$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa File: fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa (raw, json) Hash identifier: C1igrOqBTjlAAvvvURRurjjYaFt9zt5VH8MAjlVUj3s= Subject key identifier: 50:4F:1A:69:F6:C0:3F:31:C8:7D:AB:9D:6F:C1:BB:4B:94:05:87:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18A10059549FEA55531AFEC40937104C8932F723 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:a1:00:59:54:9f:ea:55:53:1a:fe:c4:09:37:10:4c:89:32:f7:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:2e:ea:ea:9c:87:54:cc:02:78:e8:26:ae:9e: 79:6e:eb:f2:1f:73:eb:3c:e1:79:4e:a8:2d:e0:0d: 42:3c:f1:91:9d:7f:1e:2d:0c:74:ac:ad:8e:fa:80: 81:56:59:3a:99:70:fb:d4:fa:47:6e:32:5e:00:da: 79:76:33:54:20:13:0e:aa:86:79:da:df:5d:29:3f: 10:04:d0:52:c1:a1:5a:b0:b7:95:23:19:8d:e2:f6: a6:39:f6:3d:44:6c:5c:ad:7a:af:be:c2:f2:6e:92: 28:d0:ed:a0:ca:b4:8b:37:9f:1d:59:a8:40:af:be: f3:13:73:16:42:06:b0:75:e7:78:17:2b:86:6a:22: 41:a1:79:56:8e:a8:d5:dc:1e:35:be:98:ad:67:a5: 6d:95:b6:9f:53:3a:c8:34:12:45:79:c9:cc:1a:8c: 28:cf:10:8b:0b:e4:db:81:88:9e:35:28:a3:30:ed: 15:cd:59:9b:9c:d3:40:54:31:6b:77:04:29:04:cd: dc:be:c5:c4:30:af:45:6a:5b:3c:2d:60:1f:b6:12: 3f:27:43:ec:e7:c5:97:e2:87:9c:46:42:60:29:39: 55:5a:bc:78:ba:4c:2d:f5:2b:59:d2:4a:5b:71:27: cc:b9:bc:6f:14:65:d5:36:8e:41:37:b8:60:da:ae: 7d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:4F:1A:69:F6:C0:3F:31:C8:7D:AB:9D:6F:C1:BB:4B:94:05:87:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:f000::/40 Signature Algorithm: sha256WithRSAEncryption 84:bb:1a:86:13:25:95:dd:c7:d0:88:9c:31:8b:34:80:79:42: 8a:76:8c:05:39:ea:2b:75:be:14:89:72:07:23:b8:9a:df:3b: db:83:00:85:ee:d6:00:f6:ec:7b:d4:6c:81:cb:8a:36:f8:de: 9c:29:1b:40:27:2c:5e:07:2f:d0:ee:13:bc:20:f2:5d:33:06: 33:b8:63:39:7f:e3:dd:3e:23:67:1f:90:be:cf:1b:55:e1:85: 92:ca:59:37:27:43:49:bb:b1:8a:dd:5d:f8:3d:db:9f:f1:80: 7c:e8:d2:6c:a2:00:60:05:58:b9:c8:98:54:d6:f0:0d:88:4a: b2:8e:bd:21:81:5c:04:50:33:a9:d6:22:50:65:57:6a:76:80: 9f:99:48:dd:56:55:2f:a6:25:03:38:3d:65:15:59:30:2d:08: ae:9d:3f:e6:5a:3a:f6:1b:6e:b3:36:3c:20:ab:ff:39:7f:20: 21:68:63:83:f5:69:60:20:f8:91:57:f0:23:41:56:83:35:eb: 9f:1b:14:b2:1d:36:83:31:c0:3b:f9:51:80:8d:e5:15:94:eb: 35:d3:f1:bf:eb:bd:ab:e1:13:80:7b:82:31:52:0c:15:12:dc: b5:66:ad:01:bb:32:40:7c:67:4d:18:a2:fb:bb:38:f3:14:aa: 23:69:8e:07 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGKEAWVSf6lVTGv7ECTcQTIky9yMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYjZmM2Y4YjdlMzVhNzEwZDRlZTBh MmY4MmVhODQxNjYwNDE1MGQzZjIyMzZlYTVlY2I1N2U5NTE3MzU1M2ZkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS7q6pyHVMwCeOgmrp55buvyH3Pr POF5Tqgt4A1CPPGRnX8eLQx0rK2O+oCBVlk6mXD71PpHbjJeANp5djNUIBMOqoZ5 2t9dKT8QBNBSwaFasLeVIxmN4vamOfY9RGxcrXqvvsLybpIo0O2gyrSLN58dWahA r77zE3MWQgawded4FyuGaiJBoXlWjqjV3B41vpitZ6VtlbafUzrINBJFecnMGowo zxCLC+TbgYieNSijMO0VzVmbnNNAVDFrdwQpBM3cvsXEMK9Fals8LWAfthI/J0Ps 58WX4oecRkJgKTlVWrx4ukwt9StZ0kpbcSfMubxvFGXVNo5BN7hg2q596wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFBPGmn2wD8xyH2rnW/Bu0uUBYcYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlZjNhYmY2LWYyZTAtNDRlOC1hN2IzLTFjODdjOWMxZDI2Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOPAwDQYJKoZIhvcNAQELBQADggEBAIS7GoYTJZXdx9CInDGL NIB5Qop2jAU56it1vhSJcgcjuJrfO9uDAIXu1gD27HvUbIHLijb43pwpG0AnLF4H L9DuE7wg8l0zBjO4Yzl/490+I2cfkL7PG1XhhZLKWTcnQ0m7sYrdXfg925/xgHzo 0myiAGAFWLnImFTW8A2ISrKOvSGBXARQM6nWIlBlV2p2gJ+ZSN1WVS+mJQM4PWUV WTAtCK6dP+ZaOvYbbrM2PCCr/zl/ICFoY4P1aWAg+JFX8CNBVoM1658bFLIdNoMx wDv5UYCN5RWU6zXT8b/rvavhE4B7gjFSDBUS3LVmrQG7MkB8Z00Yovu7OPMUqiNp jgc= -----END CERTIFICATE-----Generated at Sun Feb 16 15:25:30 2025 by rpki-client