$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa File: ffd89ff2-4de6-4517-88fc-12345cabb969.roa (raw, json) Hash identifier: 646mZtLeQ2j7T8ysXhiNRngTIAD5JAxlRIdSKetlPO0= Subject key identifier: 99:A6:79:70:F1:E6:68:66:26:D3:22:11:01:72:67:AC:70:38:8D:6C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 570D92F2E085E2F5B093C150A7B191A4C5D67119 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa Signing time: Tue 04 Feb 2025 00:00:00 +0000 ROA not before: Tue 04 Feb 2025 00:00:00 +0000 ROA not after: Tue 11 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da15::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:0d:92:f2:e0:85:e2:f5:b0:93:c1:50:a7:b1:91:a4:c5:d6:71:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 4 00:00:00 2025 GMT Not After : Mar 11 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b5:74:1b:fd:9c:e9:3e:87:c5:15:dc:e2:2c: dc:17:9d:2d:10:7d:89:26:e5:8e:e5:0c:b5:a8:46: 84:bf:30:cd:33:c8:09:5a:aa:bb:e0:d6:d2:53:86: dd:cd:0a:71:ae:1b:1d:62:6d:a5:11:82:a8:8e:c5: b2:89:1b:99:56:de:95:dc:6f:56:12:c3:50:13:d3: 9a:8a:14:cb:a5:c4:87:e3:57:87:80:b8:44:9e:d4: 06:28:56:c9:61:b3:10:71:44:16:d5:2d:ee:48:50: e3:96:fe:2d:18:36:ef:9b:55:1d:bd:0b:94:cc:6d: 16:c7:e9:eb:a6:ca:f6:55:cc:1a:6d:a3:7f:e1:be: 77:c6:85:7d:b3:80:fd:6e:63:97:6e:48:b5:03:e8: 2b:3a:e0:95:9c:e7:99:69:4e:6d:35:a3:89:76:7d: fc:d1:4b:97:dd:0c:9d:54:6f:3a:3e:74:10:36:b1: ed:f9:ab:56:e0:da:c3:f4:74:31:df:43:c8:8d:24: 19:01:f9:16:3f:bb:28:9c:b1:72:5d:ec:77:0b:ee: c7:55:9d:42:08:e2:b3:fe:e5:d3:bd:e3:7f:77:84: 53:5d:69:bd:91:41:63:ef:c8:24:ae:6c:74:63:70: 6c:fc:a6:05:90:87:ca:87:b6:4e:ee:ce:52:02:ba: ef:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:A6:79:70:F1:E6:68:66:26:D3:22:11:01:72:67:AC:70:38:8D:6C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da15::/36 Signature Algorithm: sha256WithRSAEncryption b9:98:66:c7:f8:79:e3:ce:6b:ff:da:ff:8a:d0:d5:e3:4c:3a: 36:cc:4f:90:a3:70:a5:92:7c:d7:aa:7f:51:db:d7:2a:e9:98: 25:d1:58:68:29:eb:7d:1e:27:84:4f:82:b5:a4:af:f6:d6:17: b8:65:64:57:a5:b0:d9:dc:a9:80:d7:3e:53:38:8d:96:70:e5: 6a:f6:9f:60:9b:e9:27:df:ef:49:1f:be:1f:cd:23:3a:a4:ba: 40:75:8a:e8:dc:8f:34:0e:19:7b:7a:98:90:a5:70:b9:02:47: 9b:b7:67:e7:c0:aa:61:02:9d:8e:30:ac:79:cd:6a:60:2c:17: 49:c1:51:00:ca:11:8f:1a:d5:0b:28:75:8a:f8:9a:75:a6:23: f9:1c:d7:92:bd:75:40:2e:ed:4b:b1:c4:71:3e:75:a4:3d:9c: 6f:35:0d:ac:76:82:49:84:30:78:2a:19:80:27:dd:3c:39:6b: 9b:b5:93:0e:46:63:54:89:3f:80:e8:06:68:b2:80:92:21:ef: 55:8a:a4:bc:76:da:55:b6:b7:a9:ec:24:a0:d8:5c:51:93:b8: 16:70:73:6a:0a:48:1c:10:20:ac:f8:ab:4f:32:04:a2:00:3a: 8c:41:1a:50:24:ce:eb:f3:f5:c6:23:49:5e:05:8d:0a:65:6b: e0:01:82:c3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVw2S8uCF4vWwk8FQp7GRpMXWcRkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwNDAwMDAwMFoX DTI1MDMxMTIzNTk1OVowejFJMEcGA1UEBRNAOWEwNWRkOTMyNTBlZDg2Nzc3ODE1 YjZmOTdmMjg3NzgzYmQxZjg5ZmQ1ZmQwMjg4YjRiMjMxZGI3MzBjMjk5MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbV0G/2c6T6HxRXc4izcF50tEH2J JuWO5Qy1qEaEvzDNM8gJWqq74NbSU4bdzQpxrhsdYm2lEYKojsWyiRuZVt6V3G9W EsNQE9OaihTLpcSH41eHgLhEntQGKFbJYbMQcUQW1S3uSFDjlv4tGDbvm1UdvQuU zG0Wx+nrpsr2VcwabaN/4b53xoV9s4D9bmOXbki1A+grOuCVnOeZaU5tNaOJdn38 0UuX3QydVG86PnQQNrHt+atW4NrD9HQx30PIjSQZAfkWP7sonLFyXex3C+7HVZ1C COKz/uXTveN/d4RTXWm9kUFj78gkrmx0Y3Bs/KYFkIfKh7ZO7s5SArrvPwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJmmeXDx5mhmJtMiEQFyZ6xwOI1sMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmZDg5ZmYyLTRkZTYtNDUxNy04OGZjLTEyMzQ1Y2FiYjk2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFQAwDQYJKoZIhvcNAQELBQADggEBALmYZsf4eePOa//a/4rQ 1eNMOjbMT5CjcKWSfNeqf1Hb1yrpmCXRWGgp630eJ4RPgrWkr/bWF7hlZFelsNnc qYDXPlM4jZZw5Wr2n2Cb6Sff70kfvh/NIzqkukB1iujcjzQOGXt6mJClcLkCR5u3 Z+fAqmECnY4wrHnNamAsF0nBUQDKEY8a1QsodYr4mnWmI/kc15K9dUAu7UuxxHE+ daQ9nG81Dax2gkmEMHgqGYAn3Tw5a5u1kw5GY1SJP4DoBmiygJIh71WKpLx22lW2 t6nsJKDYXFGTuBZwc2oKSBwQIKz4q08yBKIAOoxBGlAkzuvz9cYjSV4FjQpla+AB gsM= -----END CERTIFICATE-----Generated at Sun Feb 16 15:24:02 2025 by rpki-client