$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2304fccd-a194-40a7-978d-bdb25807cebe.roa File: 2304fccd-a194-40a7-978d-bdb25807cebe.roa (raw, json) Hash identifier: 9JLkkSJkubuZDVzsGShjepwJmy/yqMqgMH5T3qcGad8= Subject key identifier: 54:37:A4:76:9D:78:1F:A0:B3:68:6B:40:70:75:E1:75:C2:3E:EA:A2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0256174B1AD8A5591CA8F58C8646BB4152E1D524 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2304fccd-a194-40a7-978d-bdb25807cebe.roa Signing time: Wed 02 Apr 2025 00:00:17 +0000 ROA not before: Wed 02 Apr 2025 00:00:17 +0000 ROA not after: Wed 07 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:56:17:4b:1a:d8:a5:59:1c:a8:f5:8c:86:46:bb:41:52:e1:d5:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 2 00:00:17 2025 GMT Not After : May 7 23:59:59 2025 GMT Subject: serialNumber=e7cdbacc7d08693670f2f5addcbf8dd82fa9ac89a65bf6bf4a6c7d7ead1d63bb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:43:9d:07:76:68:b7:43:16:a2:02:9d:59:be: 22:ac:39:e8:9d:54:3b:21:27:1a:c4:2a:4a:04:0e: a3:52:22:23:77:d9:8f:55:87:41:50:2f:3a:08:dd: 8a:63:34:73:c4:04:16:52:47:31:89:d3:10:01:06: d1:32:4f:e1:e3:9a:f8:ea:ce:68:68:af:80:31:04: 5e:f2:59:54:26:c2:4f:e0:57:e1:65:2e:ba:7c:f1: 86:bc:64:85:c2:9a:bb:37:21:b7:68:78:95:32:b9: 70:28:1a:be:d2:ac:39:88:6d:c8:6d:bb:33:7c:0e: 1d:b8:4f:a1:34:18:a4:b9:52:b8:a8:19:47:0e:09: b6:86:a1:1b:a3:11:ef:5c:eb:a7:09:76:53:b7:0f: 79:67:07:4d:07:0e:f1:74:90:9a:68:a0:ff:be:ff: 30:3a:0a:05:1f:8c:86:ad:05:da:f5:0b:b2:8c:cb: 80:25:bc:1f:8d:85:67:a3:8f:69:fa:12:81:c9:79: fd:dd:68:97:2c:c1:61:09:03:2c:ee:02:2d:35:f4: 07:7c:de:2c:1f:cd:88:29:1b:eb:f9:a1:25:9b:a4: c1:9c:e7:4a:46:2f:58:16:92:49:6a:b0:04:4c:b2: 3e:59:43:2f:15:fc:49:0f:58:06:72:3d:21:b6:b4: f6:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:37:A4:76:9D:78:1F:A0:B3:68:6B:40:70:75:E1:75:C2:3E:EA:A2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2304fccd-a194-40a7-978d-bdb25807cebe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:c800::/40 Signature Algorithm: sha256WithRSAEncryption 45:04:40:43:a4:25:2e:20:06:ed:2a:86:ec:c8:11:0d:cf:9a: 93:30:d9:d7:75:61:7d:62:11:89:c7:74:67:fc:96:86:52:d0: 51:0b:be:47:ca:00:17:e8:38:6e:4e:33:3a:dd:4b:41:b1:93: 03:65:72:e5:71:a7:9b:af:6c:24:9e:4f:fd:04:c6:1e:63:8d: f9:8f:e9:2e:63:4d:83:02:ed:f9:a4:18:83:13:ff:2b:42:0e: c0:a7:bc:b9:ff:a2:f5:7a:77:e1:95:3f:7f:81:6b:59:30:5d: d3:e7:76:69:81:28:56:00:43:8a:6f:09:51:90:45:e4:59:8c: 83:30:0d:ec:53:b1:cc:0a:ec:c7:f5:00:c0:31:ff:54:6d:3e: 2c:e1:b6:ba:89:f1:ca:ca:3f:46:9c:8e:4f:9a:df:18:87:66: 67:56:5e:f5:73:78:32:6d:22:f0:23:c8:73:4e:d7:45:0a:26: 2d:37:c1:ca:77:0e:0b:2d:80:ca:17:b6:1b:0c:ad:c1:5a:e2: 91:1c:a6:00:0a:47:d8:fa:ef:64:01:dd:6e:10:c3:25:f7:3f: d9:ab:ba:ff:07:58:a4:ef:da:90:c5:b4:2f:8f:c1:e7:de:03: 18:a5:c9:82:1f:e0:ee:15:2f:23:d9:ac:ec:ac:14:1d:eb:01: f5:44:02:b3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAlYXSxrYpVkcqPWMhka7QVLh1SQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQwMjAwMDAxN1oX DTI1MDUwNzIzNTk1OVowejFJMEcGA1UEBRNAZTdjZGJhY2M3ZDA4NjkzNjcwZjJm NWFkZGNiZjhkZDgyZmE5YWM4OWE2NWJmNmJmNGE2YzdkN2VhZDFkNjNiYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UOdB3Zot0MWogKdWb4irDnonVQ7 IScaxCpKBA6jUiIjd9mPVYdBUC86CN2KYzRzxAQWUkcxidMQAQbRMk/h45r46s5o aK+AMQRe8llUJsJP4FfhZS66fPGGvGSFwpq7NyG3aHiVMrlwKBq+0qw5iG3Ibbsz fA4duE+hNBikuVK4qBlHDgm2hqEboxHvXOunCXZTtw95ZwdNBw7xdJCaaKD/vv8w OgoFH4yGrQXa9QuyjMuAJbwfjYVno49p+hKByXn93WiXLMFhCQMs7gItNfQHfN4s H82IKRvr+aElm6TBnOdKRi9YFpJJarAETLI+WUMvFfxJD1gGcj0htrT2dwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFQ3pHadeB+gs2hrQHB14XXCPuqiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIzMDRmY2NkLWExOTQtNDBhNy05NzhkLWJkYjI1ODA3Y2ViZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba78gwDQYJKoZIhvcNAQELBQADggEBAEUEQEOkJS4gBu0qhuzI EQ3PmpMw2dd1YX1iEYnHdGf8loZS0FELvkfKABfoOG5OMzrdS0GxkwNlcuVxp5uv bCSeT/0Exh5jjfmP6S5jTYMC7fmkGIMT/ytCDsCnvLn/ovV6d+GVP3+Ba1kwXdPn dmmBKFYAQ4pvCVGQReRZjIMwDexTscwK7Mf1AMAx/1RtPizhtrqJ8crKP0acjk+a 3xiHZmdWXvVzeDJtIvAjyHNO10UKJi03wcp3DgstgMoXthsMrcFa4pEcpgAKR9j6 72QB3W4QwyX3P9mruv8HWKTv2pDFtC+PwefeAxilyYIf4O4VLyPZrOysFB3rAfVE ArM= -----END CERTIFICATE-----Generated at Thu Apr 17 17:55:35 2025 by rpki-client