$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7169bc70-b9db-4e83-beac-24cc0c5a1537.roa File: 7169bc70-b9db-4e83-beac-24cc0c5a1537.roa (raw, json) Hash identifier: gztINObsuZGxKC5HBkmSwLykSX+n0FflDvSr2iLMq7g= Subject key identifier: FE:48:8C:C7:DC:B8:A7:F1:05:FC:80:7A:5A:2F:DB:5C:8D:B7:13:1D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1DD9ACC35364195349E74F56E4D798B21E09AD9E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7169bc70-b9db-4e83-beac-24cc0c5a1537.roa Signing time: Tue 25 Mar 2025 16:20:11 +0000 ROA not before: Tue 25 Mar 2025 16:20:11 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:d9:ac:c3:53:64:19:53:49:e7:4f:56:e4:d7:98:b2:1e:09:ad:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:20:11 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=cb32cf9177e1c88dd05f2b0812df8cd5a0155a994cd1c4123d5faf77647e7a2c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:41:69:2e:49:3d:45:83:c8:fb:30:ca:0c:a2: ed:1d:48:e5:8c:65:dc:ae:7a:93:60:cd:66:db:2c: 3d:c2:8d:29:d2:df:fe:de:7b:3e:60:61:37:f7:4f: 58:29:72:14:2f:e2:e8:80:16:fc:ef:dd:60:e0:09: 9b:3a:f1:f1:2a:20:95:2e:0a:92:26:96:14:1d:3f: 75:a1:10:bb:36:79:4a:75:d5:7a:81:5e:97:24:75: d9:8d:04:96:94:bc:7d:40:c2:dc:7b:01:b5:88:e7: e4:29:de:10:31:9d:c7:cf:0c:60:09:37:a7:59:77: ac:c1:ce:62:39:df:13:7f:c7:d5:3c:ba:c6:f1:57: 6b:75:8f:16:94:28:6a:5d:a3:64:5d:d0:b7:eb:91: 69:3c:6d:eb:5d:18:9a:b6:75:1a:6a:9b:d1:d9:d7: 80:a1:50:de:6d:c8:f1:2b:e2:b6:25:51:a9:42:48: b1:ff:f8:32:11:a6:f3:64:54:85:cc:1a:33:7c:fb: cb:a5:46:9f:cf:e8:ed:ec:2d:d6:49:33:dd:c5:ce: 38:63:50:3f:94:37:a1:aa:51:18:96:0f:5c:9e:f1: d1:74:6b:7a:cb:7d:17:e3:01:73:11:74:2a:27:90: a7:ac:bd:99:6f:c8:01:34:a5:a8:2b:d7:40:4f:bd: c9:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:48:8C:C7:DC:B8:A7:F1:05:FC:80:7A:5A:2F:DB:5C:8D:B7:13:1D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7169bc70-b9db-4e83-beac-24cc0c5a1537.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:8000::/40 Signature Algorithm: sha256WithRSAEncryption 7b:88:8f:7a:01:c6:7a:a1:21:d6:b6:23:c9:ef:57:2c:b3:c4: 4a:40:aa:7e:62:ec:45:46:33:08:e6:27:43:a7:97:dd:6b:31: 07:70:ee:ec:48:5d:66:80:e4:19:ac:08:c1:71:ef:45:dc:28: 4a:0a:4a:01:68:e8:a2:fc:af:c9:51:c8:7e:94:c8:7f:b1:08: ec:76:52:bf:9f:8e:22:64:15:ba:1b:ef:fe:a2:a9:a8:a8:04: af:f5:42:3e:23:7a:5f:7c:9c:82:d4:e3:1b:38:20:00:66:46: c0:f2:1b:79:99:19:a2:c2:e9:64:8d:e5:95:f7:2a:99:5f:6d: e2:a9:2d:99:83:12:9a:be:14:2e:44:d7:48:60:a0:57:29:0c: a7:16:5b:65:a3:59:3b:c5:e1:13:80:49:6b:45:69:dd:c9:e2: 61:6b:92:ae:4f:9b:cd:be:13:a6:45:0e:80:9d:02:00:7f:f3: 90:5c:e7:18:37:c7:2d:6b:96:34:e2:06:bf:a4:a5:05:91:c0: 4f:0b:9a:f9:da:6f:bd:0b:0f:12:3e:6f:3a:cf:f8:a6:6e:1f: 22:62:54:b9:68:86:c6:b5:5d:68:9a:c7:66:87:b3:8c:13:67: c7:c0:bf:35:44:74:69:cb:4a:4e:14:21:86:f7:dc:7f:20:40: b4:2b:db:62 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHdmsw1NkGVNJ509W5NeYsh4JrZ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MjAxMVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAY2IzMmNmOTE3N2UxYzg4ZGQwNWYy YjA4MTJkZjhjZDVhMDE1NWE5OTRjZDFjNDEyM2Q1ZmFmNzc2NDdlN2EyYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0FpLkk9RYPI+zDKDKLtHUjljGXc rnqTYM1m2yw9wo0p0t/+3ns+YGE3909YKXIUL+LogBb8791g4AmbOvHxKiCVLgqS JpYUHT91oRC7NnlKddV6gV6XJHXZjQSWlLx9QMLcewG1iOfkKd4QMZ3HzwxgCTen WXeswc5iOd8Tf8fVPLrG8VdrdY8WlChqXaNkXdC365FpPG3rXRiatnUaapvR2deA oVDebcjxK+K2JVGpQkix//gyEabzZFSFzBozfPvLpUafz+jt7C3WSTPdxc44Y1A/ lDehqlEYlg9cnvHRdGt6y30X4wFzEXQqJ5CnrL2Zb8gBNKWoK9dAT73JJQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP5IjMfcuKfxBfyAelov21yNtxMdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxNjliYzcwLWI5ZGItNGU4My1iZWFjLTI0Y2MwYzVhMTUzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNoAwDQYJKoZIhvcNAQELBQADggEBAHuIj3oBxnqhIda2I8nv VyyzxEpAqn5i7EVGMwjmJ0Onl91rMQdw7uxIXWaA5BmsCMFx70XcKEoKSgFo6KL8 r8lRyH6UyH+xCOx2Ur+fjiJkFbob7/6iqaioBK/1Qj4jel98nILU4xs4IABmRsDy G3mZGaLC6WSN5ZX3KplfbeKpLZmDEpq+FC5E10hgoFcpDKcWW2WjWTvF4ROASWtF ad3J4mFrkq5Pm82+E6ZFDoCdAgB/85Bc5xg3xy1rljTiBr+kpQWRwE8Lmvnab70L DxI+bzrP+KZuHyJiVLlohsa1XWiax2aHs4wTZ8fAvzVEdGnLSk4UIYb33H8gQLQr 22I= -----END CERTIFICATE-----Generated at Thu Apr 17 17:36:29 2025 by rpki-client