$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/facddbc4-8a46-4e71-bf43-678021fefea0.roa File: facddbc4-8a46-4e71-bf43-678021fefea0.roa (raw, json) Hash identifier: Ga9W14tjDEd2W/USpSOz51MGzQHNq9vbqmUaEr1MQ6Q= Subject key identifier: 30:AE:CD:F4:F9:12:7B:F3:0F:D3:12:05:9D:7F:26:FD:34:2A:E9:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 13547A8951DEEFF598662C258B425C84FC8F375A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/facddbc4-8a46-4e71-bf43-678021fefea0.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:54:7a:89:51:de:ef:f5:98:66:2c:25:8b:42:5c:84:fc:8f:37:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:74:78:90:ad:bb:4d:26:82:49:10:df:51:4e: 02:5d:10:2e:ec:51:22:6f:8e:9a:f7:c8:27:51:9e: da:1c:de:30:e9:4b:fb:01:cc:e5:ee:3d:fd:43:c8: 52:5c:9b:e0:a2:5e:c4:53:6f:5f:17:c4:7a:76:45: 28:9c:9c:9a:59:ec:58:6a:5f:64:08:0e:b1:7c:a7: 31:2f:ed:b0:78:49:c0:be:40:18:57:71:90:74:35: 0b:d1:b1:f3:07:c2:0c:4f:b4:96:ad:32:19:4c:60: 2e:bd:78:27:9a:ce:17:35:0b:51:d8:b7:33:7a:a2: c1:5e:34:50:6e:ec:a6:a6:b4:f2:36:a0:51:25:27: 3f:af:3c:ea:18:c1:14:44:98:62:be:b5:79:b4:a8: df:83:f5:d8:c2:c5:0a:60:ed:0f:46:fa:2d:e1:5f: c8:c5:6c:54:c1:4a:d1:99:98:03:14:47:da:2a:2c: f7:ed:83:eb:35:d9:c3:53:f1:d6:af:28:cd:2c:f5: ee:9a:0c:3b:c3:28:9f:f9:38:a3:78:f9:2f:00:e0: d5:c8:94:31:ac:3f:de:d4:8d:b5:37:21:53:d4:ad: 23:bf:d2:43:79:80:9f:0d:ca:5b:06:d7:f3:5c:4b: 57:95:76:38:85:33:1d:54:88:03:e9:9a:b8:57:b0: 8e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:AE:CD:F4:F9:12:7B:F3:0F:D3:12:05:9D:7F:26:FD:34:2A:E9:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/facddbc4-8a46-4e71-bf43-678021fefea0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:800::/38 Signature Algorithm: sha256WithRSAEncryption 2d:60:be:0e:be:84:e4:f7:59:76:0d:bb:0e:ea:e8:0a:c3:b3: 46:fd:11:2c:14:f4:aa:29:aa:14:59:37:ab:d8:93:44:23:35: 33:eb:15:4c:be:8d:24:8b:7e:ab:51:a6:fb:8c:c8:bb:c6:eb: b5:3b:75:60:9c:96:56:49:5c:31:9a:1d:e2:24:da:0b:4e:af: d5:e4:9f:97:a8:78:a5:a3:6b:5a:97:0f:c2:89:5b:b3:81:a2: 7b:89:31:5c:12:a6:1f:6e:1e:76:cd:6a:21:01:b4:8f:ce:24: 34:ec:1b:0e:fd:84:0e:42:26:04:05:32:28:c8:03:72:21:e0: e2:e4:b6:c6:66:a0:84:6e:24:2f:b6:a5:7f:2f:e1:b1:c6:35: 8c:63:21:16:f1:3d:a0:22:bb:82:99:d4:3b:0c:5d:84:db:ed: 95:f9:0b:f6:26:e1:9e:4d:4e:77:cb:7c:61:01:4c:7a:14:da: 3f:62:03:17:95:e9:76:6f:ff:da:fe:e9:1f:be:6f:7b:a6:59: e8:6e:1e:84:e6:ba:c4:09:e3:f6:13:ac:e5:8c:12:67:be:55: fe:02:ad:51:48:bd:1d:71:84:32:6f:3b:55:49:da:58:8b:63: ba:71:e0:8b:01:23:40:e4:d7:65:d4:5e:24:d7:07:7f:d6:f5: 77:4c:ef:23 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUE1R6iVHe7/WYZiwli0JchPyPN1owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMDZlNjM3N2Q3N2I0M2ZkOTIxNmNj YjMwZmY2NGI2NmIxYWYyNGE5ZmI1ZDg4ZmFmMjkxMzA3YmIyOGZlZGIwMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHR4kK27TSaCSRDfUU4CXRAu7FEi b46a98gnUZ7aHN4w6Uv7Aczl7j39Q8hSXJvgol7EU29fF8R6dkUonJyaWexYal9k CA6xfKcxL+2weEnAvkAYV3GQdDUL0bHzB8IMT7SWrTIZTGAuvXgnms4XNQtR2Lcz eqLBXjRQbuymprTyNqBRJSc/rzzqGMEURJhivrV5tKjfg/XYwsUKYO0PRvot4V/I xWxUwUrRmZgDFEfaKiz37YPrNdnDU/HWryjNLPXumgw7wyif+TijePkvAODVyJQx rD/e1I21NyFT1K0jv9JDeYCfDcpbBtfzXEtXlXY4hTMdVIgD6Zq4V7COewIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDCuzfT5EnvzD9MSBZ1/Jv00KulYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZhY2RkYmM0LThhNDYtNGU3MS1iZjQzLTY3ODAyMWZlZmVhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHAgwDQYJKoZIhvcNAQELBQADggEBAC1gvg6+hOT3WXYNuw7q 6ArDs0b9ESwU9KopqhRZN6vYk0QjNTPrFUy+jSSLfqtRpvuMyLvG67U7dWCcllZJ XDGaHeIk2gtOr9Xkn5eoeKWja1qXD8KJW7OBonuJMVwSph9uHnbNaiEBtI/OJDTs Gw79hA5CJgQFMijIA3Ih4OLktsZmoIRuJC+2pX8v4bHGNYxjIRbxPaAiu4KZ1DsM XYTb7ZX5C/Ym4Z5NTnfLfGEBTHoU2j9iAxeV6XZv/9r+6R++b3umWehuHoTmusQJ 4/YTrOWMEme+Vf4CrVFIvR1xhDJvO1VJ2liLY7px4IsBI0Dk12XUXiTXB3/W9XdM 7yM= -----END CERTIFICATE-----Generated at Wed Feb 5 03:54:17 2025 by rpki-client