$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa File: 49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa (raw, json) Hash identifier: 4DkXLpZ9B9zFaWIVPAWLTP9Qc4ZFue70kMLdxPoU/rk= Subject key identifier: 11:69:20:5D:A1:88:93:74:39:95:63:25:6A:A3:F4:69:33:16:FF:5A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7836C386BC3E5BCD1FE0EFE23B61E63D19681838 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa Signing time: Tue 25 Mar 2025 16:31:24 +0000 ROA not before: Tue 25 Mar 2025 16:31:24 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:36:c3:86:bc:3e:5b:cd:1f:e0:ef:e2:3b:61:e6:3d:19:68:18:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:31:24 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=b32c1285ff51f3bdc3a1c3601abf4083d44dad940b8d4f8f28be352c4934bd72, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2b:a6:97:63:58:90:7f:59:62:e2:7b:07:45: a2:7f:39:8e:19:e9:8b:65:e0:3b:e6:a1:a3:94:3d: 99:8a:7b:8e:a0:70:24:15:d2:c3:f3:dc:07:39:ef: 3a:38:a3:b2:52:35:e4:88:32:e3:e7:c3:2b:20:b8: 8d:ec:2d:b3:4c:df:a6:77:11:09:0d:f0:9a:01:6d: 66:fa:76:1e:b1:13:e5:8e:c7:57:9c:70:38:a3:09: a1:38:27:da:e8:e3:fe:e3:b5:23:46:ac:be:b3:d2: ea:9f:2b:95:7b:ef:12:bf:6b:fa:da:2d:c9:33:00: 09:c4:f8:e9:a1:f9:da:7b:e9:c6:2a:b8:17:0d:a5: cb:f6:bd:23:e9:5c:d7:f5:8a:64:48:27:c9:fa:8b: 51:68:5b:fb:27:9d:e3:9f:82:d2:18:74:82:b6:4d: d7:d6:5a:9b:77:07:85:a4:97:b0:85:fb:18:9d:7b: c2:fb:41:96:fb:b7:c6:8a:66:43:e3:58:64:73:45: 85:43:15:ee:f2:4a:d7:7d:f0:8d:07:34:3f:b6:c2: f4:9d:ea:ce:b1:8d:d4:06:58:3f:02:fe:42:d1:2b: 1e:a1:40:b2:32:3e:d5:92:45:a3:16:1f:25:11:f4: f7:df:c1:d6:33:17:ce:c0:57:a0:b6:99:ff:dc:6d: 45:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:69:20:5D:A1:88:93:74:39:95:63:25:6A:A3:F4:69:33:16:FF:5A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:4800::/40 Signature Algorithm: sha256WithRSAEncryption 31:d4:6f:cd:96:3b:1d:5d:f9:6b:f9:35:63:fd:88:be:c6:11: 08:56:5f:6f:bd:2c:21:2e:9e:e4:db:27:8c:eb:0c:33:15:41: 56:10:63:40:3c:d9:19:56:34:58:6c:d3:c6:33:0e:35:8a:d2: de:ad:51:ed:fa:49:64:e8:8c:eb:d1:0f:b9:1e:63:f7:53:28: 43:89:67:dd:2e:bd:72:a8:eb:b5:43:14:5f:40:b1:fb:3e:00: be:48:0d:7c:52:08:36:89:da:f1:30:d2:68:7f:5b:bd:e6:10: a1:37:a9:98:ce:26:3a:ec:65:dd:3c:4c:47:32:02:ef:12:ae: b6:7c:3b:c4:30:6f:53:d9:f2:de:ed:ad:05:57:fb:d2:7f:8d: 0d:6e:49:2d:47:47:92:d2:bd:c1:4a:3b:db:02:7c:0e:93:a9: 00:3c:f6:3b:c0:d2:af:4f:30:b6:de:bc:5d:37:10:9d:cb:d2: af:39:6e:91:80:48:0f:67:ba:92:9e:e6:f2:25:f7:f6:9e:04: 6f:eb:7a:cc:ba:d1:db:6d:c6:0b:ab:68:c7:23:6e:f8:2e:c9: 21:d5:2e:d7:5d:b8:36:4b:c9:0e:ca:17:e4:c7:05:56:f2:25: 63:dc:2c:fc:ee:f9:33:11:98:48:8d:99:a4:9e:b0:4a:71:bb: 3e:63:79:2c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeDbDhrw+W80f4O/iO2HmPRloGDgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MzEyNFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYjMyYzEyODVmZjUxZjNiZGMzYTFj MzYwMWFiZjQwODNkNDRkYWQ5NDBiOGQ0ZjhmMjhiZTM1MmM0OTM0YmQ3MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyuml2NYkH9ZYuJ7B0WifzmOGemL ZeA75qGjlD2ZinuOoHAkFdLD89wHOe86OKOyUjXkiDLj58MrILiN7C2zTN+mdxEJ DfCaAW1m+nYesRPljsdXnHA4owmhOCfa6OP+47UjRqy+s9LqnyuVe+8Sv2v62i3J MwAJxPjpofnae+nGKrgXDaXL9r0j6VzX9YpkSCfJ+otRaFv7J53jn4LSGHSCtk3X 1lqbdweFpJewhfsYnXvC+0GW+7fGimZD41hkc0WFQxXu8krXffCNBzQ/tsL0nerO sY3UBlg/Av5C0SseoUCyMj7VkkWjFh8lEfT338HWMxfOwFegtpn/3G1FMQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBFpIF2hiJN0OZVjJWqj9GkzFv9aMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YzdlZTkzLTM2NTUtNGNhOS04ODk3LWM4ZTNkMWQwZjllYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9kgwDQYJKoZIhvcNAQELBQADggEBADHUb82WOx1d+Wv5NWP9 iL7GEQhWX2+9LCEunuTbJ4zrDDMVQVYQY0A82RlWNFhs08YzDjWK0t6tUe36SWTo jOvRD7keY/dTKEOJZ90uvXKo67VDFF9Asfs+AL5IDXxSCDaJ2vEw0mh/W73mEKE3 qZjOJjrsZd08TEcyAu8SrrZ8O8Qwb1PZ8t7trQVX+9J/jQ1uSS1HR5LSvcFKO9sC fA6TqQA89jvA0q9PMLbevF03EJ3L0q85bpGASA9nupKe5vIl9/aeBG/resy60dtt xguraMcjbvguySHVLtdduDZLyQ7KF+THBVbyJWPcLPzu+TMRmEiNmaSesEpxuz5j eSw= -----END CERTIFICATE-----Generated at Thu Apr 17 17:48:18 2025 by rpki-client