$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa File: 2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa (raw, json) Hash identifier: 2OBK9Zo9l3Jo0WlHNqPs1G5PIfpCaMqfhZ4JEQRJdc0= Subject key identifier: 9B:BD:E4:63:30:A7:F5:ED:88:D8:59:D3:78:39:8E:A5:D8:E5:8E:45 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 316BDA98A5E39EC79289926E506DC1AAB901967E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa Signing time: Tue 25 Mar 2025 00:21:02 +0000 ROA not before: Tue 25 Mar 2025 00:21:02 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:b040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:6b:da:98:a5:e3:9e:c7:92:89:92:6e:50:6d:c1:aa:b9:01:96:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:21:02 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=5d72d071c7fd3bbc00b70562c5adfa7a59fd7a7dafccd90e8848e5175e7c3fbf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:b6:91:2b:9e:d9:7c:d8:4f:9d:7f:a9:7b:2e: 72:98:18:57:9b:e9:32:61:61:fc:a5:c6:53:34:c4: d8:38:f5:12:f8:3e:ce:75:f5:5d:7f:1f:c6:49:c5: 1c:a7:9c:05:02:d8:9f:a8:93:27:6c:29:d4:f0:4b: 4f:f0:70:5c:9e:04:f0:0d:1a:85:67:44:3f:a0:8e: 1f:81:90:62:04:48:8d:8e:69:b5:f1:46:a3:44:41: 71:a4:3c:0e:cd:f7:e1:74:a5:34:d9:96:55:bf:79: d7:89:68:06:b7:f3:d0:e3:6f:08:28:5a:52:61:86: 4d:6c:c6:94:c6:80:78:50:68:f6:6d:7b:cf:6d:8b: 1d:c1:a0:f3:21:c2:05:33:35:d1:34:77:cf:a3:ec: b0:6b:53:d0:25:b4:e6:79:43:c6:ae:2f:32:5e:e9: 43:3e:c9:5b:ad:a0:a9:74:23:00:26:e3:5f:e0:1b: 07:d4:5a:56:17:26:a2:50:ed:44:37:ed:d2:f4:b1: 0c:f2:30:e3:a9:9b:52:ce:0e:ec:3b:23:85:43:18: 94:7a:bc:9e:a7:1d:2f:ff:22:d2:43:ed:71:f1:ae: 44:72:35:59:59:75:e0:fa:04:ab:fd:76:4b:8f:21: 7e:40:d9:b8:41:e9:27:32:25:77:1a:5d:22:34:9b: 48:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:BD:E4:63:30:A7:F5:ED:88:D8:59:D3:78:39:8E:A5:D8:E5:8E:45 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:b040::/48 Signature Algorithm: sha256WithRSAEncryption 93:bb:7a:89:42:65:02:d1:90:de:c4:52:74:33:96:31:1c:35: e7:e4:1d:fd:9f:77:b1:77:9d:d8:81:fa:11:a4:e2:5c:72:8a: 87:d1:10:48:0e:fa:0a:ee:b7:6d:71:57:77:df:86:8b:60:79: 8f:1e:da:7d:1d:9f:e7:4d:83:de:7b:00:45:0a:fc:d4:5d:8a: 6a:9c:c2:4f:d7:1e:b9:a2:fd:9e:3d:93:78:66:e6:ce:9c:6f: 26:73:31:27:b0:45:84:23:7a:94:aa:dd:b0:10:87:0c:49:8b: 2c:c2:28:94:56:83:26:43:ab:64:b1:11:92:47:7e:a4:c2:11: 48:38:45:3f:17:fb:7a:cd:c0:72:51:3c:fe:50:5b:c6:13:1d: 04:70:4f:55:ed:5b:46:2d:5a:60:dd:9c:cb:54:ff:d5:5d:83: 53:34:68:60:e0:4b:82:15:27:5e:79:ac:63:b6:c5:82:30:1f: 58:fa:88:06:40:c5:f5:c3:0d:36:08:88:05:e1:cb:e8:99:67: 26:fd:5e:00:c4:82:d2:f8:88:28:c7:45:41:da:33:d7:3d:b9: c3:6a:18:ce:b5:d0:64:5f:96:4a:8d:29:5c:fd:dc:c9:55:81: f6:8b:30:81:6c:d4:77:49:d6:82:7c:30:72:ee:a2:f8:ea:f0: 6f:05:8a:32 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMWvamKXjnseSiZJuUG3BqrkBln4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwMjEwMloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANWQ3MmQwNzFjN2ZkM2JiYzAwYjcw NTYyYzVhZGZhN2E1OWZkN2E3ZGFmY2NkOTBlODg0OGU1MTc1ZTdjM2ZiZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LaRK57ZfNhPnX+pey5ymBhXm+ky YWH8pcZTNMTYOPUS+D7OdfVdfx/GScUcp5wFAtifqJMnbCnU8EtP8HBcngTwDRqF Z0Q/oI4fgZBiBEiNjmm18UajREFxpDwOzffhdKU02ZZVv3nXiWgGt/PQ428IKFpS YYZNbMaUxoB4UGj2bXvPbYsdwaDzIcIFMzXRNHfPo+ywa1PQJbTmeUPGri8yXulD PslbraCpdCMAJuNf4BsH1FpWFyaiUO1EN+3S9LEM8jDjqZtSzg7sOyOFQxiUerye px0v/yLSQ+1x8a5EcjVZWXXg+gSr/XZLjyF+QNm4QeknMiV3Gl0iNJtI3QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJu95GMwp/XtiNhZ03g5jqXY5Y5FMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJmNzIyZWQxLWMyZDMtNGYzNC05M2RiLWYyNjI1ZTdlMTg5YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8rBAMA0GCSqGSIb3DQEBCwUAA4IBAQCTu3qJQmUC0ZDexFJ0 M5YxHDXn5B39n3exd53YgfoRpOJccoqH0RBIDvoK7rdtcVd334aLYHmPHtp9HZ/n TYPeewBFCvzUXYpqnMJP1x65ov2ePZN4ZubOnG8mczEnsEWEI3qUqt2wEIcMSYss wiiUVoMmQ6tksRGSR36kwhFIOEU/F/t6zcByUTz+UFvGEx0EcE9V7VtGLVpg3ZzL VP/VXYNTNGhg4EuCFSdeeaxjtsWCMB9Y+ogGQMX1ww02CIgF4cvomWcm/V4AxILS +Igox0VB2jPXPbnDahjOtdBkX5ZKjSlc/dzJVYH2izCBbNR3SdaCfDBy7qL46vBv BYoy -----END CERTIFICATE-----Generated at Thu Apr 17 17:24:36 2025 by rpki-client