$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cfb406-d628-472a-94e3-493598a051d0.roa File: 07cfb406-d628-472a-94e3-493598a051d0.roa (raw, json) Hash identifier: b4aW+nBODQCDzESc1f/nmZWZ2jVozKHUdRkYVsyYXp8= Subject key identifier: 76:FA:B1:1D:CE:54:BF:2F:69:E8:07:88:75:8D:E3:A9:B7:90:A9:30 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 02F0EB7CCAE822F0A232E754DC446314CE124709 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cfb406-d628-472a-94e3-493598a051d0.roa Signing time: Tue 25 Mar 2025 00:30:18 +0000 ROA not before: Tue 25 Mar 2025 00:30:18 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:2040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:f0:eb:7c:ca:e8:22:f0:a2:32:e7:54:dc:44:63:14:ce:12:47:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:30:18 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=f4ce46af711481240c3100d11f92bbb4af0b2748787fab8a994e145b27ee3b17, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:67:d9:10:cb:62:ef:0b:71:b5:92:4d:3e:ac: 39:d8:c0:a0:91:37:89:0c:32:7e:5d:18:3e:1e:f8: cd:fd:ba:21:96:d9:da:07:f1:fe:a1:01:41:78:63: 3d:1c:fa:ce:75:02:dd:80:b4:98:0c:58:57:24:75: 8f:5c:35:bd:37:85:ce:b6:5a:80:a6:ec:6e:b9:26: 7b:62:19:a4:19:5a:81:c6:f0:eb:ad:19:30:88:c8: 97:f8:87:1d:14:a4:fe:c4:0e:00:c7:7c:ef:9c:c7: ea:77:dd:46:1f:f3:59:8e:49:a8:21:52:ab:f0:29: 22:51:42:76:90:63:70:7e:5c:18:95:58:a6:69:3c: 3f:2e:f4:a2:c9:b5:fa:a8:d4:ad:2b:7b:9f:34:ab: f5:73:34:c0:e4:0c:77:6c:a4:62:1e:97:f3:0c:e9: 32:da:15:af:a6:d2:11:3a:12:c8:99:ee:db:04:93: 6a:9f:c2:49:ae:9f:83:54:a2:80:b9:08:60:11:48: 36:e3:31:cd:58:b3:75:c7:20:7e:83:cc:19:fe:2e: f4:3f:c1:21:ea:bc:48:6b:36:3b:cd:d2:6d:97:5e: d5:50:1c:d8:fe:25:0e:e7:79:73:24:f9:c2:33:f5: c1:10:8a:02:8b:96:8d:eb:72:c9:d0:34:39:6a:33: bc:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:FA:B1:1D:CE:54:BF:2F:69:E8:07:88:75:8D:E3:A9:B7:90:A9:30 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cfb406-d628-472a-94e3-493598a051d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:2040::/48 Signature Algorithm: sha256WithRSAEncryption 38:5b:74:58:f4:35:ba:d9:50:d9:f2:4e:f0:9f:a7:8b:69:58: 62:43:40:12:97:4f:3d:31:9d:84:8b:91:7c:96:b2:92:41:b3: c0:11:ad:e9:79:f9:95:72:34:9b:1e:a5:d1:70:1a:bc:dd:80: 2b:21:d8:0a:0b:0f:93:a6:6f:34:e2:3c:e5:8a:e2:91:c7:24: 55:9b:4d:ad:c8:a4:4a:1d:38:3e:0b:ef:b8:6f:f8:b3:0e:c6: 8d:a9:af:47:13:96:7f:0a:85:3c:f0:a1:6e:0d:f5:49:cf:e3: 72:56:11:c4:98:74:85:45:f1:3b:7c:c6:82:6e:b5:d8:e7:03: 57:73:f6:cd:5e:59:57:8d:a2:2f:0f:5b:ba:fe:3a:73:d4:e2: 98:4a:e7:b2:f9:12:80:6c:35:e6:c2:6d:50:3f:d3:c4:f0:f5: 1d:0d:fc:1f:01:eb:46:a8:78:24:9c:8c:ce:99:4f:56:85:ae: c1:c3:58:f1:2c:fe:9e:91:60:14:8d:19:9c:8c:8f:58:85:e1: e7:27:eb:68:9d:5f:80:e1:47:97:2e:6c:ff:80:07:d5:2a:ff: 8b:9c:c1:de:60:4e:5a:90:3e:1e:e7:6d:99:c1:a7:cf:38:87: 36:a6:53:3f:12:8e:62:af:66:6b:e3:18:5b:2c:f5:65:6d:e2: 21:c7:bb:e2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAvDrfMroIvCiMudU3ERjFM4SRwkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwMzAxOFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZjRjZTQ2YWY3MTE0ODEyNDBjMzEw MGQxMWY5MmJiYjRhZjBiMjc0ODc4N2ZhYjhhOTk0ZTE0NWIyN2VlM2IxNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2fZEMti7wtxtZJNPqw52MCgkTeJ DDJ+XRg+HvjN/bohltnaB/H+oQFBeGM9HPrOdQLdgLSYDFhXJHWPXDW9N4XOtlqA puxuuSZ7YhmkGVqBxvDrrRkwiMiX+IcdFKT+xA4Ax3zvnMfqd91GH/NZjkmoIVKr 8CkiUUJ2kGNwflwYlVimaTw/LvSiybX6qNStK3ufNKv1czTA5Ax3bKRiHpfzDOky 2hWvptIROhLIme7bBJNqn8JJrp+DVKKAuQhgEUg24zHNWLN1xyB+g8wZ/i70P8Eh 6rxIazY7zdJtl17VUBzY/iUO53lzJPnCM/XBEIoCi5aN63LJ0DQ5ajO8TQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHb6sR3OVL8vaegHiHWN46m3kKkwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA3Y2ZiNDA2LWQ2MjgtNDcyYS05NGUzLTQ5MzU5OGEwNTFkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaACBAMA0GCSqGSIb3DQEBCwUAA4IBAQA4W3RY9DW62VDZ8k7w n6eLaVhiQ0ASl089MZ2Ei5F8lrKSQbPAEa3pefmVcjSbHqXRcBq83YArIdgKCw+T pm804jzliuKRxyRVm02tyKRKHTg+C++4b/izDsaNqa9HE5Z/CoU88KFuDfVJz+Ny VhHEmHSFRfE7fMaCbrXY5wNXc/bNXllXjaIvD1u6/jpz1OKYSuey+RKAbDXmwm1Q P9PE8PUdDfwfAetGqHgknIzOmU9Wha7Bw1jxLP6ekWAUjRmcjI9YheHnJ+tonV+A 4UeXLmz/gAfVKv+LnMHeYE5akD4e522ZwafPOIc2plM/Eo5ir2Zr4xhbLPVlbeIh x7vi -----END CERTIFICATE-----Generated at Thu Apr 17 17:46:02 2025 by rpki-client