$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/524bbb59-fe5b-477a-80a0-854f6932264e.roa File: 524bbb59-fe5b-477a-80a0-854f6932264e.roa (raw, json) Hash identifier: 6zkqoMYa/GgBlJlzvB2EJUvLNjYJ4Wvz2FpwdqSSVo8= Subject key identifier: 67:CF:F9:BF:B6:16:9A:68:D9:32:83:30:B2:AE:C7:55:E2:03:9D:B1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 61D1987ADFA6EA8D12BBBAC2DEA318CAA5655413 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/524bbb59-fe5b-477a-80a0-854f6932264e.roa Signing time: Tue 25 Mar 2025 15:11:00 +0000 ROA not before: Tue 25 Mar 2025 15:11:00 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c060::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:d1:98:7a:df:a6:ea:8d:12:bb:ba:c2:de:a3:18:ca:a5:65:54:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:11:00 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=d9917476a8ec34270e15ff7cc4b3af075f3153f67864ff649f6cf0c66972f4c2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:57:d5:05:ef:61:9b:99:be:2b:70:4e:eb:c0: 88:39:b5:31:ad:77:d7:f0:b9:b5:db:91:19:07:16: b7:88:db:36:3f:3e:f3:19:43:50:5f:03:1e:69:57: 10:e9:5d:b8:9a:6b:e0:e4:12:64:9d:bc:c4:eb:76: ea:35:d4:aa:b7:7f:33:2b:48:5a:f6:48:a4:ea:9b: d3:79:5d:04:63:e9:e1:c8:a5:8c:b1:8e:42:ab:61: b8:09:44:b7:03:b1:a2:bd:a4:7d:df:05:f8:07:a8: 9c:db:ef:41:23:b1:3a:ed:b9:8a:55:e2:ed:68:64: 6a:50:f7:2c:fc:91:d4:50:8b:ca:e7:b2:14:68:06: a8:16:5d:85:03:08:f4:0b:6a:98:6c:30:cb:08:e2: c3:fe:06:bc:75:e1:88:c9:87:c7:f0:08:2d:af:c9: 7a:8e:b6:39:4f:3f:53:23:6b:16:fb:21:bb:5e:52: 31:eb:09:0c:0c:3f:c1:e6:b9:ec:1a:74:a1:60:a5: bd:af:eb:eb:ec:9e:60:8a:5e:2d:33:d1:c6:c4:f5: ed:70:c1:d1:2e:ad:75:1b:e8:22:7b:da:2e:d2:de: 76:a4:eb:ba:0b:22:d1:52:35:eb:88:7c:30:0e:cd: 82:09:e7:d6:00:bd:bb:37:df:77:6f:ed:3a:2e:2b: 6c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:CF:F9:BF:B6:16:9A:68:D9:32:83:30:B2:AE:C7:55:E2:03:9D:B1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/524bbb59-fe5b-477a-80a0-854f6932264e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c060::/48 Signature Algorithm: sha256WithRSAEncryption 51:a2:fe:f8:a1:56:22:5c:5e:8d:9f:20:c8:73:b4:4d:80:0d: 35:e1:2b:fe:b9:1f:12:8e:5a:f7:c2:51:a6:dc:9a:bd:86:78: 21:97:8f:ed:d9:0b:37:27:ac:f0:33:cd:3a:96:84:3e:7b:f4: 65:ae:de:47:89:59:cb:01:92:e1:61:66:c7:6b:65:1f:cc:4d: b7:53:6c:88:31:d2:57:0a:46:24:b4:aa:ca:85:79:47:c9:a0: 91:0c:1b:82:55:15:65:2a:72:37:48:62:d6:8b:98:08:37:ea: 95:cb:65:d8:0c:4e:2a:5e:e6:d6:2b:3b:ca:31:ee:50:ab:25: b7:e2:07:47:2d:a5:68:26:2a:55:7c:04:49:f4:97:2a:74:06: fd:ac:06:1d:59:ef:44:5e:9c:02:be:88:68:4d:a2:83:97:5e: 3f:4e:57:50:89:09:3b:b6:97:19:45:25:a7:94:db:62:aa:ff: a6:78:7c:31:79:06:da:17:75:38:33:f1:52:42:40:4d:dc:9f: a6:89:d6:1a:06:87:a6:c2:62:88:63:bf:07:8f:41:1f:2b:8b: 76:e1:cb:e5:0d:20:ef:9c:33:ee:61:46:27:2e:bd:e3:99:b8: 75:a0:a1:ad:a5:e7:45:d5:6c:47:22:64:b6:98:6e:61:d7:41: 04:d2:57:17 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYdGYet+m6o0Su7rC3qMYyqVlVBMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MTEwMFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZDk5MTc0NzZhOGVjMzQyNzBlMTVm ZjdjYzRiM2FmMDc1ZjMxNTNmNjc4NjRmZjY0OWY2Y2YwYzY2OTcyZjRjMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1fVBe9hm5m+K3BO68CIObUxrXfX 8Lm125EZBxa3iNs2Pz7zGUNQXwMeaVcQ6V24mmvg5BJknbzE63bqNdSqt38zK0ha 9kik6pvTeV0EY+nhyKWMsY5Cq2G4CUS3A7GivaR93wX4B6ic2+9BI7E67bmKVeLt aGRqUPcs/JHUUIvK57IUaAaoFl2FAwj0C2qYbDDLCOLD/ga8deGIyYfH8Agtr8l6 jrY5Tz9TI2sW+yG7XlIx6wkMDD/B5rnsGnShYKW9r+vr7J5gil4tM9HGxPXtcMHR Lq11G+gie9ou0t52pOu6CyLRUjXriHwwDs2CCefWAL27N993b+06Lits/QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGfP+b+2Fppo2TKDMLKux1XiA52xMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUyNGJiYjU5LWZlNWItNDc3YS04MGEwLTg1NGY2OTMyMjY0ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8BgMA0GCSqGSIb3DQEBCwUAA4IBAQBRov74oVYiXF6NnyDI c7RNgA014Sv+uR8Sjlr3wlGm3Jq9hnghl4/t2Qs3J6zwM806loQ+e/Rlrt5HiVnL AZLhYWbHa2UfzE23U2yIMdJXCkYktKrKhXlHyaCRDBuCVRVlKnI3SGLWi5gIN+qV y2XYDE4qXubWKzvKMe5QqyW34gdHLaVoJipVfARJ9JcqdAb9rAYdWe9EXpwCvoho TaKDl14/TldQiQk7tpcZRSWnlNtiqv+meHwxeQbaF3U4M/FSQkBN3J+midYaBoem wmKIY78Hj0EfK4t24cvlDSDvnDPuYUYnLr3jmbh1oKGtpedF1WxHImS2mG5h10EE 0lcX -----END CERTIFICATE-----Generated at Thu Apr 17 18:11:51 2025 by rpki-client