$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b07dfd7-5453-4b08-89f3-583f124643f9.roa File: 4b07dfd7-5453-4b08-89f3-583f124643f9.roa (raw, json) Hash identifier: xVLVK3T7x19cRKGWlI98v2bQwF9PEEMclsAvt0uDYDA= Subject key identifier: E5:42:B4:10:35:95:C1:2A:D7:66:E7:9E:EE:22:3B:9F:77:82:3D:26 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40F383BF72C352D7C8D9924102556EC977CBD197 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b07dfd7-5453-4b08-89f3-583f124643f9.roa Signing time: Tue 25 Mar 2025 16:40:53 +0000 ROA not before: Tue 25 Mar 2025 16:40:53 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:f3:83:bf:72:c3:52:d7:c8:d9:92:41:02:55:6e:c9:77:cb:d1:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:40:53 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=3a53ac100c96e7ba5a7bfd08f4f3892c1a11fbc7b18bc87cac8a81ed27f10f5b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:72:d0:91:f1:cd:37:da:ba:d4:9b:a5:99:fd: 57:57:cd:1e:2a:f4:b4:85:49:54:5e:d5:21:82:4d: 81:ce:12:a9:e1:bd:ee:9d:15:62:89:ae:52:66:3d: 8c:51:71:b8:82:1b:54:87:f1:d4:4a:8c:7c:5d:fa: ed:c5:16:bb:c3:b9:9b:48:ca:f6:75:a6:a6:6a:38: d1:17:9c:46:77:d0:e9:b0:74:48:60:0c:76:32:51: d3:d4:fd:0b:87:0a:20:9d:eb:ff:74:14:72:e6:bb: ba:36:9d:76:67:c9:a5:ed:14:ac:69:ac:c0:72:db: 84:de:00:e2:d6:67:d0:24:96:ca:32:bb:77:dc:7d: 8c:8e:ee:a6:66:d3:5f:78:21:f3:d7:2e:88:03:b0: fb:b4:b3:1f:ed:41:d2:2e:81:3d:93:8c:dc:dd:4d: a7:c4:5d:0b:d0:33:7a:b3:46:48:c5:40:12:81:44: 02:0f:c1:ea:1f:43:5a:23:89:77:a0:5c:7b:02:51: d5:25:91:7f:9c:33:1f:00:ec:91:2f:a5:99:2d:f6: ee:56:87:df:38:ef:e4:2b:57:4a:55:ba:d0:44:36: c1:f7:7d:31:b3:32:37:5e:43:29:89:62:78:21:46: a5:dc:70:2c:c5:e8:ec:fd:d2:bc:72:55:c5:b8:90: 4e:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:42:B4:10:35:95:C1:2A:D7:66:E7:9E:EE:22:3B:9F:77:82:3D:26 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b07dfd7-5453-4b08-89f3-583f124643f9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14::/36 Signature Algorithm: sha256WithRSAEncryption 16:ae:70:31:70:5e:1a:98:ec:38:0b:f5:c8:a2:61:ec:6a:a1: 2c:cf:ec:3f:93:07:00:d1:79:9e:f3:b1:cf:66:57:a3:ec:1a: d2:af:4a:88:e7:89:f6:13:b7:4a:ab:d7:eb:0c:3b:dc:ee:fb: a6:26:91:39:37:fd:fd:18:49:26:c2:be:22:49:6c:2a:ca:65: 30:8b:81:5e:94:02:c1:e8:dc:26:9d:4e:41:9e:cf:93:c4:43: 1a:62:ff:3d:cf:41:65:98:dd:1a:28:fc:aa:86:97:2a:0b:df: ac:4e:5f:28:1f:b8:a2:46:64:ae:b9:80:df:ce:bb:83:40:1d: 1c:a6:72:ac:2c:78:48:db:e5:3a:49:70:58:f3:9e:86:5b:d5: b8:2c:49:04:01:cd:49:a7:2b:a2:9b:0d:49:fb:7b:f6:b2:54: b1:99:7b:55:d9:c8:57:ad:3b:ed:9e:c6:ac:f3:c9:c7:4c:92: b0:5a:9a:e1:37:0e:7a:bf:9f:d3:10:b7:b2:73:c2:95:c4:07: 5f:6e:34:e1:e1:26:9e:6e:35:70:23:f7:11:b1:25:ed:d9:15: 81:2a:5a:3d:00:ae:15:2e:87:69:86:da:0c:d1:26:53:07:0b: a7:81:e6:3e:b8:78:bf:cd:0d:f5:e2:86:a7:e9:3d:20:f4:8b: 79:9c:e0:e7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQPODv3LDUtfI2ZJBAlVuyXfL0ZcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NDA1M1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAM2E1M2FjMTAwYzk2ZTdiYTVhN2Jm ZDA4ZjRmMzg5MmMxYTExZmJjN2IxOGJjODdjYWM4YTgxZWQyN2YxMGY1YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnLQkfHNN9q61Julmf1XV80eKvS0 hUlUXtUhgk2BzhKp4b3unRViia5SZj2MUXG4ghtUh/HUSox8XfrtxRa7w7mbSMr2 daamajjRF5xGd9DpsHRIYAx2MlHT1P0Lhwognev/dBRy5ru6Np12Z8ml7RSsaazA ctuE3gDi1mfQJJbKMrt33H2Mju6mZtNfeCHz1y6IA7D7tLMf7UHSLoE9k4zc3U2n xF0L0DN6s0ZIxUASgUQCD8HqH0NaI4l3oFx7AlHVJZF/nDMfAOyRL6WZLfbuVoff OO/kK1dKVbrQRDbB930xszI3XkMpiWJ4IUal3HAsxejs/dK8clXFuJBOmQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOVCtBA1lcEq12bnnu4iO593gj0mMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRiMDdkZmQ3LTU0NTMtNGIwOC04OWYzLTU4M2YxMjQ2NDNmOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFAAwDQYJKoZIhvcNAQELBQADggEBABaucDFwXhqY7DgL9cii YexqoSzP7D+TBwDReZ7zsc9mV6PsGtKvSojnifYTt0qr1+sMO9zu+6YmkTk3/f0Y SSbCviJJbCrKZTCLgV6UAsHo3CadTkGez5PEQxpi/z3PQWWY3Roo/KqGlyoL36xO XygfuKJGZK65gN/Ou4NAHRymcqwseEjb5TpJcFjznoZb1bgsSQQBzUmnK6KbDUn7 e/ayVLGZe1XZyFetO+2exqzzycdMkrBamuE3Dnq/n9MQt7JzwpXEB19uNOHhJp5u NXAj9xGxJe3ZFYEqWj0ArhUuh2mG2gzRJlMHC6eB5j64eL/NDfXihqfpPSD0i3mc 4Oc= -----END CERTIFICATE-----Generated at Thu Apr 17 17:43:36 2025 by rpki-client