$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6780a697-ebb3-4b18-8703-c9b7cf9ab225.roa File: 6780a697-ebb3-4b18-8703-c9b7cf9ab225.roa (raw, json) Hash identifier: mPglz1SveW73jLqAATFk563YobwmENJBju9fKXV1bjY= Subject key identifier: 6D:2F:AB:E4:FE:20:07:FB:E0:17:9D:2D:2E:AF:FC:AD:90:19:B1:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 35B1C516D5A21B687DE0A81A810EF050D92036EC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6780a697-ebb3-4b18-8703-c9b7cf9ab225.roa Signing time: Tue 25 Mar 2025 16:50:41 +0000 ROA not before: Tue 25 Mar 2025 16:50:41 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da10:8c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:b1:c5:16:d5:a2:1b:68:7d:e0:a8:1a:81:0e:f0:50:d9:20:36:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:50:41 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=95cfa4ee9f294882ed72c0b4aeddc2c88b8bcd8fbd25810a7cdbe499d1a5816d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:2c:6a:4a:76:a6:53:db:25:d3:2e:6c:f9:82: 04:f0:50:47:42:04:7d:c5:a0:2d:d3:47:2a:d0:1f: 02:0c:50:7f:5f:93:f8:2f:33:4c:47:af:70:99:5e: da:ca:9c:ff:91:1b:4b:a0:2b:fe:d5:1c:8c:65:38: df:3f:e2:53:6a:90:02:00:5e:3b:0b:d8:e7:a4:50: 0a:d6:bb:84:06:c4:33:4f:3c:a2:13:00:30:11:47: 8f:48:5d:38:be:f0:00:4e:57:75:9e:f9:ae:a3:12: 69:33:4c:18:f8:14:b5:b5:f8:7f:80:1f:fd:be:01: bf:8f:db:9c:2e:68:73:39:7e:a3:2a:1f:7a:5b:34: fc:a0:fb:02:13:f0:f8:9a:8e:3a:24:f3:a3:08:07: bb:66:52:82:de:8a:aa:98:e9:ec:f2:35:3f:77:fe: 7e:40:41:2f:49:33:3d:c9:b2:8f:e7:46:62:74:7a: 47:2a:af:cd:01:4b:1b:7f:05:da:e6:46:40:14:02: 8d:a2:00:06:94:59:a2:e3:6d:2f:0a:be:40:cf:2d: 61:00:d8:37:06:7b:b2:78:9d:65:f2:9b:c6:fe:b0: d8:ab:5c:68:dd:11:66:1b:2d:0c:64:7c:b5:ce:74: f3:bf:24:7f:67:b2:7b:ee:3e:07:c0:64:0b:47:55: e0:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:2F:AB:E4:FE:20:07:FB:E0:17:9D:2D:2E:AF:FC:AD:90:19:B1:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6780a697-ebb3-4b18-8703-c9b7cf9ab225.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da10:8c00::/38 Signature Algorithm: sha256WithRSAEncryption 23:e6:02:99:bf:d3:1b:68:0f:d3:7f:f4:9f:de:05:46:c5:e8: 78:9d:50:e9:ec:99:48:6d:9d:c5:a1:6a:1e:60:cd:77:8a:ff: ba:7d:54:09:29:e7:09:de:90:d0:0a:b4:81:e3:ec:d0:91:2e: b5:ec:eb:bf:fd:61:77:1c:03:28:1b:e7:96:5f:17:46:0e:b4: 34:77:5e:91:19:93:5b:89:ce:d4:68:b3:b0:5a:9c:8f:1e:20: 75:eb:94:76:22:6f:90:00:68:03:37:b8:0e:05:18:47:5b:07: 3e:c6:b3:27:f0:61:bc:00:70:59:7c:1d:e0:6d:f2:bb:9a:a6: 37:98:60:c0:99:82:a9:a0:39:83:b0:fc:cf:c2:5b:96:36:75: 5d:b8:1b:62:17:0c:ef:8c:61:cf:db:e1:5a:88:ab:fa:35:f1: 7a:3c:8d:6a:4c:e4:62:da:28:17:8c:79:25:22:55:14:dd:c8: 69:1f:7b:a3:66:42:b1:7d:c8:e7:4a:e0:22:7b:51:0d:69:ec: 8c:db:a0:b0:3e:cd:bd:40:c4:e6:ec:d2:e4:2a:7b:4d:e9:34: 67:40:51:89:b9:fd:01:f6:1e:a9:b7:27:02:99:e2:5d:19:a8: 76:7f:b8:67:f3:3c:58:a8:1b:66:d9:98:8c:bb:79:57:1e:5f: a0:2f:4c:e2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNbHFFtWiG2h94KgagQ7wUNkgNuwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NTA0MVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAOTVjZmE0ZWU5ZjI5NDg4MmVkNzJj MGI0YWVkZGMyYzg4YjhiY2Q4ZmJkMjU4MTBhN2NkYmU0OTlkMWE1ODE2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSxqSnamU9sl0y5s+YIE8FBHQgR9 xaAt00cq0B8CDFB/X5P4LzNMR69wmV7aypz/kRtLoCv+1RyMZTjfP+JTapACAF47 C9jnpFAK1ruEBsQzTzyiEwAwEUePSF04vvAATld1nvmuoxJpM0wY+BS1tfh/gB/9 vgG/j9ucLmhzOX6jKh96WzT8oPsCE/D4mo46JPOjCAe7ZlKC3oqqmOns8jU/d/5+ QEEvSTM9ybKP50ZidHpHKq/NAUsbfwXa5kZAFAKNogAGlFmi420vCr5Azy1hANg3 BnuyeJ1l8pvG/rDYq1xo3RFmGy0MZHy1znTzvyR/Z7J77j4HwGQLR1XgnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG0vq+T+IAf74BedLS6v/K2QGbEaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3ODBhNjk3LWViYjMtNGIxOC04NzAzLWM5YjdjZjlhYjIyNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEIwwDQYJKoZIhvcNAQELBQADggEBACPmApm/0xtoD9N/9J/e BUbF6HidUOnsmUhtncWhah5gzXeK/7p9VAkp5wnekNAKtIHj7NCRLrXs67/9YXcc Aygb55ZfF0YOtDR3XpEZk1uJztRos7BanI8eIHXrlHYib5AAaAM3uA4FGEdbBz7G syfwYbwAcFl8HeBt8ruapjeYYMCZgqmgOYOw/M/CW5Y2dV24G2IXDO+MYc/b4VqI q/o18Xo8jWpM5GLaKBeMeSUiVRTdyGkfe6NmQrF9yOdK4CJ7UQ1p7IzboLA+zb1A xObs0uQqe03pNGdAUYm5/QH2Hqm3JwKZ4l0ZqHZ/uGfzPFioG2bZmIy7eVceX6Av TOI= -----END CERTIFICATE-----Generated at Thu Apr 17 17:55:35 2025 by rpki-client