$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42ad6457-9831-48b3-bc79-de5f9459d461.roa File: 42ad6457-9831-48b3-bc79-de5f9459d461.roa (raw, json) Hash identifier: 9M8tnhWnYU4Dl9F/CoEssqSRr8TCKk7fKXVDaUgDYiY= Subject key identifier: 16:1F:22:28:4D:15:B6:7B:CA:85:B9:B6:31:FF:E4:E0:8F:60:FB:D8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 34B359A990B437AFC7ABB8F7EEBD72B815909EC6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42ad6457-9831-48b3-bc79-de5f9459d461.roa Signing time: Tue 25 Mar 2025 16:40:18 +0000 ROA not before: Tue 25 Mar 2025 16:40:18 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:b3:59:a9:90:b4:37:af:c7:ab:b8:f7:ee:bd:72:b8:15:90:9e:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:40:18 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=2eae44c79f0b9d5cca8d957c133a1589eafc1c4874c1cc17af80ce2e8fbd15ec, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:35:75:3c:4d:b4:ac:f0:af:d1:aa:84:3d:05: 3f:a7:6b:ea:c3:5a:2b:50:44:df:40:34:04:1e:b7: 82:35:eb:09:2b:6e:33:8e:4e:d6:fd:f8:0f:e4:95: ff:82:d4:56:78:0b:c3:57:17:10:31:19:50:20:c2: cc:d4:22:08:72:62:63:8e:1f:e9:40:ae:e6:04:1c: 59:d8:af:81:8e:c9:d8:e9:f7:bc:fd:cc:ac:df:ce: 95:78:2c:31:68:a6:f3:2b:6d:62:03:99:7f:96:f2: 83:de:c6:49:a1:94:46:43:10:a3:59:f9:ca:31:8a: 50:06:67:08:7d:7a:72:a6:6b:91:4a:b4:45:43:38: e4:c6:94:05:fa:80:0b:99:1c:c2:39:1c:25:42:bd: bc:5d:4f:d3:26:ac:6d:56:a2:f3:c1:a8:bf:6f:72: 34:c5:90:42:35:50:22:90:c4:25:10:25:7b:3d:8a: 55:8d:70:db:74:98:5c:57:e7:01:e0:16:ad:43:2c: 7e:47:78:9c:87:80:b3:72:ea:f2:3f:9b:3b:9b:b0: 9c:31:e0:f2:cd:be:82:1a:95:d2:94:0d:62:cc:34: ae:02:00:a5:8d:ce:14:2a:bc:ca:41:cd:5c:00:05: f7:85:15:34:5e:36:bb:16:ff:dd:c3:52:a1:36:bc: 43:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:1F:22:28:4D:15:B6:7B:CA:85:B9:B6:31:FF:E4:E0:8F:60:FB:D8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42ad6457-9831-48b3-bc79-de5f9459d461.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12:8000::/36 Signature Algorithm: sha256WithRSAEncryption 62:c8:ae:49:47:2a:fd:d9:9c:8f:d4:19:a7:af:7e:59:0d:6c: 5c:4e:5a:3f:94:68:e1:8a:08:15:88:9b:43:cc:18:6d:c4:20: e2:a9:7f:ba:0f:99:23:c2:71:a2:ab:83:5e:3e:05:b4:ed:98: 41:d7:7b:c4:06:26:a8:38:32:2a:f7:b7:e3:05:29:3c:bd:8b: ac:99:9c:bb:78:cb:bd:52:72:18:b7:9f:1c:36:05:fb:c1:29: 28:ae:7a:ce:db:b2:e5:63:74:de:b5:b2:0a:0d:16:38:97:1d: c8:9b:15:01:d6:82:a5:1e:e3:6c:f4:ce:7d:04:15:c0:9a:fb: a5:46:9c:b6:f1:d3:0f:38:3a:3f:fa:9f:7b:e3:ac:48:9f:b1: 06:d2:d4:c7:3a:42:a0:ea:fa:58:6d:24:ec:19:f0:3f:62:f0: be:fd:d0:a4:20:5d:ec:63:ae:d3:2e:38:e2:23:23:86:d9:d4: b9:97:fc:f6:f9:ff:06:0b:6d:cb:41:98:6a:1a:04:e3:76:0a: 84:ad:3e:29:19:cd:3b:0e:10:22:80:4a:18:bf:9d:78:8f:bd: 8c:b2:8a:fb:71:e5:48:a9:69:09:88:3d:fa:25:04:42:b8:21: 21:2e:fa:2c:82:d5:11:82:7a:df:8a:40:b3:5b:af:85:73:f1: 5a:3c:72:5a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNLNZqZC0N6/Hq7j37r1yuBWQnsYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NDAxOFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMmVhZTQ0Yzc5ZjBiOWQ1Y2NhOGQ5 NTdjMTMzYTE1ODllYWZjMWM0ODc0YzFjYzE3YWY4MGNlMmU4ZmJkMTVlYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TV1PE20rPCv0aqEPQU/p2vqw1or UETfQDQEHreCNesJK24zjk7W/fgP5JX/gtRWeAvDVxcQMRlQIMLM1CIIcmJjjh/p QK7mBBxZ2K+BjsnY6fe8/cys386VeCwxaKbzK21iA5l/lvKD3sZJoZRGQxCjWfnK MYpQBmcIfXpypmuRSrRFQzjkxpQF+oALmRzCORwlQr28XU/TJqxtVqLzwai/b3I0 xZBCNVAikMQlECV7PYpVjXDbdJhcV+cB4BatQyx+R3ich4CzcuryP5s7m7CcMeDy zb6CGpXSlA1izDSuAgCljc4UKrzKQc1cAAX3hRU0Xja7Fv/dw1KhNrxDTwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBYfIihNFbZ7yoW5tjH/5OCPYPvYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyYWQ2NDU3LTk4MzEtNDhiMy1iYzc5LWRlNWY5NDU5ZDQ2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaEoAwDQYJKoZIhvcNAQELBQADggEBAGLIrklHKv3ZnI/UGaev flkNbFxOWj+UaOGKCBWIm0PMGG3EIOKpf7oPmSPCcaKrg14+BbTtmEHXe8QGJqg4 Mir3t+MFKTy9i6yZnLt4y71Schi3nxw2BfvBKSiues7bsuVjdN61sgoNFjiXHcib FQHWgqUe42z0zn0EFcCa+6VGnLbx0w84Oj/6n3vjrEifsQbS1Mc6QqDq+lhtJOwZ 8D9i8L790KQgXexjrtMuOOIjI4bZ1LmX/Pb5/wYLbctBmGoaBON2CoStPikZzTsO ECKAShi/nXiPvYyyivtx5UipaQmIPfolBEK4ISEu+iyC1RGCet+KQLNbr4Vz8Vo8 clo= -----END CERTIFICATE-----Generated at Thu Apr 17 18:09:26 2025 by rpki-client