$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1bc66f2e-41cb-465a-add7-471e408dd01e.roa File: 1bc66f2e-41cb-465a-add7-471e408dd01e.roa (raw, json) Hash identifier: Do4vh8Dnyw9kwnzlK5dFNQhuYhJ0iA64v0UYEAST3mQ= Subject key identifier: B5:3D:DC:0D:4F:0A:BE:D5:B5:45:20:C0:B9:0C:D7:0A:CE:AE:FA:CC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 21A412CAA9A60D54B53AC0F35C4442D3833E6446 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1bc66f2e-41cb-465a-add7-471e408dd01e.roa Signing time: Tue 25 Mar 2025 16:50:38 +0000 ROA not before: Tue 25 Mar 2025 16:50:38 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:a4:12:ca:a9:a6:0d:54:b5:3a:c0:f3:5c:44:42:d3:83:3e:64:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:50:38 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=2bf4cd50fcbefe17767f1e9f5a77d1f231d73226e2a05b55c81157d03f11f674, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:e2:c2:7f:b0:ba:d1:3f:d2:23:66:3a:de:6e: 47:cb:eb:f9:f2:c0:c0:50:4b:e4:ba:e8:af:4a:0f: 39:b8:a8:8d:11:0a:1e:b9:0d:39:26:0c:67:f7:11: 82:2a:f4:4d:0b:94:85:26:06:a3:ea:da:9c:ae:f0: 25:47:c4:26:ce:8e:e2:8d:6c:75:08:37:7f:63:6b: d2:c6:61:49:7e:49:4c:be:15:9f:da:c1:db:58:56: 62:60:78:b4:f8:3d:31:99:af:e6:ef:e0:06:2a:b0: 40:74:ad:55:1f:7d:f1:b6:e6:d1:4a:dc:17:32:1c: af:6e:4c:83:0c:2a:a4:0e:85:0b:38:79:e6:5d:4b: c4:c6:7a:f0:e4:c4:e7:db:ff:5f:35:a2:7d:37:54: c7:65:9a:6f:b0:b0:27:79:79:cc:02:e6:7c:5f:45: 3f:23:73:e8:9c:a0:d9:96:68:bb:90:ef:45:cd:ea: db:bc:b5:dc:df:87:e9:41:c9:32:3f:4d:0a:38:2d: 60:31:c7:03:db:9d:46:e9:f2:7d:30:00:5f:32:c6: 3b:5d:b6:72:21:6d:9a:57:87:f7:62:c1:7f:cf:4e: bf:d6:8c:ae:c8:bf:79:0a:b9:a9:04:b1:d9:d4:95: 60:d7:76:2f:44:a4:11:cc:ff:56:10:ea:39:2c:45: 40:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:3D:DC:0D:4F:0A:BE:D5:B5:45:20:C0:B9:0C:D7:0A:CE:AE:FA:CC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1bc66f2e-41cb-465a-add7-471e408dd01e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14:8000::/36 Signature Algorithm: sha256WithRSAEncryption 65:31:b0:96:c4:30:77:d6:97:1c:53:36:be:30:67:4d:94:23: 16:d3:28:48:41:b4:e4:2d:3b:83:38:74:fc:0b:72:16:2e:c0: 14:87:5a:25:6e:f1:cc:03:d4:48:ca:2a:f8:9f:7f:4f:13:81: 4f:6c:01:7d:b1:72:50:cf:9f:3a:27:9b:cd:cc:3f:05:81:dc: 40:75:2c:9e:cf:44:83:79:18:89:2d:f9:f4:b1:1f:d8:19:22: f7:4f:2f:4c:4c:ab:09:c3:28:68:95:21:aa:86:40:f8:24:a5: b0:13:79:65:6d:f1:29:36:a0:e5:5a:6f:be:4e:40:25:15:a6: e9:9d:d4:cb:8e:c4:b8:77:f9:b2:90:65:d7:a7:6b:8e:90:6e: 14:bf:bc:86:5b:93:6c:5b:12:0d:26:c3:46:b5:df:8b:db:c0: 80:ac:a2:b6:c6:5f:c3:1c:4d:95:70:6a:1e:69:60:72:5c:5d: 4e:7e:38:23:47:a9:ff:1b:0b:77:1e:26:f1:0e:33:7f:d3:90: ee:84:b5:81:0f:b1:a8:7a:53:b7:75:7b:cf:96:23:7f:74:ae: f7:43:bd:c1:b4:f9:55:61:09:fd:73:38:d4:76:8c:fd:c3:46: 8a:53:59:a9:98:51:83:a9:6c:6c:b5:8a:0e:3c:70:73:f7:f4: f0:d9:64:24 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIaQSyqmmDVS1OsDzXERC04M+ZEYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NTAzOFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMmJmNGNkNTBmY2JlZmUxNzc2N2Yx ZTlmNWE3N2QxZjIzMWQ3MzIyNmUyYTA1YjU1YzgxMTU3ZDAzZjExZjY3NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOLCf7C60T/SI2Y63m5Hy+v58sDA UEvkuuivSg85uKiNEQoeuQ05Jgxn9xGCKvRNC5SFJgaj6tqcrvAlR8Qmzo7ijWx1 CDd/Y2vSxmFJfklMvhWf2sHbWFZiYHi0+D0xma/m7+AGKrBAdK1VH33xtubRStwX MhyvbkyDDCqkDoULOHnmXUvExnrw5MTn2/9fNaJ9N1THZZpvsLAneXnMAuZ8X0U/ I3PonKDZlmi7kO9FzerbvLXc34fpQckyP00KOC1gMccD251G6fJ9MABfMsY7XbZy IW2aV4f3YsF/z06/1oyuyL95CrmpBLHZ1JVg13YvRKQRzP9WEOo5LEVA1wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLU93A1PCr7VtUUgwLkM1wrOrvrMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiYzY2ZjJlLTQxY2ItNDY1YS1hZGQ3LTQ3MWU0MDhkZDAxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFIAwDQYJKoZIhvcNAQELBQADggEBAGUxsJbEMHfWlxxTNr4w Z02UIxbTKEhBtOQtO4M4dPwLchYuwBSHWiVu8cwD1EjKKviff08TgU9sAX2xclDP nzonm83MPwWB3EB1LJ7PRIN5GIkt+fSxH9gZIvdPL0xMqwnDKGiVIaqGQPgkpbAT eWVt8Sk2oOVab75OQCUVpumd1MuOxLh3+bKQZdena46QbhS/vIZbk2xbEg0mw0a1 34vbwICsorbGX8McTZVwah5pYHJcXU5+OCNHqf8bC3ceJvEOM3/TkO6EtYEPsah6 U7d1e8+WI390rvdDvcG0+VVhCf1zONR2jP3DRopTWamYUYOpbGy1ig48cHP39PDZ ZCQ= -----END CERTIFICATE-----Generated at Thu Apr 17 17:36:27 2025 by rpki-client