$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa File: 404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa (raw, json) Hash identifier: 7UF9jYntBCi/FgkQo7ttLde1Gjp7gqVqMM3ZcfV+QrY= Subject key identifier: 6C:A1:E9:42:69:15:C2:2F:24:16:72:E2:11:31:13:A3:91:14:E6:73 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18CA8186D7E5032221713584640380C58B9A3C32 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa Signing time: Sat 12 Apr 2025 00:01:03 +0000 ROA not before: Sat 12 Apr 2025 00:01:03 +0000 ROA not after: Sat 17 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:ca:81:86:d7:e5:03:22:21:71:35:84:64:03:80:c5:8b:9a:3c:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 12 00:01:03 2025 GMT Not After : May 17 23:59:59 2025 GMT Subject: serialNumber=f4cc5f16c274f0fa4def6c4685576c792c05583a309eaca2b71bb8e2f72a7b7d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:00:25:57:1e:8d:a2:e3:ab:39:70:47:5d:ee: fb:0a:26:5b:dc:d2:66:95:ba:5e:d7:9e:b9:45:ff: 51:02:da:2a:91:c0:32:1e:86:df:88:ea:9c:b6:20: 60:ae:08:10:ae:ba:a7:ba:da:fc:37:0a:aa:a7:45: 73:ce:5a:5e:88:af:b5:4e:0e:c0:4b:78:2e:11:4b: 38:61:1c:66:0f:03:d3:f5:e5:9c:47:83:1a:94:4a: b4:aa:e1:6f:dd:58:1f:c1:d2:95:7f:c6:14:41:ab: 1d:05:27:59:46:ac:18:67:14:0c:47:d3:c3:79:20: 72:f9:22:48:40:f3:15:f6:bd:34:85:af:be:cb:13: 58:7d:c8:e4:f8:f8:2d:e9:72:fa:58:24:9c:ac:77: 11:6e:09:7f:0d:ac:a7:eb:e2:da:e4:0e:82:e6:de: cc:0a:70:32:b8:c4:26:9c:a6:af:01:0f:b1:66:2b: 36:e6:65:81:a3:71:03:17:dd:2e:65:c4:ae:d7:50: 8d:ce:2a:ed:4b:d7:c0:7d:4c:3a:43:fd:37:81:1a: ce:ab:37:a8:13:63:9c:69:c3:e2:b3:4f:59:11:40: 72:08:b4:f4:d0:18:79:4c:37:08:c5:13:a2:05:3b: 23:78:10:85:4c:bb:1f:b4:45:48:46:0e:9a:8f:5b: 9c:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:A1:E9:42:69:15:C2:2F:24:16:72:E2:11:31:13:A3:91:14:E6:73 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5::/32 Signature Algorithm: sha256WithRSAEncryption 67:d8:d0:c4:b2:c1:c2:85:82:82:cf:ac:8d:06:77:46:ba:93: f0:a1:33:b3:b1:ae:e0:f7:14:dd:8e:47:ef:60:cb:6c:ea:78: 9d:f9:c7:a9:bd:b0:1f:7f:05:7f:9c:4b:f5:bd:29:21:20:a4: f8:e3:e5:28:95:c5:50:23:c2:91:a3:02:1a:93:07:fe:e4:e4: 05:c3:f6:00:7a:6e:54:97:e3:c5:5c:1a:9a:08:84:b6:35:84: c4:13:ac:1c:39:ed:08:87:18:4d:77:c6:13:ff:7c:aa:5e:7c: 77:6c:83:a7:b4:ea:bc:62:85:0b:5e:45:f8:25:a3:61:ee:97: af:4a:34:85:d0:71:ef:29:a8:18:a5:f2:19:a1:c1:f9:33:7e: ab:b0:c3:64:13:9b:1b:99:54:8a:65:5e:72:79:c0:e2:2d:0f: c2:5a:a2:42:6b:eb:ed:c4:4d:33:b6:00:fe:c3:fc:e5:e7:10: ac:d4:f7:f6:de:97:29:d3:20:6d:10:2c:a5:53:7e:91:b0:42: 39:4f:04:56:82:9a:af:82:d6:72:3e:92:cc:70:f5:0c:24:e4: a9:ad:51:87:4b:0c:8f:a5:26:c6:cf:dd:20:3f:e3:97:c6:19: 2b:a0:9d:35:09:b2:e7:ba:a7:19:37:70:02:d7:1f:c2:03:9e: f5:39:38:45 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUGMqBhtflAyIhcTWEZAOAxYuaPDIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxMjAwMDEwM1oX DTI1MDUxNzIzNTk1OVowejFJMEcGA1UEBRNAZjRjYzVmMTZjMjc0ZjBmYTRkZWY2 YzQ2ODU1NzZjNzkyYzA1NTgzYTMwOWVhY2EyYjcxYmI4ZTJmNzJhN2I3ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAAlVx6NouOrOXBHXe77CiZb3NJm lbpe1565Rf9RAtoqkcAyHobfiOqctiBgrggQrrqnutr8Nwqqp0VzzlpeiK+1Tg7A S3guEUs4YRxmDwPT9eWcR4MalEq0quFv3VgfwdKVf8YUQasdBSdZRqwYZxQMR9PD eSBy+SJIQPMV9r00ha++yxNYfcjk+Pgt6XL6WCScrHcRbgl/Dayn6+La5A6C5t7M CnAyuMQmnKavAQ+xZis25mWBo3EDF90uZcSu11CNzirtS9fAfUw6Q/03gRrOqzeo E2OcacPis09ZEUByCLT00Bh5TDcIxROiBTsjeBCFTLsftEVIRg6aj1ucfQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFGyh6UJpFcIvJBZy4hExE6ORFOZzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQwNGIxZjA5LTU4ZWQtNGQ4Yi04Yjk1LThkZmUzZDgzMzQyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba9TANBgkqhkiG9w0BAQsFAAOCAQEAZ9jQxLLBwoWCgs+sjQZ3 RrqT8KEzs7Gu4PcU3Y5H72DLbOp4nfnHqb2wH38Ff5xL9b0pISCk+OPlKJXFUCPC kaMCGpMH/uTkBcP2AHpuVJfjxVwamgiEtjWExBOsHDntCIcYTXfGE/98ql58d2yD p7TqvGKFC15F+CWjYe6Xr0o0hdBx7ymoGKXyGaHB+TN+q7DDZBObG5lUimVecnnA 4i0PwlqiQmvr7cRNM7YA/sP85ecQrNT39t6XKdMgbRAspVN+kbBCOU8EVoKar4LW cj6SzHD1DCTkqa1Rh0sMj6Umxs/dID/jl8YZK6CdNQmy57qnGTdwAtcfwgOe9Tk4 RQ== -----END CERTIFICATE-----Generated at Thu Apr 17 18:11:51 2025 by rpki-client