$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/699e1901-6701-4fae-ba1b-680131cc39df.roa File: 699e1901-6701-4fae-ba1b-680131cc39df.roa (raw, json) Hash identifier: kLCNjbtWIzgRVCTcRcVceUz/Jychrb22lmwQiWupjhA= Subject key identifier: E0:A0:96:EF:DD:86:13:DD:01:BA:21:A7:86:B8:5B:B0:40:D8:9C:D9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 90352FDEE849BE4547417334E614CA71807088 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/699e1901-6701-4fae-ba1b-680131cc39df.roa Signing time: Tue 25 Mar 2025 16:40:06 +0000 ROA not before: Tue 25 Mar 2025 16:40:06 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1b::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 90:35:2f:de:e8:49:be:45:47:41:73:34:e6:14:ca:71:80:70:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:40:06 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=5d67ff27937730580a6589eaf7f32acd678b141fb2d5d6043c709431ec25a126, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6a:83:19:4e:fb:44:72:e8:c1:aa:0b:c7:8f: 7e:0b:50:5a:c2:4d:ec:ab:0f:0c:3d:3f:c0:02:91: de:37:7f:84:0e:76:45:9f:74:2a:df:f3:87:f0:d6: d7:54:c3:8e:53:76:70:e9:f7:f6:34:e7:31:32:4d: 71:da:f5:04:82:ae:2f:05:c5:7a:15:c3:94:e8:25: 17:7d:37:c0:ea:2e:73:20:c4:89:5c:48:54:b9:73: e7:65:85:a9:85:58:13:d3:19:c0:66:8a:66:34:b9: db:64:76:55:39:cc:2c:e5:7e:13:15:62:b1:b1:85: 30:f4:48:79:e3:50:dc:df:12:48:40:68:af:59:76: 2f:df:2c:78:fd:4d:c5:d6:af:2e:a7:2f:07:5a:0f: 4e:82:af:b0:e8:72:d2:e9:95:7f:ed:fd:c9:f2:6c: 70:3b:08:03:c9:9a:b5:ac:3f:c9:f3:b8:81:f9:42: 45:f4:8c:cc:09:12:36:2b:31:66:2b:a2:74:ce:74: 68:c9:e1:86:e8:e7:9e:52:34:f8:28:81:91:02:cb: 5f:28:b8:88:10:a2:05:89:8f:ff:50:f7:97:34:ef: 78:d1:58:7a:c5:12:23:17:f6:b8:80:60:1e:c6:ce: 2b:67:23:c1:2b:01:ef:74:bc:9b:d1:15:26:89:aa: fc:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:A0:96:EF:DD:86:13:DD:01:BA:21:A7:86:B8:5B:B0:40:D8:9C:D9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/699e1901-6701-4fae-ba1b-680131cc39df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1b::/38 Signature Algorithm: sha256WithRSAEncryption 42:89:83:98:20:c1:cd:1a:50:81:7f:81:4b:98:11:f5:54:fa: 79:66:95:91:c3:c6:33:74:ad:a7:64:24:89:ef:da:99:14:0f: 88:8b:72:ee:b7:2c:cd:3d:4a:80:e7:f2:5a:90:22:22:17:5b: 15:4c:b9:57:49:b9:d7:ca:1e:8f:05:91:b0:e5:78:58:94:1b: 39:05:20:de:89:39:45:16:8c:f6:d2:98:12:8b:14:fc:46:f7: 49:03:dc:03:2e:be:6a:2b:54:57:2c:25:26:91:1d:1f:b4:e7: a4:4a:94:18:dc:e9:a5:fe:bd:2d:19:01:a1:7d:5e:df:09:a6: 97:c4:92:7a:ea:39:bd:16:ab:3a:6c:76:06:a7:0f:46:3a:67: 37:30:e7:5f:b5:7c:b7:ec:f9:a6:dc:ea:74:c5:97:3e:b2:50: 3a:7e:9a:b0:98:34:74:9e:97:a6:1a:4f:3a:74:b5:b3:6b:f9: aa:b1:47:b1:10:09:77:61:23:5e:ef:bb:60:52:9f:48:ec:5e: b0:e6:a5:d8:43:74:1a:69:e5:9b:1f:1d:8b:48:8a:6a:89:07: e8:9e:12:5c:b4:92:c0:89:79:cd:17:34:78:8f:69:a3:45:4a: cd:37:b0:16:8a:8b:2b:59:1e:5b:b3:a6:58:c1:fe:12:03:46: bf:11:08:4a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAJA1L97oSb5FR0FzNOYUynGAcIgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NDAwNloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANWQ2N2ZmMjc5Mzc3MzA1ODBhNjU4 OWVhZjdmMzJhY2Q2NzhiMTQxZmIyZDVkNjA0M2M3MDk0MzFlYzI1YTEyNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmqDGU77RHLowaoLx49+C1Bawk3s qw8MPT/AApHeN3+EDnZFn3Qq3/OH8NbXVMOOU3Zw6ff2NOcxMk1x2vUEgq4vBcV6 FcOU6CUXfTfA6i5zIMSJXEhUuXPnZYWphVgT0xnAZopmNLnbZHZVOcws5X4TFWKx sYUw9Eh541Dc3xJIQGivWXYv3yx4/U3F1q8upy8HWg9Ogq+w6HLS6ZV/7f3J8mxw OwgDyZq1rD/J87iB+UJF9IzMCRI2KzFmK6J0znRoyeGG6OeeUjT4KIGRAstfKLiI EKIFiY//UPeXNO940Vh6xRIjF/a4gGAexs4rZyPBKwHvdLyb0RUmiar8GwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOCglu/dhhPdAbohp4a4W7BA2JzZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5OWUxOTAxLTY3MDEtNGZhZS1iYTFiLTY4MDEzMWNjMzlkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGwAwDQYJKoZIhvcNAQELBQADggEBAEKJg5ggwc0aUIF/gUuY EfVU+nlmlZHDxjN0radkJInv2pkUD4iLcu63LM09SoDn8lqQIiIXWxVMuVdJudfK Ho8FkbDleFiUGzkFIN6JOUUWjPbSmBKLFPxG90kD3AMuvmorVFcsJSaRHR+056RK lBjc6aX+vS0ZAaF9Xt8JppfEknrqOb0WqzpsdganD0Y6Zzcw51+1fLfs+abc6nTF lz6yUDp+mrCYNHSel6YaTzp0tbNr+aqxR7EQCXdhI17vu2BSn0jsXrDmpdhDdBpp 5ZsfHYtIimqJB+ieEly0ksCJec0XNHiPaaNFSs03sBaKiytZHluzpljB/hIDRr8R CEo= -----END CERTIFICATE-----Generated at Thu Apr 17 18:25:00 2025 by rpki-client