$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b0a1579-844b-4192-8162-b5c113e8eea7.roa File: 6b0a1579-844b-4192-8162-b5c113e8eea7.roa (raw, json) Hash identifier: sB2Wf5ZBTKoK29s6o97dJifsKB/CL1Yl1n2BNb3GgYI= Subject key identifier: D6:6A:DE:83:E7:6C:0D:8D:98:98:C6:26:54:91:F3:EB:CA:8A:E4:CD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1DA31979D873CA10B61C471A692D40C4DD887CA4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b0a1579-844b-4192-8162-b5c113e8eea7.roa Signing time: Tue 25 Mar 2025 16:50:51 +0000 ROA not before: Tue 25 Mar 2025 16:50:51 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da19::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:a3:19:79:d8:73:ca:10:b6:1c:47:1a:69:2d:40:c4:dd:88:7c:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:50:51 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=c8eddd6b2dbb3d5e88a3b2fa7da45a27f3d107b6d30839da8ceb5fd5dcfe4b3e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:c8:3e:17:53:cf:6f:71:0d:cf:03:33:d7:be: 85:be:85:7b:bf:d9:07:78:c9:ea:35:61:f6:7a:6f: 72:28:9e:3a:93:62:a6:2f:8f:68:a0:f1:7a:84:0a: 2c:48:61:1c:7a:cf:55:7a:a2:f9:db:c6:3c:63:b8: 9c:5d:58:e0:fc:ab:30:ac:fe:70:94:5b:3e:cb:7b: d4:b0:85:e1:3d:ca:ec:dc:de:91:e0:04:2d:a6:8a: 0c:a2:ec:66:01:62:15:ed:85:ed:0c:32:5c:e7:3a: bc:d2:71:c5:60:2e:45:ea:53:2a:4d:f0:dc:b5:30: 67:2c:d0:38:62:15:28:79:22:47:4a:9c:6e:c4:b3: c7:f3:14:ac:b7:d7:4b:fe:60:79:54:87:c0:9d:a9: 57:af:6f:18:33:a2:93:42:f2:ea:80:99:09:18:ed: 43:b0:53:18:ca:64:2e:34:35:5b:03:cd:d8:eb:a9: 14:a5:6e:55:fe:53:59:c6:c4:b2:e7:fe:1f:5e:e8: 2d:c2:43:e8:74:6e:55:cb:75:88:e4:07:88:bf:5b: e1:3c:37:dc:7e:09:4e:e4:a8:cb:bc:de:aa:0f:9f: a2:c8:05:05:ac:00:6c:3d:54:6b:5f:02:35:b5:bc: b9:7e:0e:52:ee:7e:a6:c5:ea:9a:3d:e5:42:74:d8: dd:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:6A:DE:83:E7:6C:0D:8D:98:98:C6:26:54:91:F3:EB:CA:8A:E4:CD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b0a1579-844b-4192-8162-b5c113e8eea7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da19::/36 Signature Algorithm: sha256WithRSAEncryption 2e:4f:97:6a:40:5d:1a:bd:d7:12:25:09:8e:26:f6:0a:77:21: f4:2d:6f:c1:9c:18:a7:08:a5:14:5d:e9:ed:b8:98:80:c3:47: 9f:4c:c6:42:b5:f1:f7:8e:de:f3:73:7f:9c:c8:8f:4c:57:91: 72:0f:35:9c:5f:42:fd:a8:62:f8:3a:5f:14:be:42:a5:c2:02: 3c:48:c5:79:fc:81:37:bf:aa:47:2c:33:95:4c:db:d9:dd:7c: 0b:8d:fc:4b:31:bb:ee:34:0b:bb:12:79:95:3c:e3:25:65:67: 61:29:5b:3e:df:8a:a3:fd:9b:f3:2b:3b:39:fd:10:cc:51:0f: 76:a6:33:46:73:c5:06:d6:3f:0f:39:bc:9d:01:9e:80:57:a3: 1d:85:07:e4:b8:22:aa:5d:50:2d:77:7e:e3:bc:75:18:07:39: ab:a4:1b:74:16:78:d0:2a:93:1d:df:4a:63:3f:28:1d:1f:a9: 2d:0d:75:bd:30:fd:a2:36:40:b8:55:c1:5b:a8:b7:e3:28:ce: 56:66:59:7f:b0:1a:48:8e:2e:19:b1:17:93:0c:6c:f4:b4:9b: 0c:1a:e2:59:aa:28:bc:50:22:57:a7:e9:df:ee:c1:06:26:04: 40:c5:8d:9d:0d:ba:22:43:6e:ba:12:ed:f0:75:1b:c3:81:a1: 35:43:ca:2f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHaMZedhzyhC2HEcaaS1AxN2IfKQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NTA1MVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYzhlZGRkNmIyZGJiM2Q1ZTg4YTNi MmZhN2RhNDVhMjdmM2QxMDdiNmQzMDgzOWRhOGNlYjVmZDVkY2ZlNGIzZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8g+F1PPb3ENzwMz176FvoV7v9kH eMnqNWH2em9yKJ46k2KmL49ooPF6hAosSGEces9VeqL528Y8Y7icXVjg/KswrP5w lFs+y3vUsIXhPcrs3N6R4AQtpooMouxmAWIV7YXtDDJc5zq80nHFYC5F6lMqTfDc tTBnLNA4YhUoeSJHSpxuxLPH8xSst9dL/mB5VIfAnalXr28YM6KTQvLqgJkJGO1D sFMYymQuNDVbA83Y66kUpW5V/lNZxsSy5/4fXugtwkPodG5Vy3WI5AeIv1vhPDfc fglO5KjLvN6qD5+iyAUFrABsPVRrXwI1tby5fg5S7n6mxeqaPeVCdNjdLQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNZq3oPnbA2NmJjGJlSR8+vKiuTNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZiMGExNTc5LTg0NGItNDE5Mi04MTYyLWI1YzExM2U4ZWVhNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGQAwDQYJKoZIhvcNAQELBQADggEBAC5Pl2pAXRq91xIlCY4m 9gp3IfQtb8GcGKcIpRRd6e24mIDDR59MxkK18feO3vNzf5zIj0xXkXIPNZxfQv2o Yvg6XxS+QqXCAjxIxXn8gTe/qkcsM5VM29ndfAuN/Esxu+40C7sSeZU84yVlZ2Ep Wz7fiqP9m/MrOzn9EMxRD3amM0ZzxQbWPw85vJ0BnoBXox2FB+S4IqpdUC13fuO8 dRgHOaukG3QWeNAqkx3fSmM/KB0fqS0Ndb0w/aI2QLhVwVuot+MozlZmWX+wGkiO LhmxF5MMbPS0mwwa4lmqKLxQIlen6d/uwQYmBEDFjZ0NuiJDbroS7fB1G8OBoTVD yi8= -----END CERTIFICATE-----Generated at Thu Apr 17 18:11:49 2025 by rpki-client