$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa File: 2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa (raw, json) Hash identifier: 7ZeV+taBwlYh5H3Kr/6CLAjMtMJd2pg37L4yL0rHt9g= Subject key identifier: 47:94:96:45:52:0B:B8:1C:ED:5B:AF:A5:35:EA:AB:70:FD:63:38:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 580736F8BAA3BA4930C420BA2777D9B5EFD63623 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa Signing time: Mon 24 Mar 2025 15:20:58 +0000 ROA not before: Mon 24 Mar 2025 15:20:58 +0000 ROA not after: Mon 28 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:07:36:f8:ba:a3:ba:49:30:c4:20:ba:27:77:d9:b5:ef:d6:36:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 24 15:20:58 2025 GMT Not After : Apr 28 23:59:59 2025 GMT Subject: serialNumber=0ce92f2f5f48c64248a5babe75b605a91f9ef614093d7c448e86114b2b303554, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:bf:70:58:a6:e9:29:f6:bf:83:ac:1b:d0:5f: f1:ec:25:96:2d:dd:f3:ec:81:2c:03:8d:84:82:ed: d7:15:0d:77:30:c2:d5:09:3a:70:22:60:5a:23:49: cd:58:7c:32:71:17:4d:9b:bf:97:0b:b1:a4:9b:9c: 2c:ea:d2:70:08:f6:1d:69:1b:7d:80:ff:05:15:f4: 13:6b:2b:38:7b:12:db:21:92:5f:e3:27:6d:84:9e: 1c:4c:4c:cf:01:92:be:12:f0:39:6d:9d:38:d3:18: 26:57:0f:76:96:40:a5:6c:37:59:88:45:bb:0e:07: 54:38:8f:3b:98:89:17:24:05:69:3b:6d:54:7d:48: 72:69:09:74:d9:fb:bc:d5:80:f9:77:69:04:2f:0b: 9f:7d:c5:35:2d:91:09:da:03:c3:9e:ac:88:87:73: a8:69:a7:62:57:65:21:92:54:29:f3:75:c8:74:81: 55:c0:2e:e0:cc:f7:29:00:17:d1:8a:a3:44:95:ba: 93:4a:9d:40:83:91:54:ea:f8:73:4b:6a:51:21:28: f0:96:15:75:95:bf:1f:f3:d9:84:a0:86:7c:53:9a: 84:c2:da:db:1f:10:c8:e1:17:f0:59:2f:59:9b:aa: e2:e2:3a:15:19:54:0f:68:f0:2f:3c:18:31:04:c5: ea:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:94:96:45:52:0B:B8:1C:ED:5B:AF:A5:35:EA:AB:70:FD:63:38:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a080::/48 Signature Algorithm: sha256WithRSAEncryption c0:43:8f:89:64:23:e3:dc:a8:28:67:19:68:62:43:f3:c9:34: c9:c9:75:29:d8:4f:5c:9d:29:4e:a8:1a:a4:91:82:78:22:7c: 63:3c:90:23:c0:c3:0a:21:25:4e:d1:07:36:83:8c:d0:d4:7f: 64:a4:d8:dd:2a:8d:ed:03:0a:0d:66:c8:48:e6:cd:d0:95:3f: e9:e1:b1:a7:20:26:5e:e3:68:66:ca:ff:02:1d:b1:c7:4e:93: 69:48:19:32:22:f7:6d:ad:0c:dc:01:17:8e:1a:27:8c:73:62: 48:a3:a9:c1:9d:d7:cb:84:a0:40:eb:3b:a7:70:b3:de:98:55: fa:ea:a2:ba:da:3d:39:40:af:48:9b:47:14:a7:3f:35:aa:68: 70:c5:fe:cd:4d:2f:f4:48:72:77:22:9c:4a:f5:83:16:84:2d: 80:a7:b7:ff:51:eb:89:ee:54:c2:9f:f5:24:7f:b1:bd:78:d7: 3c:84:3d:37:60:f3:57:ba:48:db:e6:46:cd:44:23:9c:99:52: 1b:59:cb:d9:1c:6a:43:c2:09:35:3a:7d:5b:bc:36:1e:e5:ca: d8:b0:22:c0:36:e6:48:b9:94:14:c0:50:3d:89:f6:a0:d8:af: c0:0b:13:e9:95:a8:18:c5:3a:55:68:8c:b0:fd:cc:c5:1e:7b: 77:ca:df:0f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWAc2+LqjukkwxCC6J3fZte/WNiMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNDE1MjA1OFoX DTI1MDQyODIzNTk1OVowejFJMEcGA1UEBRNAMGNlOTJmMmY1ZjQ4YzY0MjQ4YTVi YWJlNzViNjA1YTkxZjllZjYxNDA5M2Q3YzQ0OGU4NjExNGIyYjMwMzU1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv79wWKbpKfa/g6wb0F/x7CWWLd3z 7IEsA42Egu3XFQ13MMLVCTpwImBaI0nNWHwycRdNm7+XC7Gkm5ws6tJwCPYdaRt9 gP8FFfQTays4exLbIZJf4ydthJ4cTEzPAZK+EvA5bZ040xgmVw92lkClbDdZiEW7 DgdUOI87mIkXJAVpO21UfUhyaQl02fu81YD5d2kELwuffcU1LZEJ2gPDnqyIh3Oo aadiV2UhklQp83XIdIFVwC7gzPcpABfRiqNElbqTSp1Ag5FU6vhzS2pRISjwlhV1 lb8f89mEoIZ8U5qEwtrbHxDI4RfwWS9Zm6ri4joVGVQPaPAvPBgxBMXq7QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEeUlkVSC7gc7VuvpTXqq3D9YzgcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJlYmRjMWU5LTBlNGItNDJmZi05YTI3LTgwMGI3Mzk4OTdhNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKCAMA0GCSqGSIb3DQEBCwUAA4IBAQDAQ4+JZCPj3KgoZxlo YkPzyTTJyXUp2E9cnSlOqBqkkYJ4InxjPJAjwMMKISVO0Qc2g4zQ1H9kpNjdKo3t AwoNZshI5s3QlT/p4bGnICZe42hmyv8CHbHHTpNpSBkyIvdtrQzcAReOGieMc2JI o6nBndfLhKBA6zuncLPemFX66qK62j05QK9Im0cUpz81qmhwxf7NTS/0SHJ3IpxK 9YMWhC2Ap7f/UeuJ7lTCn/Ukf7G9eNc8hD03YPNXukjb5kbNRCOcmVIbWcvZHGpD wgk1On1bvDYe5crYsCLANuZIuZQUwFA9ifag2K/ACxPplagYxTpVaIyw/czFHnt3 yt8P -----END CERTIFICATE-----Generated at Thu Apr 17 17:36:32 2025 by rpki-client