$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f173998-8628-44e7-98de-49838888c622.roa File: 0f173998-8628-44e7-98de-49838888c622.roa (raw, json) Hash identifier: k3fD1iZl1NRQ/eVqgsdSXnJ97itu6DIEfnrtowTypgo= Subject key identifier: F4:51:66:30:EC:A3:05:D9:0D:E4:6C:D0:1B:55:07:AD:A1:B8:DA:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B33CCC1CEF4D8F28D600745499FD945E81C21A7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f173998-8628-44e7-98de-49838888c622.roa Signing time: Tue 25 Mar 2025 15:20:16 +0000 ROA not before: Tue 25 Mar 2025 15:20:16 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:33:cc:c1:ce:f4:d8:f2:8d:60:07:45:49:9f:d9:45:e8:1c:21:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:20:16 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=6aca9016bb40ada0c8f832e439b80efae752591dd6261ae8208614bfce3defef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:11:37:44:ee:4f:d6:08:2c:e7:16:2d:da:de: 03:18:b3:a1:34:cf:f6:61:e5:10:15:b9:11:59:9b: d9:d5:22:ee:28:47:9a:a2:bd:c9:95:ae:df:3c:e6: e4:1d:f6:b5:2f:9d:47:be:9b:10:95:20:40:d8:42: 43:50:25:55:fc:bf:6b:06:dc:a1:31:6d:4a:41:92: 52:3e:d3:d4:82:73:88:73:70:ae:23:d5:dc:cf:14: f8:b1:76:49:fd:4c:d6:4b:5b:2c:60:ce:73:3d:ee: bf:f0:e9:20:71:7a:59:0a:12:b2:f4:68:fe:b8:11: 7d:7a:dc:93:6d:74:19:12:26:8b:b4:e2:e6:03:94: e9:da:38:ab:1b:54:8d:d3:cc:c7:f4:26:52:ef:83: 7f:f1:fc:47:50:ff:19:65:18:87:a7:bf:be:dd:75: 1f:67:e0:ac:4c:fa:71:09:3c:6a:bf:69:c8:2e:cf: 3f:08:ed:69:86:df:a0:70:d9:86:a1:37:01:db:ec: df:88:6e:cf:c7:d4:28:15:71:49:02:b5:b1:20:fa: f9:11:d4:93:cb:e6:a9:80:eb:70:15:f3:ad:7b:09: 22:79:57:b5:61:eb:6d:81:9f:31:e6:94:7c:4c:87: a4:9e:4d:99:59:cc:c0:b8:75:c8:1b:4d:e1:bd:d6: 2a:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:51:66:30:EC:A3:05:D9:0D:E4:6C:D0:1B:55:07:AD:A1:B8:DA:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f173998-8628-44e7-98de-49838888c622.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c800::/40 Signature Algorithm: sha256WithRSAEncryption 94:3a:51:54:ba:ed:78:91:55:29:cb:ad:c1:11:b4:35:f9:a7: e9:a7:4b:ca:23:fe:a9:49:20:12:74:a0:d8:2c:8e:b7:5e:59: d3:c5:a8:6a:9f:43:aa:21:2f:f5:f3:41:62:d9:a2:6f:42:de: 64:2e:d2:c8:70:92:1a:bc:1a:57:5f:5c:b9:a4:af:84:2c:62: 90:f2:ae:17:d0:e3:af:9f:18:17:1e:63:74:3d:50:a6:4b:2f: bf:9a:a4:82:91:34:c1:2e:4b:d3:8b:29:8c:dd:dc:4d:95:93: 3f:f4:dc:95:2b:0e:ad:3d:27:44:47:60:be:89:7b:70:f6:d7: 2b:55:cf:0e:23:66:fe:d4:47:25:cb:4e:75:6a:b0:49:d3:7e: 92:10:1b:dd:ce:c4:02:9a:da:8c:b3:8a:64:eb:2a:29:c4:46: 07:2e:5b:1a:ff:84:cb:78:4c:c0:ca:bd:a4:16:c6:cc:52:82: e6:03:43:b5:0a:a0:6e:8e:06:32:ee:26:19:43:04:68:a3:8c: 7d:f2:0e:e6:88:71:87:f7:91:d1:3a:1a:92:3a:fe:65:3d:3f: 33:b4:bf:35:62:03:19:38:6d:08:f0:39:93:bc:76:cc:c3:8f: 6e:72:82:09:ba:e1:4e:fd:42:02:a0:03:66:64:d0:f4:5d:a3: 81:28:72:bd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUazPMwc702PKNYAdFSZ/ZRegcIacwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MjAxNloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANmFjYTkwMTZiYjQwYWRhMGM4Zjgz MmU0MzliODBlZmFlNzUyNTkxZGQ2MjYxYWU4MjA4NjE0YmZjZTNkZWZlZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxE3RO5P1ggs5xYt2t4DGLOhNM/2 YeUQFbkRWZvZ1SLuKEeaor3Jla7fPObkHfa1L51HvpsQlSBA2EJDUCVV/L9rBtyh MW1KQZJSPtPUgnOIc3CuI9XczxT4sXZJ/UzWS1ssYM5zPe6/8OkgcXpZChKy9Gj+ uBF9etyTbXQZEiaLtOLmA5Tp2jirG1SN08zH9CZS74N/8fxHUP8ZZRiHp7++3XUf Z+CsTPpxCTxqv2nILs8/CO1pht+gcNmGoTcB2+zfiG7Px9QoFXFJArWxIPr5EdST y+apgOtwFfOtewkieVe1YettgZ8x5pR8TIeknk2ZWczAuHXIG03hvdYqQQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPRRZjDsowXZDeRs0BtVB62huNoxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBmMTczOTk4LTg2MjgtNDRlNy05OGRlLTQ5ODM4ODg4YzYyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOMgwDQYJKoZIhvcNAQELBQADggEBAJQ6UVS67XiRVSnLrcER tDX5p+mnS8oj/qlJIBJ0oNgsjrdeWdPFqGqfQ6ohL/XzQWLZom9C3mQu0shwkhq8 GldfXLmkr4QsYpDyrhfQ46+fGBceY3Q9UKZLL7+apIKRNMEuS9OLKYzd3E2Vkz/0 3JUrDq09J0RHYL6Je3D21ytVzw4jZv7URyXLTnVqsEnTfpIQG93OxAKa2oyzimTr KinERgcuWxr/hMt4TMDKvaQWxsxSguYDQ7UKoG6OBjLuJhlDBGijjH3yDuaIcYf3 kdE6GpI6/mU9PzO0vzViAxk4bQjwOZO8dszDj25yggm64U79QgKgA2Zk0PRdo4Eo cr0= -----END CERTIFICATE-----Generated at Thu Apr 17 18:22:04 2025 by rpki-client