$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa File: 3cf33701-1ea5-43c6-b291-763d0e06817e.roa (raw, json) Hash identifier: KZGHipJSFQRnq01MrJlHdygKFkWwlHJ9u/9uiWgFNVk= Subject key identifier: 6C:66:F0:2B:22:B4:30:6B:DA:DC:6E:EE:09:82:F8:17:FA:94:D3:6D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7641D1740A7064531E835E79CC3E275F9C584139 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa Signing time: Tue 25 Mar 2025 16:41:08 +0000 ROA not before: Tue 25 Mar 2025 16:41:08 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:41:d1:74:0a:70:64:53:1e:83:5e:79:cc:3e:27:5f:9c:58:41:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:41:08 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=fb624fab6e6b55ea5873797197d75ef3a7e78c673b7b6fe541da71fe017088a1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:cc:aa:4d:84:df:b8:6c:80:c0:a4:b1:c2:b2: e4:38:55:a5:9c:32:ec:76:51:c5:d4:74:74:27:a7: 3d:30:fa:75:36:09:98:03:f7:04:3e:2c:84:26:69: ab:72:25:d8:cb:bf:1d:01:d0:57:93:fd:91:e0:36: 69:21:f1:cc:d9:51:14:85:e4:a8:41:b9:27:03:0d: fd:0e:69:a5:d0:b1:ab:c0:3b:ca:17:17:ab:05:bc: 64:c2:69:4a:5e:79:81:8e:11:ff:4c:9e:8a:c3:88: d4:99:9d:f6:d9:56:f7:d9:34:2d:85:61:05:0b:94: ae:87:3e:41:be:0d:dd:ad:e6:70:c1:79:34:b9:eb: c0:56:98:3b:3d:8c:7b:21:f8:ee:0b:33:2a:f8:8f: 4f:04:e0:9e:42:7d:d4:d9:da:c5:d9:2c:3a:8e:69: 28:d0:a1:c8:c4:3f:09:f6:93:cc:a5:8b:2f:84:da: 11:27:36:ca:79:ef:1e:dd:e4:f4:a7:c4:fd:7e:db: d9:6f:e5:39:53:c5:f6:a9:10:94:53:ff:9e:ca:dd: 90:11:e8:e6:e0:ff:c0:6a:a7:d0:b9:68:bc:97:e1: db:ea:36:93:b9:46:82:ba:88:af:55:1f:83:66:05: b4:8b:c7:ad:04:b8:d9:4a:82:c7:df:cf:c2:7a:d6: 6b:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:66:F0:2B:22:B4:30:6B:DA:DC:6E:EE:09:82:F8:17:FA:94:D3:6D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:400::/38 Signature Algorithm: sha256WithRSAEncryption 71:ca:e1:10:1e:74:4c:b7:a7:77:f8:1f:70:01:bd:38:00:99: 50:fd:8c:ed:08:5b:1c:fc:4a:45:f3:b4:48:4e:03:fe:ce:ad: 0e:f8:08:22:7b:7f:22:c7:d9:dc:1a:b4:81:95:76:55:23:dc: 60:08:e0:6c:a4:d3:8d:ca:19:89:6d:68:8e:53:04:23:23:1e: 2a:38:ab:f7:7d:58:ef:ea:c5:3b:00:51:31:00:18:90:a6:16: e2:3b:be:b4:46:e0:90:13:98:7c:bf:fc:7f:ee:77:18:5b:3f: ae:de:db:1f:0b:bb:2e:bb:cd:43:50:dd:76:0a:ef:ea:f7:62: 82:6e:5a:90:e6:3a:fc:d8:a5:ee:20:72:96:69:7a:f9:c9:64: c6:e0:17:76:db:72:5e:08:7c:61:55:5a:2f:57:9a:ff:7d:91: c1:7e:71:b9:f4:31:07:65:df:2d:b0:8a:c1:70:24:98:bf:9b: 95:e2:a3:25:14:32:ae:f0:f9:c8:41:a9:38:01:3d:22:94:f3: bb:5c:84:45:87:fd:06:e2:e5:7a:54:a4:93:86:4a:1b:40:81: d7:b6:ac:4a:1d:be:a5:e1:65:f9:f5:b3:57:64:f4:2b:ae:7e: 09:87:89:48:95:e0:d9:62:8e:0c:e9:55:5e:99:c7:4c:17:7c: 09:39:07:a4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdkHRdApwZFMeg155zD4nX5xYQTkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NDEwOFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZmI2MjRmYWI2ZTZiNTVlYTU4NzM3 OTcxOTdkNzVlZjNhN2U3OGM2NzNiN2I2ZmU1NDFkYTcxZmUwMTcwODhhMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8yqTYTfuGyAwKSxwrLkOFWlnDLs dlHF1HR0J6c9MPp1NgmYA/cEPiyEJmmrciXYy78dAdBXk/2R4DZpIfHM2VEUheSo QbknAw39Dmml0LGrwDvKFxerBbxkwmlKXnmBjhH/TJ6Kw4jUmZ322Vb32TQthWEF C5Suhz5Bvg3dreZwwXk0uevAVpg7PYx7IfjuCzMq+I9PBOCeQn3U2drF2Sw6jmko 0KHIxD8J9pPMpYsvhNoRJzbKee8e3eT0p8T9ftvZb+U5U8X2qRCUU/+eyt2QEejm 4P/AaqfQuWi8l+Hb6jaTuUaCuoivVR+DZgW0i8etBLjZSoLH38/CetZraQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGxm8CsitDBr2txu7gmC+Bf6lNNtMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNjZjMzNzAxLTFlYTUtNDNjNi1iMjkxLTc2M2QwZTA2ODE3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHAQwDQYJKoZIhvcNAQELBQADggEBAHHK4RAedEy3p3f4H3AB vTgAmVD9jO0IWxz8SkXztEhOA/7OrQ74CCJ7fyLH2dwatIGVdlUj3GAI4Gyk043K GYltaI5TBCMjHio4q/d9WO/qxTsAUTEAGJCmFuI7vrRG4JATmHy//H/udxhbP67e 2x8Luy67zUNQ3XYK7+r3YoJuWpDmOvzYpe4gcpZpevnJZMbgF3bbcl4IfGFVWi9X mv99kcF+cbn0MQdl3y2wisFwJJi/m5XioyUUMq7w+chBqTgBPSKU87tchEWH/Qbi 5XpUpJOGShtAgde2rEodvqXhZfn1s1dk9CuufgmHiUiV4NlijgzpVV6Zx0wXfAk5 B6Q= -----END CERTIFICATE-----Generated at Thu Apr 17 17:50:40 2025 by rpki-client