$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa File: 768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa (raw, json) Hash identifier: 2w/XgBKg+e2150PgEXOYlZ2YewK3EsC7hfROpM+SD9g= Subject key identifier: A3:71:D2:28:4F:9D:B8:FE:1C:CE:60:2F:37:91:9F:21:DE:45:E5:3E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40F0D3B1338860953C92A49246E7787412BB8A36 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa Signing time: Tue 25 Mar 2025 15:02:19 +0000 ROA not before: Tue 25 Mar 2025 15:02:19 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:b0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:f0:d3:b1:33:88:60:95:3c:92:a4:92:46:e7:78:74:12:bb:8a:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:02:19 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=b39cc822fee7349e1e5635d9c3fac53afe46a8d4c3ec69f19903fa2257d7fcd3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:18:ab:55:63:f5:03:a6:5f:a2:ec:3d:dc:61: cb:02:66:c9:08:3b:be:e7:cf:58:8a:77:e0:e8:2f: bd:86:24:4b:77:55:26:ce:cb:bf:cb:93:6f:e9:68: 57:94:98:81:e3:8c:19:ff:91:7d:83:f7:b9:41:be: 65:9e:21:1c:02:e4:5a:da:ad:22:03:fc:14:4d:9d: f9:05:bc:4e:af:38:51:37:e6:43:9c:79:31:e3:59: 28:a5:be:28:b6:3c:67:f6:76:76:7f:6e:fb:98:7b: d9:89:9f:b2:2e:e3:56:8d:ee:d4:b1:0f:71:55:ae: 09:a3:92:dd:fc:82:19:a5:ff:59:dc:0b:1e:ef:cd: 6c:3a:e0:3b:00:f6:51:a7:8a:e4:f7:25:80:ae:64: 55:3a:dc:3f:e1:19:ca:8a:a6:6b:fc:a7:4e:2d:3c: 37:5c:67:68:d4:d0:ac:f7:e6:eb:f8:24:fd:5d:dd: e7:f1:dd:76:35:8a:58:a0:d3:4d:ab:e1:ae:d7:54: a0:89:9e:af:97:11:6b:a6:b5:df:4c:a2:18:50:64: ff:89:a8:02:59:ff:90:28:9c:96:36:0c:63:75:b3: 0a:cb:d4:21:eb:37:b2:55:cb:e1:b2:5a:8d:fc:a4: 0e:e4:3c:44:c3:96:d0:23:5e:e5:5f:d8:ed:f7:4f: cc:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:71:D2:28:4F:9D:B8:FE:1C:CE:60:2F:37:91:9F:21:DE:45:E5:3E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:b0c0::/48 Signature Algorithm: sha256WithRSAEncryption 36:13:cb:74:5d:30:a9:93:1a:84:6d:be:3b:2b:88:54:ce:c0: 4d:0b:6d:01:af:5c:9d:54:1a:43:79:9c:85:85:20:e4:1e:91: ef:f8:bc:77:af:c1:2f:a3:30:62:ef:df:55:4b:e4:dc:10:1c: b5:a3:de:59:89:08:85:08:2e:58:eb:4a:21:50:50:1e:f9:91: 13:88:f3:10:db:46:ff:b3:37:db:d6:cd:5c:d1:fa:26:d1:99: 1a:57:30:18:07:5a:dc:08:f5:34:f3:88:d3:ea:25:5f:55:d0: d4:9c:1c:d5:9e:e9:f8:5d:39:e0:b9:fe:4a:07:f2:87:97:56: 35:0b:ac:6a:2c:22:28:1e:a1:62:e8:f6:33:76:a7:7c:3e:5c: c5:98:d1:a2:ed:af:01:87:2d:f0:d9:ea:5c:c4:11:21:c9:14: 99:34:6f:95:cb:36:b7:27:17:28:b1:48:31:ef:38:e6:5d:36: ba:4f:5c:aa:23:55:7d:7e:65:cb:ba:23:a3:fb:89:90:d3:ad: 4a:f9:58:fc:68:c4:44:e3:8f:fa:91:a6:0d:f5:25:bd:1b:c1: 8a:e7:53:01:8b:13:f5:1d:70:4b:58:02:26:e0:b3:14:84:84: c5:d8:c5:c0:fb:ba:f0:f1:06:ba:d8:53:f0:3c:a8:1b:83:c1: f2:f6:0a:03 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQPDTsTOIYJU8kqSSRud4dBK7ijYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MDIxOVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYjM5Y2M4MjJmZWU3MzQ5ZTFlNTYz NWQ5YzNmYWM1M2FmZTQ2YThkNGMzZWM2OWYxOTkwM2ZhMjI1N2Q3ZmNkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBirVWP1A6Zfouw93GHLAmbJCDu+ 589Yinfg6C+9hiRLd1Umzsu/y5Nv6WhXlJiB44wZ/5F9g/e5Qb5lniEcAuRa2q0i A/wUTZ35BbxOrzhRN+ZDnHkx41kopb4otjxn9nZ2f277mHvZiZ+yLuNWje7UsQ9x Va4Jo5Ld/IIZpf9Z3Ase781sOuA7APZRp4rk9yWArmRVOtw/4RnKiqZr/KdOLTw3 XGdo1NCs9+br+CT9Xd3n8d12NYpYoNNNq+Gu11SgiZ6vlxFrprXfTKIYUGT/iagC Wf+QKJyWNgxjdbMKy9Qh6zeyVcvhslqN/KQO5DxEw5bQI17lX9jt90/MzwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKNx0ihPnbj+HM5gLzeRnyHeReU+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc2OGExZDM1LWRjYjAtNDk3Mi1iNWVlLTMzNzA4YjhlMDJkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8rDAMA0GCSqGSIb3DQEBCwUAA4IBAQA2E8t0XTCpkxqEbb47 K4hUzsBNC20Br1ydVBpDeZyFhSDkHpHv+Lx3r8EvozBi799VS+TcEBy1o95ZiQiF CC5Y60ohUFAe+ZETiPMQ20b/szfb1s1c0fom0ZkaVzAYB1rcCPU084jT6iVfVdDU nBzVnun4XTnguf5KB/KHl1Y1C6xqLCIoHqFi6PYzdqd8PlzFmNGi7a8Bhy3w2epc xBEhyRSZNG+Vyza3JxcosUgx7zjmXTa6T1yqI1V9fmXLuiOj+4mQ061K+Vj8aMRE 44/6kaYN9SW9G8GK51MBixP1HXBLWAIm4LMUhITF2MXA+7rw8Qa62FPwPKgbg8Hy 9goD -----END CERTIFICATE-----Generated at Thu Apr 17 17:57:44 2025 by rpki-client