$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa File: fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa (raw, json) Hash identifier: SbtyyTC/lZ0mEVe/+xLvIiLYAVeZUpRI1Fw1QBQMwPg= Subject key identifier: 73:C2:E6:55:CA:5F:09:49:92:4C:FD:73:4D:DB:A3:C2:5B:A8:3E:DE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 46E214B686312655B5103DA5040B50BC7C15C28A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:e2:14:b6:86:31:26:55:b5:10:3d:a5:04:0b:50:bc:7c:15:c2:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:0a:93:3a:c7:33:60:5c:7f:e3:b4:0d:cd:40: 8e:4b:4f:67:6f:37:ad:ac:bc:33:9b:ff:ca:9d:5b: 53:6a:bd:38:56:89:10:d0:ce:00:35:47:5c:d1:dc: ca:d2:3f:30:00:fe:89:63:3d:66:37:cd:e3:07:84: 74:74:62:6d:1c:a2:06:9d:7e:45:8a:5b:41:e3:c6: 05:8a:5d:0b:ee:ec:09:80:9d:44:50:d9:53:3a:14: 75:0f:07:9b:5d:63:28:79:63:b5:97:2d:b8:4c:05: 7f:7e:fb:4d:1c:26:9d:34:6f:96:bd:3c:18:15:69: 5b:a3:26:18:c9:9b:68:18:bf:49:bf:cf:d5:75:2a: 91:fa:d0:e5:88:80:74:c6:b8:ce:5a:b4:24:97:95: a8:f9:d9:aa:a8:1f:6d:22:71:64:48:c6:81:6d:47: 97:17:29:44:2f:6e:b1:1f:74:e7:e5:d7:67:f0:2f: ec:b1:c5:0a:f1:57:8f:48:8a:5e:c4:31:65:ba:1d: bb:5f:5f:e9:1d:c3:0e:c1:84:b1:9f:74:2c:40:b9: b9:c8:3c:c8:68:ae:72:79:25:d4:ce:8e:93:b8:fe: 26:ce:26:d7:22:eb:0d:03:12:59:0d:f0:19:a2:03: b6:b4:4c:88:87:d7:e3:b3:2e:b6:69:7f:23:f1:a0: 23:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:C2:E6:55:CA:5F:09:49:92:4C:FD:73:4D:DB:A3:C2:5B:A8:3E:DE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:a000::/40 Signature Algorithm: sha256WithRSAEncryption bb:30:0d:cd:c0:c4:4c:66:ee:26:9a:b7:31:50:d7:31:7e:2d: 06:63:14:6e:f7:9e:bd:f1:a2:d8:e8:c3:1a:a4:39:46:22:75: e5:a3:92:15:98:8c:2b:36:d3:42:f3:0a:56:68:6f:3b:2d:7b: 0d:9e:15:2d:aa:60:8a:5f:b6:9f:d6:78:5f:39:7f:4a:5e:d4: ee:1c:31:01:03:f4:24:ca:f3:94:ca:0a:7b:2e:14:b5:8d:5e: b4:5c:22:e5:9d:4e:66:f1:8a:f2:47:17:ab:c7:03:f8:30:3f: 05:4f:82:44:b8:af:ea:d9:23:7b:bb:df:b0:35:2c:52:42:64: 25:8c:0e:c0:a6:94:e5:9c:74:18:ea:f5:05:69:b3:52:dc:f9: a0:89:f9:26:a9:56:6c:2e:c3:6a:d2:4f:0c:bb:d6:7b:ea:99: cb:b7:95:40:9d:07:dc:32:68:53:bd:c2:a3:69:45:f1:df:5b: 8d:09:46:9d:19:5f:f6:a4:dc:ae:38:4a:3a:74:54:ca:4c:ca: 3a:e8:7c:40:ce:dd:cc:83:ed:79:7e:cd:a1:96:85:13:de:6e: 1d:de:ce:84:7c:e5:a9:d5:55:d4:d7:df:4d:e9:19:17:2e:fe: ac:2d:f0:ba:db:a5:20:11:2e:5b:aa:5b:77:b2:fb:1f:94:5c: b3:58:75:fe -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURuIUtoYxJlW1ED2lBAtQvHwVwoowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANmUyMWE4NjZhZGRkOTI5NDA3NDQ5 ZDAzYWU5Y2Q5MzMyNDI1YzNiZmZlZDAzNzNkYWVlZjU3YWQ0N2MzYTdlYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAqTOsczYFx/47QNzUCOS09nbzet rLwzm//KnVtTar04VokQ0M4ANUdc0dzK0j8wAP6JYz1mN83jB4R0dGJtHKIGnX5F iltB48YFil0L7uwJgJ1EUNlTOhR1DwebXWMoeWO1ly24TAV/fvtNHCadNG+WvTwY FWlboyYYyZtoGL9Jv8/VdSqR+tDliIB0xrjOWrQkl5Wo+dmqqB9tInFkSMaBbUeX FylEL26xH3Tn5ddn8C/sscUK8VePSIpexDFluh27X1/pHcMOwYSxn3QsQLm5yDzI aK5yeSXUzo6TuP4mzibXIusNAxJZDfAZogO2tEyIh9fjsy62aX8j8aAjAQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHPC5lXKXwlJkkz9c03bo8JbqD7eMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiZWQzMDdlLWZiY2MtNDI3Yi05NzhmLWQ2ZjZkNjRhOTFjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacKAwDQYJKoZIhvcNAQELBQADggEBALswDc3AxExm7iaatzFQ 1zF+LQZjFG73nr3xotjowxqkOUYideWjkhWYjCs200LzClZobzstew2eFS2qYIpf tp/WeF85f0pe1O4cMQED9CTK85TKCnsuFLWNXrRcIuWdTmbxivJHF6vHA/gwPwVP gkS4r+rZI3u737A1LFJCZCWMDsCmlOWcdBjq9QVps1Lc+aCJ+SapVmwuw2rSTwy7 1nvqmcu3lUCdB9wyaFO9wqNpRfHfW40JRp0ZX/ak3K44Sjp0VMpMyjrofEDO3cyD 7Xl+zaGWhRPebh3ezoR85anVVdTX303pGRcu/qwt8LrbpSARLluqW3ey+x+UXLNY df4= -----END CERTIFICATE-----Generated at Wed Feb 5 04:09:43 2025 by rpki-client