$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff6b97ed-ec8e-4842-b75c-bf76de1c3e7c.roa File: ff6b97ed-ec8e-4842-b75c-bf76de1c3e7c.roa (raw, json) Hash identifier: BNXalAabclU63TOQHbRX5SVnJqZA3Qr8FZXLhDGI8Io= Subject key identifier: AE:1E:C1:B5:D0:9A:36:40:66:80:27:E9:CC:F3:41:A7:62:1E:4F:93 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 232459D6B9FF92FD6D6685759DA5EA1FA34C6CD6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff6b97ed-ec8e-4842-b75c-bf76de1c3e7c.roa Signing time: Sat 01 Feb 2025 00:00:00 +0000 ROA not before: Sat 01 Feb 2025 00:00:00 +0000 ROA not after: Sat 08 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:a0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:24:59:d6:b9:ff:92:fd:6d:66:85:75:9d:a5:ea:1f:a3:4c:6c:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 1 00:00:00 2025 GMT Not After : Mar 8 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:1c:5b:b4:ea:38:d6:29:e5:0f:10:da:25:fd: 8e:16:0c:0d:24:e8:2a:b1:0b:55:3e:76:1e:c6:bc: 02:88:7c:0e:b4:bb:ba:c0:18:4a:35:4d:1c:d4:a0: 72:15:c1:98:02:f4:f0:85:e6:ed:20:4b:07:5f:0a: 81:81:4d:16:c5:b0:ae:2a:f7:a8:d8:5a:86:7a:81: 5d:54:3d:26:45:29:c6:ff:c0:5c:3c:f9:83:a1:e0: 85:fc:c0:89:92:77:09:80:65:d6:b8:55:30:dc:90: 52:51:14:00:ea:5e:56:47:2f:91:06:96:e1:7b:f2: 4a:97:b0:40:8b:41:1e:c0:19:dd:e6:3a:db:f6:30: 71:cf:b4:18:3b:b4:c3:31:7d:d4:37:9c:24:36:c6: 1a:4e:fe:65:14:34:79:37:e4:5c:ad:99:b6:6f:63: a2:7f:46:2f:1c:55:f9:5a:cf:a5:e4:ed:49:a6:ea: a3:d1:07:19:fa:ad:7f:3c:f8:89:23:d2:f0:69:34: 6f:af:82:41:5c:99:6d:9f:f8:aa:be:dc:98:af:a3: 6a:6b:14:d2:4a:9a:5c:b7:ed:5e:dd:d4:a0:36:51: c4:02:86:a2:44:26:b2:73:b3:f8:de:2a:39:ef:55: 43:33:50:ec:a5:80:5c:14:ea:26:12:1b:07:b3:52: f0:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:1E:C1:B5:D0:9A:36:40:66:80:27:E9:CC:F3:41:A7:62:1E:4F:93 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff6b97ed-ec8e-4842-b75c-bf76de1c3e7c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:a0c0::/48 Signature Algorithm: sha256WithRSAEncryption 7c:f5:bf:aa:ff:64:b0:41:a9:88:20:95:df:5b:e9:5b:23:f0: b9:4c:af:b1:88:64:e4:ff:45:48:cd:e7:e4:f1:11:94:f0:a8: f0:45:9b:88:c8:fb:1a:2c:26:c6:74:1c:25:93:68:cb:2b:17: 9d:54:af:fd:59:f0:ab:e1:58:66:69:e5:f7:60:a0:00:1f:b3: 4a:ae:2f:ea:de:1b:0f:aa:86:49:a9:61:2f:37:21:22:b6:04: 2d:8e:09:62:d8:3f:0e:13:5e:ed:33:9c:d8:02:99:eb:08:7c: 9b:4e:a6:df:f7:74:e5:7f:32:19:e7:2b:04:2f:29:70:13:16: 98:ee:3f:0f:2c:03:f3:58:10:d1:50:2e:2b:3e:8c:cf:39:98: 27:71:8b:77:b6:d3:71:f9:14:e3:49:2b:b0:1d:4d:4e:26:d1: 2a:a7:e6:83:1b:39:b0:b3:5b:6a:36:90:e5:67:59:bb:f4:d8: 6c:67:d6:75:7a:98:54:38:f3:ca:4f:8f:50:88:8f:05:c4:53: 90:7e:3d:1d:c6:f4:82:b0:f7:97:78:5f:e8:f8:a7:8b:4c:ab: 0b:8b:d8:81:bc:89:9d:9c:f5:9d:7b:40:79:9f:f3:d0:68:e0: 33:07:b1:37:cd:90:31:f0:97:ef:50:ad:f0:4e:e2:dc:45:0d: 29:cd:2d:89 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIyRZ1rn/kv1tZoV1naXqH6NMbNYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNAZDZiNmNhYTZlOWZlMzcwZDgyMzMw MjhmNDFhYTg5Y2UwNTdjNjkwMjcwNWI5Y2ZlOGJmZDU5MjI4MGU0ZTY1MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRxbtOo41inlDxDaJf2OFgwNJOgq sQtVPnYexrwCiHwOtLu6wBhKNU0c1KByFcGYAvTwhebtIEsHXwqBgU0WxbCuKveo 2FqGeoFdVD0mRSnG/8BcPPmDoeCF/MCJkncJgGXWuFUw3JBSURQA6l5WRy+RBpbh e/JKl7BAi0EewBnd5jrb9jBxz7QYO7TDMX3UN5wkNsYaTv5lFDR5N+RcrZm2b2Oi f0YvHFX5Ws+l5O1Jpuqj0QcZ+q1/PPiJI9LwaTRvr4JBXJltn/iqvtyYr6NqaxTS Sppct+1e3dSgNlHEAoaiRCayc7P43io571VDM1DspYBcFOomEhsHs1Lw+QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFK4ewbXQmjZAZoAn6czzQadiHk+TMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmNmI5N2VkLWVjOGUtNDg0Mi1iNzVjLWJmNzZkZTFjM2U3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9KDAMA0GCSqGSIb3DQEBCwUAA4IBAQB89b+q/2SwQamIIJXf W+lbI/C5TK+xiGTk/0VIzefk8RGU8KjwRZuIyPsaLCbGdBwlk2jLKxedVK/9WfCr 4VhmaeX3YKAAH7NKri/q3hsPqoZJqWEvNyEitgQtjgli2D8OE17tM5zYApnrCHyb Tqbf93TlfzIZ5ysELylwExaY7j8PLAPzWBDRUC4rPozPOZgncYt3ttNx+RTjSSuw HU1OJtEqp+aDGzmws1tqNpDlZ1m79NhsZ9Z1ephUOPPKT49QiI8FxFOQfj0dxvSC sPeXeF/o+KeLTKsLi9iBvImdnPWde0B5n/PQaOAzB7E3zZAx8JfvUK3wTuLcRQ0p zS2J -----END CERTIFICATE-----Generated at Wed Feb 5 04:02:13 2025 by rpki-client