$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d95593e-7533-4a62-bbd5-712342a000d1.roa File: 5d95593e-7533-4a62-bbd5-712342a000d1.roa (raw, json) Hash identifier: 4ZBQKRUXYnahdqO/GucWW9gVh2WrynEBFsQzfMsg2fA= Subject key identifier: 4B:F3:28:01:EE:8E:DD:F2:E8:52:86:74:75:57:EE:96:92:A4:11:0F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 30E122029A508DDA2B7A1F60E3EE026E69B5830D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d95593e-7533-4a62-bbd5-712342a000d1.roa Signing time: Tue 25 Mar 2025 15:31:33 +0000 ROA not before: Tue 25 Mar 2025 15:31:33 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:2080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:e1:22:02:9a:50:8d:da:2b:7a:1f:60:e3:ee:02:6e:69:b5:83:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:31:33 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=9645c556af04419f1afa89ee4307105ebc7e6666f7154cfb3eb697377abd0e89, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:0c:89:ef:ab:2e:c7:66:b5:ab:70:57:da:23: c0:83:47:af:bf:13:f4:12:54:d6:fd:0c:34:46:47: 25:10:df:58:9d:8e:18:60:fb:4e:75:8a:2c:b4:1e: bc:54:91:90:49:cf:11:91:05:bb:ac:c1:4c:f6:38: 9c:c9:81:eb:33:e5:ba:00:a2:83:fd:34:d8:4a:b1: 2c:26:b7:18:a4:4d:ba:cf:a0:c2:3c:06:05:91:2a: 7e:3c:ce:ae:53:8a:4a:59:ad:b2:1d:53:71:7d:a1: ae:15:b6:c1:ed:18:c1:e8:ec:54:e3:ea:79:c0:41: 15:d1:3f:9d:43:15:5c:2b:93:b5:84:1f:5f:99:1a: e1:98:db:81:9d:5c:bd:21:59:9f:c8:af:0f:f2:83: b1:a9:af:a6:18:36:5c:08:79:14:8b:13:59:fb:e1: 9a:52:93:10:9f:83:d0:91:bb:0c:54:a6:9e:0a:23: f6:29:11:55:af:fa:3b:e4:47:4d:eb:2e:49:f2:72: 4a:e5:bd:de:9e:12:7d:35:0e:43:84:19:6b:a7:e9: 86:80:b9:58:c8:8e:5b:85:d5:9c:a8:6b:06:79:d9: a6:a7:71:48:5a:68:1f:82:fb:bc:01:d0:6a:0f:0e: 6d:37:d2:be:14:2f:aa:cc:57:3d:05:92:f1:e1:22: 1d:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:F3:28:01:EE:8E:DD:F2:E8:52:86:74:75:57:EE:96:92:A4:11:0F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d95593e-7533-4a62-bbd5-712342a000d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:2080::/46 Signature Algorithm: sha256WithRSAEncryption 2a:17:00:92:cc:22:bf:c5:29:5f:9e:94:2f:02:df:47:eb:73: 4d:d9:f0:1c:82:ec:06:67:09:ff:4c:c8:aa:90:0b:87:a0:f1: 98:5e:6b:9b:45:cb:8d:2a:8c:91:0a:05:b3:e5:6a:92:79:fd: c7:ce:ee:d1:74:84:f5:31:b2:c5:64:28:2f:e4:d3:d6:dd:22: 4f:74:9c:3c:a2:ab:60:17:cc:ef:63:60:4a:05:e0:a2:be:45: 7c:ae:86:23:34:de:ec:4a:4d:01:d8:cc:b5:17:66:e0:26:b2: be:e0:78:d2:b6:95:c3:48:54:94:37:22:24:aa:c9:a0:2c:ca: 3b:3a:c3:03:7d:c4:93:37:54:83:48:42:6b:b9:0d:76:3d:5a: a7:38:a4:ac:81:b6:b6:30:ea:df:7a:e1:a8:47:14:53:0a:d8: 67:fe:67:8b:91:7d:86:eb:fa:33:e2:19:c2:e0:11:53:b1:dd: 01:03:46:80:24:93:e1:db:11:f9:15:95:dc:a6:20:07:29:b6: df:14:70:f9:f7:b4:cd:78:24:2b:35:c4:11:04:49:d0:8f:16: 52:fd:bb:b1:2a:53:83:9c:f0:28:b8:b3:b8:69:56:aa:80:df: 01:4d:19:ef:66:63:7b:eb:04:ea:da:5b:c2:2e:6d:84:64:d6: b2:72:cb:37 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMOEiAppQjdoreh9g4+4Cbmm1gw0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MzEzM1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAOTY0NWM1NTZhZjA0NDE5ZjFhZmE4 OWVlNDMwNzEwNWViYzdlNjY2NmY3MTU0Y2ZiM2ViNjk3Mzc3YWJkMGU4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQyJ76sux2a1q3BX2iPAg0evvxP0 ElTW/Qw0RkclEN9YnY4YYPtOdYostB68VJGQSc8RkQW7rMFM9jicyYHrM+W6AKKD /TTYSrEsJrcYpE26z6DCPAYFkSp+PM6uU4pKWa2yHVNxfaGuFbbB7RjB6OxU4+p5 wEEV0T+dQxVcK5O1hB9fmRrhmNuBnVy9IVmfyK8P8oOxqa+mGDZcCHkUixNZ++Ga UpMQn4PQkbsMVKaeCiP2KRFVr/o75EdN6y5J8nJK5b3enhJ9NQ5DhBlrp+mGgLlY yI5bhdWcqGsGedmmp3FIWmgfgvu8AdBqDw5tN9K+FC+qzFc9BZLx4SIdwQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEvzKAHujt3y6FKGdHVX7paSpBEPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVkOTU1OTNlLTc1MzMtNGE2Mi1iYmQ1LTcxMjM0MmEwMDBkMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba9yCAMA0GCSqGSIb3DQEBCwUAA4IBAQAqFwCSzCK/xSlfnpQv At9H63NN2fAcguwGZwn/TMiqkAuHoPGYXmubRcuNKoyRCgWz5WqSef3Hzu7RdIT1 MbLFZCgv5NPW3SJPdJw8oqtgF8zvY2BKBeCivkV8roYjNN7sSk0B2My1F2bgJrK+ 4HjStpXDSFSUNyIkqsmgLMo7OsMDfcSTN1SDSEJruQ12PVqnOKSsgba2MOrfeuGo RxRTCthn/meLkX2G6/oz4hnC4BFTsd0BA0aAJJPh2xH5FZXcpiAHKbbfFHD597TN eCQrNcQRBEnQjxZS/buxKlODnPAouLO4aVaqgN8BTRnvZmN76wTq2lvCLm2EZNay css3 -----END CERTIFICATE-----Generated at Thu Apr 17 18:07:07 2025 by rpki-client