$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa File: fb33c78e-80e8-48d7-8941-7ac54859b50c.roa (raw, json) Hash identifier: QG2wa/dFLZp/+R5DV99ic45Jn6QddOWlU11bBRB3X/c= Subject key identifier: FF:34:91:AD:8D:06:7B:33:05:60:52:D7:4F:7E:F3:19:4D:E6:F5:43 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 319A779DED635407089C560DD72BF0F43E26DB77 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:4080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:9a:77:9d:ed:63:54:07:08:9c:56:0d:d7:2b:f0:f4:3e:26:db:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:b6:8c:eb:18:a9:73:c7:04:4e:3b:fc:c0:82: e1:d2:36:74:9e:ff:dd:32:74:6e:7d:89:b3:56:fd: 90:af:06:bc:df:e6:45:c8:3e:6d:19:32:ee:9c:09: 25:51:af:ed:ee:3a:ae:97:d9:27:db:90:5f:1c:3f: 70:9d:35:72:22:36:81:ee:5c:60:6e:91:27:d0:04: e0:21:4d:bc:ec:77:b3:82:e6:cf:75:7f:97:87:cf: 44:63:73:9a:a2:f4:8d:91:57:8a:e8:86:cd:5d:ce: 89:34:38:0a:80:3d:eb:39:2a:d8:64:a5:0f:84:a7: f7:ed:92:0c:8e:27:8f:fd:4b:b1:c0:83:43:74:7f: 75:61:47:9f:1a:11:89:12:a4:5f:48:8b:52:47:b4: 40:2a:1e:42:d3:41:bc:15:0d:bc:96:30:43:86:4d: 42:be:6d:4d:99:b2:9e:db:dc:81:63:80:32:6f:6a: 29:5a:36:01:ba:a2:98:02:b2:1d:8c:ff:02:6d:2b: 1f:27:17:65:f4:91:90:be:80:4d:df:4f:c2:94:d6: 28:1c:d6:b9:27:80:b7:04:32:98:8d:1a:e8:ea:04: 96:4e:60:e3:e6:44:c3:50:82:22:49:65:f8:1c:09: 15:a5:1d:0e:c1:45:19:9a:0c:e7:2f:74:e4:3f:bd: ed:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:34:91:AD:8D:06:7B:33:05:60:52:D7:4F:7E:F3:19:4D:E6:F5:43 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:4080::/46 Signature Algorithm: sha256WithRSAEncryption ae:28:ab:16:a8:a4:ad:08:4d:f0:c0:6b:4e:b6:3d:21:ff:da: 55:db:f2:da:60:d4:82:c8:ab:96:40:af:14:d6:09:4d:88:61: 64:e8:d7:da:73:cd:b0:7e:6f:aa:e4:32:61:8d:3c:77:e6:ce: 0f:87:71:6f:76:58:0c:25:da:c2:47:03:cd:fc:7a:d2:62:d5: 1d:a2:62:0d:b4:52:74:f2:ff:c5:c0:71:6f:2a:fa:f1:db:9e: 16:6b:b9:63:70:60:1c:05:7a:73:77:1f:10:90:10:2f:24:33: 91:33:c0:ca:61:0b:9a:56:4b:f5:1d:4f:43:2d:c6:67:d4:a2: a1:f9:fa:e7:d7:f2:f1:ce:cc:fa:ab:67:37:0b:ed:61:b2:67: 9e:a1:eb:b7:c8:e4:5a:4b:72:72:8a:70:5e:41:d9:43:ce:a4: a5:86:39:cb:14:0f:96:42:86:a7:f8:47:ac:39:cc:89:7c:10: 7a:d2:ba:64:d3:25:6f:cf:35:c0:00:a6:76:4b:1d:34:55:83: 0c:23:cd:10:39:7d:55:c4:3f:a5:7f:87:a3:bf:ea:3a:bc:70: 96:24:3c:dc:23:14:16:c6:13:a9:e9:5b:1b:fe:25:8c:aa:aa: d5:cd:bb:0c:fd:f5:80:51:f2:d7:64:a1:8b:39:cf:6f:e2:26: 96:44:ee:a8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMZp3ne1jVAcInFYN1yvw9D4m23cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANmNlNGUyZWZhYzliN2IyOTM5YWRh NjhmOTI3NTY3NzQ2ZjY3NGI1NzdlY2Q1NmIxZGRjYTFhMTc4MzYyZGY1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlraM6xipc8cETjv8wILh0jZ0nv/d MnRufYmzVv2Qrwa83+ZFyD5tGTLunAklUa/t7jqul9kn25BfHD9wnTVyIjaB7lxg bpEn0ATgIU287HezgubPdX+Xh89EY3OaovSNkVeK6IbNXc6JNDgKgD3rOSrYZKUP hKf37ZIMjieP/UuxwINDdH91YUefGhGJEqRfSItSR7RAKh5C00G8FQ28ljBDhk1C vm1NmbKe29yBY4Ayb2opWjYBuqKYArIdjP8CbSsfJxdl9JGQvoBN30/ClNYoHNa5 J4C3BDKYjRro6gSWTmDj5kTDUIIiSWX4HAkVpR0OwUUZmgznL3TkP73tBwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP80ka2NBnszBWBS109+8xlN5vVDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiMzNjNzhlLTgwZTgtNDhkNy04OTQxLTdhYzU0ODU5YjUwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+0CAMA0GCSqGSIb3DQEBCwUAA4IBAQCuKKsWqKStCE3wwGtO tj0h/9pV2/LaYNSCyKuWQK8U1glNiGFk6Nfac82wfm+q5DJhjTx35s4Ph3FvdlgM JdrCRwPN/HrSYtUdomINtFJ08v/FwHFvKvrx254Wa7ljcGAcBXpzdx8QkBAvJDOR M8DKYQuaVkv1HU9DLcZn1KKh+frn1/Lxzsz6q2c3C+1hsmeeoeu3yORaS3JyinBe QdlDzqSlhjnLFA+WQoan+EesOcyJfBB60rpk0yVvzzXAAKZ2Sx00VYMMI80QOX1V xD+lf4ejv+o6vHCWJDzcIxQWxhOp6Vsb/iWMqqrVzbsM/fWAUfLXZKGLOc9v4iaW RO6o -----END CERTIFICATE-----Generated at Wed Feb 5 03:51:29 2025 by rpki-client