88:95:a9:12:70:c7:5d:2a:19: 93:e4:dd:36:65:99:38:9d:c0:40:da:20:03:c8:fe: bb:a6:7c:79:7f:56:f4:70:cf:20:a1:d3:1f:47:af: 09:49:ae:dd:fb:38:54:77:2b:a6:78:e6:7a:fd:84: 30:22:01:9d:a3:18:81:db:4b:ff:8d:71:a2:ac:6e: 29:41:ec:87:77:73:ca:93:54:73:88:09:16:2a:02: eb:36:27:35:60:9a:10:92:00:b2:70:cf:4a:a7:58: 3a:d3:cf:97:8f:18:00:6d:59:f7:95:ee:d9:4f:12: df:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:9D:B5:AE:72:1D:77:07:D4:F5:17:52:36:0B:FA:7F:F9:E4:77:32 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4020::/48 Signature Algorithm: sha256WithRSAEncryption 4e:c6:b9:c2:c6:ae:93:03:28:05:b3:bd:77:7e:b1:17:1f:ba: ce:38:f7:ad:69:9d:b0:0b:2c:11:c4:7a:96:cc:09:d5:5d:4b: b1:ea:a7:0d:f6:41:b1:d5:8e:21:82:85:b3:d9:c4:de:60:15: 9a:74:55:c1:20:98:19:78:cd:3f:fd:3a:f1:76:f4:68:b7:d9: af:4b:b1:17:5e:39:ad:12:a9:f3:87:38:cd:63:97:0d:88:da: fb:24:da:79:58:35:c9:66:2d:18:ff:dc:f2:2a:86:df:cd:03: aa:00:6d:d0:f4:be:e5:b0:47:6e:ba:22:53:af:78:01:6e:7f: 03:3a:bc:fa:fc:69:fb:79:80:c8:b1:02:24:ab:d8:ab:0d:48: f1:47:e1:7c:7b:7d:1d:cb:0e:30:fd:3b:ea:af:42:f1:e2:66: c9:95:48:c1:3e:c2:bb:17:cf:b0:fa:cc:3d:31:af:91:6d:c0: d8:8f:8f:63:81:bc:63:9f:64:dc:06:20:06:4a:9f:b5:b9:6d: c6:d1:70:b5:15:8b:fd:55:d2:d8:71:a9:b6:1b:35:9f:a4:34: b6:fa:95:fb:3d:5c:18:2c:dd:46:4f:0b:ae:79:e6:50:7a:06: bb:18:28:b4:f0:fe:c8:7d:e4:0b:8d:5a:68:4a:7f:df:fd:ad: 96:e2:9a:f7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITQ/ICwPBYdvCCerLMg+YLIjwHGjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwMjAxMDAwMDAwWhcN MjUwMzA4MjM1OTU5WjB6MUkwRwYDVQQFE0BmODIyOGQyOTVjYzkyNTM0ZTJlYjE1 NmFkNTQ1YmE4YjNlZmNjOWYwMThlYTVkMWExZWRjNDQ2ZTk4NGY3YWY1MS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC872iF1vVw4DxGFAI6LWPyZ85zbT+S 4ynaKs13DQgGvHJZZg2Cx90QZ51n+Z0X7SOG/Auq7vZRN22iwlAd1W468L4YqMyu 8vWbRFs+1DVZI+KfPd+m8AkLU0T/dXh8pst7AvaqzXvcUGQj3j6N8mu5LGpw+f8E ea9iG4nbEVuOHhkDXPAzTV1BUxDSyoiVqRJwx10qGZPk3TZlmTidwEDaIAPI/rum fHl/VvRwzyCh0x9HrwlJrt37OFR3K6Z45nr9hDAiAZ2jGIHbS/+NcaKsbilB7Id3 c8qTVHOICRYqAus2JzVgmhCSALJwz0qnWDrTz5ePGABtWfeV7tlPEt85AgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQUVZ21rnIddwfU9RdSNgv6f/nkdzIwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv ZjdlYzg1NTItN2RkYi00OTc4LWJiOGMtZmM5N2QwNjI1YjRjLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAkBto4QCAwDQYJKoZIhvcNAQELBQADggEBAE7GucLGrpMDKAWzvXd+ sRcfus44961pnbALLBHEepbMCdVdS7Hqpw32QbHVjiGChbPZxN5gFZp0VcEgmBl4 zT/9OvF29Gi32a9LsRdeOa0SqfOHOM1jlw2I2vsk2nlYNclmLRj/3PIqht/NA6oA bdD0vuWwR266IlOveAFufwM6vPr8aft5gMixAiSr2KsNSPFH4Xx7fR3LDjD9O+qv QvHiZsmVSME+wrsXz7D6zD0xr5FtwNiPj2OBvGOfZNwGIAZKn7W5bcbRcLUVi/1V 0thxqbYbNZ+kNLb6lfs9XBgs3UZPC6555lB6BrsYKLTw/sh95AuNWmhKf9/9rZbi mvc= -----END CERTIFICATE-----Generated at Wed Feb 5 04:10:55 2025 by rpki-client