$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa File: 5c92d86f-d096-414c-bd9a-599ba8ca213f.roa (raw, json) Hash identifier: xQMzrAKVvFz6U8zqhaxaHGQ7RPMODAbbDPEIwr2HT88= Subject key identifier: 29:4E:C9:80:0E:E5:34:91:76:B0:3A:F3:0B:91:48:83:A5:13:E2:56 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 618A4B3AA41E2D9C472853DAE96B734551944871 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa Signing time: Tue 25 Mar 2025 16:20:16 +0000 ROA not before: Tue 25 Mar 2025 16:20:16 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:8a:4b:3a:a4:1e:2d:9c:47:28:53:da:e9:6b:73:45:51:94:48:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:20:16 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=2133759b78dda8e564e3f3c78c7f37507c0f64b59e90a8054e00e18c2b1ebf70, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:93:68:66:5d:2a:b4:59:3a:50:aa:7d:74:9e: 0c:30:fa:68:94:30:a5:f4:ad:1b:86:84:ae:d0:25: f8:c1:6c:01:c4:4c:1c:dc:b6:bd:bf:96:dd:76:e7: 68:a5:48:79:e9:4e:76:0c:e6:e4:26:84:1e:31:91: 99:28:28:53:48:bf:d0:d5:eb:ec:98:a0:4f:db:17: 60:9b:05:1d:cb:18:4a:91:58:d6:ca:ce:c5:03:2a: 34:ff:53:0a:8a:fb:0f:25:72:e6:bf:61:17:e0:7b: 25:c8:02:11:64:a6:69:7d:bc:2c:4b:e2:32:a0:8d: 1c:7e:ac:58:d2:c8:73:5c:d9:cb:bd:e9:9e:7d:41: 11:db:b3:ab:cf:69:6b:b6:df:f7:81:0c:c3:35:82: 17:20:c7:e1:01:59:f1:8b:78:df:7a:d2:d6:d1:ea: fb:97:09:3f:cc:b0:21:2f:ec:e8:96:99:f8:50:54: 89:a8:92:7d:00:41:75:5e:44:fb:59:3a:62:9f:99: 91:73:42:60:a8:ef:bc:28:ef:0c:2a:9f:94:08:91: cc:95:aa:d2:5a:cd:ed:8b:f0:77:40:bc:0b:db:a8: e9:a5:aa:2c:f2:29:61:7f:db:04:2c:23:14:20:f9: 81:2a:21:47:8f:8d:26:d5:dd:cb:04:d3:36:ff:c0: e7:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:4E:C9:80:0E:E5:34:91:76:B0:3A:F3:0B:91:48:83:A5:13:E2:56 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:2800::/40 Signature Algorithm: sha256WithRSAEncryption 9c:dc:d3:78:32:91:b1:00:30:73:87:a2:09:c5:43:7c:cb:65: 2f:ff:59:fc:c2:b7:94:76:a7:de:92:2f:b9:5e:5e:ea:7d:19: 93:80:d6:fd:ab:dc:69:2b:a3:00:09:d8:4f:a0:cd:d6:a0:3c: d7:68:4e:7a:20:9e:90:51:55:57:c5:dc:81:9a:42:cb:69:ca: 06:4a:7b:0f:b1:fd:20:ff:ca:6e:b1:99:12:c7:90:34:5c:65: 7e:ab:98:49:ad:af:56:b4:f9:f2:e2:ea:d6:dc:4c:d6:fa:26: f4:75:71:65:36:94:13:b8:0a:38:60:cb:d7:20:b6:94:63:20: 2c:31:dd:bf:2d:e5:1f:97:48:ca:9f:c4:a4:c5:d7:a5:6c:e4: 76:c0:14:19:c2:b8:c6:2e:29:82:52:2f:89:58:af:bd:46:aa: e0:48:74:29:5c:c4:ca:27:0f:c5:53:58:8a:42:9d:3e:c9:07: 39:3c:92:cc:53:45:84:f4:34:2d:a7:50:eb:6b:59:09:4f:db: 60:78:59:18:7b:47:e3:40:09:fb:64:96:26:71:83:32:49:8e: e6:74:41:a8:0d:dc:bc:b3:c1:f2:a6:63:b7:cc:a3:56:87:74: 8d:ca:d2:3e:00:e8:29:66:ae:68:2b:f5:57:30:da:55:a1:a2: 44:d4:7e:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYYpLOqQeLZxHKFPa6WtzRVGUSHEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MjAxNloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMjEzMzc1OWI3OGRkYThlNTY0ZTNm M2M3OGM3ZjM3NTA3YzBmNjRiNTllOTBhODA1NGUwMGUxOGMyYjFlYmY3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZNoZl0qtFk6UKp9dJ4MMPpolDCl 9K0bhoSu0CX4wWwBxEwc3La9v5bddudopUh56U52DObkJoQeMZGZKChTSL/Q1evs mKBP2xdgmwUdyxhKkVjWys7FAyo0/1MKivsPJXLmv2EX4HslyAIRZKZpfbwsS+Iy oI0cfqxY0shzXNnLvemefUER27Orz2lrtt/3gQzDNYIXIMfhAVnxi3jfetLW0er7 lwk/zLAhL+zolpn4UFSJqJJ9AEF1XkT7WTpin5mRc0JgqO+8KO8MKp+UCJHMlarS Ws3ti/B3QLwL26jppaos8ilhf9sELCMUIPmBKiFHj40m1d3LBNM2/8DnaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFClOyYAO5TSRdrA68wuRSIOlE+JWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjOTJkODZmLWQwOTYtNDE0Yy1iZDlhLTU5OWJhOGNhMjEzZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacCgwDQYJKoZIhvcNAQELBQADggEBAJzc03gykbEAMHOHognF Q3zLZS//WfzCt5R2p96SL7leXup9GZOA1v2r3GkrowAJ2E+gzdagPNdoTnognpBR VVfF3IGaQstpygZKew+x/SD/ym6xmRLHkDRcZX6rmEmtr1a0+fLi6tbcTNb6JvR1 cWU2lBO4Cjhgy9cgtpRjICwx3b8t5R+XSMqfxKTF16Vs5HbAFBnCuMYuKYJSL4lY r71GquBIdClcxMonD8VTWIpCnT7JBzk8ksxTRYT0NC2nUOtrWQlP22B4WRh7R+NA CftkliZxgzJJjuZ0QagN3LyzwfKmY7fMo1aHdI3K0j4A6Clmrmgr9Vcw2lWhokTU fsI= -----END CERTIFICATE-----Generated at Thu Apr 17 17:34:05 2025 by rpki-client