$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa File: 328cea91-878c-4f36-ad16-29b649a79487.roa (raw, json) Hash identifier: OLu3fRrIU+BG5MwBRyGbGMjx+MyKsaGtkmIjmD03rqs= Subject key identifier: 89:C0:10:37:DF:A3:FC:F5:5A:31:D2:B5:E3:3A:E7:E7:0A:3A:9D:EB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 12D4AB1EC1EBD1E839A157B952F2DD1E2A3359C2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa Signing time: Tue 25 Mar 2025 15:20:57 +0000 ROA not before: Tue 25 Mar 2025 15:20:57 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:d4:ab:1e:c1:eb:d1:e8:39:a1:57:b9:52:f2:dd:1e:2a:33:59:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:20:57 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=e3dd1ad7a07d84d9af661adf1e2d99c23b5560369f365c0eb8a907c411b910be, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:02:2d:13:1d:c8:13:d1:d1:41:2d:78:50:b0: 4b:f0:f9:73:f7:92:d2:f9:4e:8c:0d:99:b7:a9:da: d7:a7:e7:bd:c9:f6:94:28:50:ad:d3:66:15:6f:57: 87:4d:5b:8b:2b:f9:b4:78:f0:2e:1c:93:05:c4:c4: 7a:66:2f:7e:82:5d:9c:c8:24:ca:52:e3:4c:57:43: 91:18:0f:5f:11:aa:2c:69:5c:7d:60:fe:91:f7:52: 61:3e:74:85:9a:cf:68:fc:6c:6a:13:b4:79:33:84: 8b:f5:24:a1:1a:41:10:2b:89:43:18:e2:90:53:d6: f7:c8:af:91:8d:54:4b:ad:53:fc:cc:a9:7b:26:ea: dc:6b:9b:07:c1:5e:07:eb:db:4e:6d:8b:af:66:06: 99:6a:4b:55:83:3e:69:f4:1c:3b:4b:cb:7b:04:ba: 00:0f:c6:bc:80:5d:a5:d4:42:c8:75:26:a8:7a:e9: bc:d2:5b:2f:d9:0e:f4:27:3a:68:4f:63:d5:c8:f0: c9:d1:56:b7:16:b0:12:6f:e8:70:97:b0:76:6a:f3: b8:76:69:f4:f6:15:13:59:f5:f3:e8:21:4f:a8:36: f6:c2:55:b1:14:fe:e5:10:38:1b:40:83:08:60:5f: c1:65:a1:0e:69:1b:f9:16:82:06:55:1c:d0:7e:fc: dd:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:C0:10:37:DF:A3:FC:F5:5A:31:D2:B5:E3:3A:E7:E7:0A:3A:9D:EB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption 59:cb:59:61:3b:be:2e:43:e7:88:6a:dc:16:ad:34:1f:6e:28: f5:7c:cd:40:a2:5f:67:2d:27:5c:86:18:57:f4:68:2f:a1:fb: 6a:45:5f:fd:0c:4b:9e:f4:c8:51:d9:70:7d:e2:40:87:23:52: a0:47:4e:13:35:f8:72:bf:40:67:45:e6:1e:32:83:29:43:9d: 7f:cb:57:46:e5:29:de:35:44:13:dd:e4:1c:99:0a:37:68:c2: a7:e0:7e:f4:ce:d2:d1:95:98:0e:96:f9:ce:67:0c:46:a0:95: cf:9c:ac:7e:1b:c0:56:4f:ba:0f:5d:cf:ab:69:8c:e0:3b:e4: 3e:be:a8:90:1d:af:42:b2:be:29:c4:7e:0b:18:00:57:7b:b5: f2:e0:bb:3f:90:b9:2a:88:01:8b:13:60:d2:e6:b6:f7:5f:a8: 4c:96:94:ef:c3:d4:c9:11:26:8f:07:dc:b2:3f:f6:58:d0:91: c7:5b:20:3d:b7:98:bb:08:2e:49:8d:a8:fe:fc:03:31:ab:58: 57:d5:ca:d5:3d:cd:b5:79:1d:e7:bd:fb:5b:e7:df:fc:6c:51: b6:4b:00:f9:5f:37:f3:71:ee:99:c8:8d:bd:13:60:db:54:ad: 48:c2:8a:57:e4:dc:41:fd:80:9e:0d:6c:6b:21:18:5a:68:0b: 16:e2:23:29 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEtSrHsHr0eg5oVe5UvLdHiozWcIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MjA1N1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZTNkZDFhZDdhMDdkODRkOWFmNjYx YWRmMWUyZDk5YzIzYjU1NjAzNjlmMzY1YzBlYjhhOTA3YzQxMWI5MTBiZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAItEx3IE9HRQS14ULBL8Plz95LS +U6MDZm3qdrXp+e9yfaUKFCt02YVb1eHTVuLK/m0ePAuHJMFxMR6Zi9+gl2cyCTK UuNMV0ORGA9fEaosaVx9YP6R91JhPnSFms9o/GxqE7R5M4SL9SShGkEQK4lDGOKQ U9b3yK+RjVRLrVP8zKl7Jurca5sHwV4H69tObYuvZgaZaktVgz5p9Bw7S8t7BLoA D8a8gF2l1ELIdSaoeum80lsv2Q70JzpoT2PVyPDJ0Va3FrASb+hwl7B2avO4dmn0 9hUTWfXz6CFPqDb2wlWxFP7lEDgbQIMIYF/BZaEOaRv5FoIGVRzQfvzdaQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFInAEDffo/z1WjHSteM65+cKOp3rMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyOGNlYTkxLTg3OGMtNGYzNi1hZDE2LTI5YjY0OWE3OTQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8jAMA0GCSqGSIb3DQEBCwUAA4IBAQBZy1lhO74uQ+eIatwW rTQfbij1fM1Aol9nLSdchhhX9GgvoftqRV/9DEue9MhR2XB94kCHI1KgR04TNfhy v0BnReYeMoMpQ51/y1dG5SneNUQT3eQcmQo3aMKn4H70ztLRlZgOlvnOZwxGoJXP nKx+G8BWT7oPXc+raYzgO+Q+vqiQHa9Csr4pxH4LGABXe7Xy4Ls/kLkqiAGLE2DS 5rb3X6hMlpTvw9TJESaPB9yyP/ZY0JHHWyA9t5i7CC5Jjaj+/AMxq1hX1crVPc21 eR3nvftb59/8bFG2SwD5Xzfzce6ZyI29E2DbVK1IwopX5NxB/YCeDWxrIRhaaAsW 4iMp -----END CERTIFICATE-----Generated at Thu Apr 17 18:04:52 2025 by rpki-client