$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27ffe405-af5c-4562-aa96-cff0cf796a1c.roa File: 27ffe405-af5c-4562-aa96-cff0cf796a1c.roa (raw, json) Hash identifier: NLDP88yDJLmVWvH9s93m6YVrk/dWpaog0jjNREVoQFE= Subject key identifier: 55:E7:F6:EE:A7:9D:04:BF:B9:F3:D1:36:87:2F:75:A5:68:11:D8:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11ECEAAB7FA8011C7B83FEFBB2BC1A3C1D0404F8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27ffe405-af5c-4562-aa96-cff0cf796a1c.roa Signing time: Tue 25 Mar 2025 00:50:49 +0000 ROA not before: Tue 25 Mar 2025 00:50:49 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:6020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:ec:ea:ab:7f:a8:01:1c:7b:83:fe:fb:b2:bc:1a:3c:1d:04:04:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:50:49 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=6e7501181e974a6f1142e0d94981d615919141aabdc4f93947ce950d2518eae7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e6:ea:26:27:a9:76:6a:94:15:4e:12:70:f2: 36:15:7b:b5:66:b3:74:59:0c:ea:8f:52:56:b1:b5: eb:fb:f2:7b:39:c9:9c:53:d6:37:51:ee:7f:aa:c4: 98:c9:5d:aa:fa:96:bc:ab:13:98:5a:32:ac:bc:e8: 0c:f5:0e:de:7b:4f:07:bf:9a:85:8d:e0:c1:1e:53: 48:31:1d:57:4f:bd:e1:1d:79:1a:af:0b:4a:26:38: 77:fb:6b:35:37:ff:fc:aa:22:b9:cd:cc:50:cf:b4: f8:da:b4:36:0a:37:2e:d5:19:c4:3e:e8:ae:b1:d6: f6:f0:ed:ba:d7:e2:92:ed:b8:12:51:c6:f2:73:2f: 50:9d:5e:6a:89:9e:fb:61:26:5f:27:94:39:40:86: a2:68:1b:c0:1a:4a:36:54:e7:d6:cb:82:af:a1:b6: f2:f0:26:06:c6:12:9e:fe:e4:2b:1b:ba:8f:ae:91: da:a8:2c:33:2b:69:73:b1:d6:74:d7:ad:1b:9f:a0: b4:39:b8:80:f9:dd:69:d7:e7:1b:43:18:83:e3:d5: 99:1b:ae:d9:9d:fa:d1:fb:56:77:af:ca:cb:c5:c5: dc:5d:9f:56:bf:28:32:d6:03:e3:f9:47:60:69:7e: 26:8c:e7:09:55:f3:8b:20:e0:5a:83:11:cb:4e:94: 38:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:E7:F6:EE:A7:9D:04:BF:B9:F3:D1:36:87:2F:75:A5:68:11:D8:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27ffe405-af5c-4562-aa96-cff0cf796a1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:6020::/48 Signature Algorithm: sha256WithRSAEncryption 0a:5d:fe:23:f4:c0:b6:c1:96:32:67:27:55:64:2c:d9:a8:85: 07:3a:77:e4:db:17:48:95:a4:f1:47:9b:55:a1:0a:3b:3b:7d: 09:8c:8f:d5:10:82:db:09:c1:52:be:f1:0e:ad:69:0c:e9:7b: 0c:88:a0:af:fe:02:09:80:c5:09:c7:9c:6a:3a:b9:83:b4:52: 16:ef:6d:52:84:eb:fc:37:2e:f5:43:80:ff:6c:de:7a:0b:25: 16:ff:15:b4:e5:d8:53:d5:97:ad:1f:a4:3f:cb:4c:05:ca:55: c6:f6:ac:6a:9a:09:b1:39:b6:27:48:4e:85:8b:39:f6:ff:c5: 52:21:ec:0d:2a:50:ff:1f:56:47:e0:b1:81:ca:22:94:00:85: b9:2c:3a:a8:54:55:8e:eb:60:ab:2b:bf:4b:e3:1d:57:b0:dd: aa:bc:1b:4d:30:a4:9c:8e:5b:e7:a2:b0:9f:41:9a:d8:91:49: 91:ff:41:d9:28:ad:90:c4:d0:c6:36:a9:5d:b2:42:d6:d3:72: 30:b9:d5:d6:b9:20:d9:f6:aa:3d:93:10:bf:01:c4:0c:2a:ea: 69:b3:ce:5b:f8:29:e2:2d:ed:1a:f3:ac:08:30:b6:6f:76:2d: be:1b:52:5d:f7:d5:12:b5:ca:5c:29:b8:39:b5:03:c3:b5:ce: 8a:e1:92:42 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEezqq3+oARx7g/77srwaPB0EBPgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNTA0OVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANmU3NTAxMTgxZTk3NGE2ZjExNDJl MGQ5NDk4MWQ2MTU5MTkxNDFhYWJkYzRmOTM5NDdjZTk1MGQyNTE4ZWFlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsObqJiepdmqUFU4ScPI2FXu1ZrN0 WQzqj1JWsbXr+/J7OcmcU9Y3Ue5/qsSYyV2q+pa8qxOYWjKsvOgM9Q7ee08Hv5qF jeDBHlNIMR1XT73hHXkarwtKJjh3+2s1N//8qiK5zcxQz7T42rQ2Cjcu1RnEPuiu sdb28O261+KS7bgSUcbycy9QnV5qiZ77YSZfJ5Q5QIaiaBvAGko2VOfWy4Kvobby 8CYGxhKe/uQrG7qPrpHaqCwzK2lzsdZ0160bn6C0ObiA+d1p1+cbQxiD49WZG67Z nfrR+1Z3r8rLxcXcXZ9Wvygy1gPj+UdgaX4mjOcJVfOLIOBagxHLTpQ4pwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFXn9u6nnQS/ufPRNocvdaVoEdjIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI3ZmZlNDA1LWFmNWMtNDU2Mi1hYTk2LWNmZjBjZjc5NmExYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/2AgMA0GCSqGSIb3DQEBCwUAA4IBAQAKXf4j9MC2wZYyZydV ZCzZqIUHOnfk2xdIlaTxR5tVoQo7O30JjI/VEILbCcFSvvEOrWkM6XsMiKCv/gIJ gMUJx5xqOrmDtFIW721ShOv8Ny71Q4D/bN56CyUW/xW05dhT1ZetH6Q/y0wFylXG 9qxqmgmxObYnSE6Fizn2/8VSIewNKlD/H1ZH4LGByiKUAIW5LDqoVFWO62CrK79L 4x1XsN2qvBtNMKScjlvnorCfQZrYkUmR/0HZKK2QxNDGNqldskLW03IwudXWuSDZ 9qo9kxC/AcQMKupps85b+CniLe0a86wIMLZvdi2+G1Jd99UStcpcKbg5tQPDtc6K 4ZJC -----END CERTIFICATE-----Generated at Thu Apr 17 17:48:21 2025 by rpki-client