$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa File: 57e5a746-78cb-4122-b964-f449ba6f6e5f.roa (raw, json) Hash identifier: OWn3LgJp2oGcrUO+EhcptxuQxpNi3BhznPOnET0H3gg= Subject key identifier: 81:63:A2:11:54:FB:7D:FE:CB:ED:72:AD:42:FA:CA:CA:38:FE:AD:00 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0F700B8CFBCA8276D833ED578388A81A09C46229 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa Signing time: Tue 25 Mar 2025 15:01:26 +0000 ROA not before: Tue 25 Mar 2025 15:01:26 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:70:0b:8c:fb:ca:82:76:d8:33:ed:57:83:88:a8:1a:09:c4:62:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:01:26 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=a404e674a58d72ad548e10a6b85d4620e3303b6c79c416cd8e2e4d5c05e3c4f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:33:52:19:df:29:8d:03:8d:e8:62:73:70:17: ce:8a:0c:e3:39:e2:45:bc:6b:d9:19:27:f9:16:89: 15:31:d0:05:75:32:55:7a:67:ae:e6:76:df:00:36: 4a:ab:fe:4c:dc:f9:ab:3c:ed:a5:ad:d3:f9:5f:42: a1:c8:43:7e:20:37:c3:df:f5:09:fd:fb:6f:36:68: bc:4e:09:e5:37:7f:f7:94:cb:dd:e0:9f:06:43:9d: a1:5a:f5:20:2f:e1:6f:e2:fc:c6:45:eb:b9:bd:7f: 89:80:c1:56:d3:26:43:b9:5a:0a:97:ea:7b:a6:94: f1:f2:16:ff:b8:d8:a4:64:05:a4:b9:15:68:db:e1: b8:25:56:ea:ca:34:9e:3c:b7:af:57:99:50:ce:ab: 58:da:58:5f:59:06:3c:51:db:5b:c2:dd:75:34:ae: dc:ef:22:1e:2d:f9:84:d7:8a:b2:d8:0a:58:20:5c: 5d:75:2b:76:8b:df:57:7d:96:8b:ab:be:0f:6d:4d: f7:cf:67:fc:9a:15:db:a9:a4:4d:08:6b:26:bf:f9: ff:fa:bd:17:1a:5f:19:f7:7f:ee:32:57:26:1a:22: f7:c7:12:ae:b2:8c:29:86:96:84:ec:d9:e4:f7:ba: db:62:1c:57:28:93:df:07:a1:0a:b4:d3:a9:27:83: 63:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:63:A2:11:54:FB:7D:FE:CB:ED:72:AD:42:FA:CA:CA:38:FE:AD:00 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:a000::/40 Signature Algorithm: sha256WithRSAEncryption c9:e4:29:25:51:f8:9d:64:a6:67:b2:36:85:e1:e2:e8:16:08: f7:27:2d:1a:1e:d5:51:64:f9:d2:24:59:d5:2d:bb:32:bb:68: e0:62:4a:30:3d:1b:55:ec:8d:f9:4b:d8:03:b0:ef:31:ca:b4: 97:3f:54:25:5c:a6:bf:85:2b:d3:1c:7a:9a:3b:0b:a3:6a:b2: bb:0c:aa:9a:9d:49:fa:4b:aa:57:fd:ee:69:9a:ad:cf:3e:5d: ab:63:5a:00:45:7e:43:9c:3a:ee:1d:45:80:6d:1e:aa:7a:37: a4:df:25:7f:44:63:56:9a:c1:be:b1:5a:a9:a5:c5:b3:21:ce: 15:cc:63:d5:89:91:f9:6d:f7:09:e2:e4:02:82:96:27:ca:be: 4e:f0:83:07:6e:31:43:73:89:df:d4:5e:f4:f8:75:a5:d0:fa: 58:ef:75:67:92:bf:bd:37:27:6d:44:47:ae:75:04:51:05:c2: e5:73:3d:0e:5f:7d:ad:b4:c3:52:50:b9:71:2b:ab:11:5e:ed: 1b:29:cc:9e:b5:a5:c3:45:bc:4f:26:7b:66:66:46:71:d8:d0: 99:a1:12:4b:35:74:06:cd:b4:80:01:dd:cd:e1:ec:28:a1:ea: 6d:c9:e0:38:42:41:1f:fd:6c:05:22:df:eb:cb:6f:f1:9d:be: ca:70:ff:f3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUD3ALjPvKgnbYM+1Xg4ioGgnEYikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MDEyNloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYTQwNGU2NzRhNThkNzJhZDU0OGUx MGE2Yjg1ZDQ2MjBlMzMwM2I2Yzc5YzQxNmNkOGUyZTRkNWMwNWUzYzRmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTNSGd8pjQON6GJzcBfOigzjOeJF vGvZGSf5FokVMdAFdTJVemeu5nbfADZKq/5M3PmrPO2lrdP5X0KhyEN+IDfD3/UJ /ftvNmi8TgnlN3/3lMvd4J8GQ52hWvUgL+Fv4vzGReu5vX+JgMFW0yZDuVoKl+p7 ppTx8hb/uNikZAWkuRVo2+G4JVbqyjSePLevV5lQzqtY2lhfWQY8Udtbwt11NK7c 7yIeLfmE14qy2ApYIFxddSt2i99XfZaLq74PbU33z2f8mhXbqaRNCGsmv/n/+r0X Gl8Z93/uMlcmGiL3xxKusowphpaE7Nnk97rbYhxXKJPfB6EKtNOpJ4NjuwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIFjohFU+33+y+1yrUL6yso4/q0AMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU3ZTVhNzQ2LTc4Y2ItNDEyMi1iOTY0LWY0NDliYTZmNmU1Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOKAwDQYJKoZIhvcNAQELBQADggEBAMnkKSVR+J1kpmeyNoXh 4ugWCPcnLRoe1VFk+dIkWdUtuzK7aOBiSjA9G1XsjflL2AOw7zHKtJc/VCVcpr+F K9Mcepo7C6NqsrsMqpqdSfpLqlf97mmarc8+XatjWgBFfkOcOu4dRYBtHqp6N6Tf JX9EY1aawb6xWqmlxbMhzhXMY9WJkflt9wni5AKClifKvk7wgwduMUNzid/UXvT4 daXQ+ljvdWeSv703J21ER651BFEFwuVzPQ5ffa20w1JQuXErqxFe7RspzJ61pcNF vE8me2ZmRnHY0JmhEks1dAbNtIAB3c3h7Cih6m3J4DhCQR/9bAUi3+vLb/Gdvspw //M= -----END CERTIFICATE-----Generated at Thu Apr 17 17:57:49 2025 by rpki-client