$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/793c08d0-65bf-4078-a267-d0adfdb54fc8.roa File: 793c08d0-65bf-4078-a267-d0adfdb54fc8.roa (raw, json) Hash identifier: JOg2V1iUdz9FeBcGQiP+1epXDilxzb+TpKSkAgi31As= Subject key identifier: 5C:9E:7D:39:87:C6:5D:31:0B:EE:68:1A:34:C1:87:86:34:0C:03:A9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 69F4B709487E1CA623BAF1E7D7C9568C979AEEE3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/793c08d0-65bf-4078-a267-d0adfdb54fc8.roa Signing time: Tue 25 Mar 2025 00:51:28 +0000 ROA not before: Tue 25 Mar 2025 00:51:28 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:f4:b7:09:48:7e:1c:a6:23:ba:f1:e7:d7:c9:56:8c:97:9a:ee:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:51:28 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=8c1012d671015b4657901ebc0ab128a6098fe3e28bb467db45268af7d22958ad, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:4b:08:79:a2:9d:52:0c:61:01:c6:b4:80:d0: 2d:42:e1:af:6e:0f:62:73:1b:89:cc:fa:26:91:4f: 3b:98:58:21:02:b3:a6:cd:18:7b:25:39:1b:55:84: 76:9e:f6:fd:d2:25:6d:98:93:b4:bd:42:2c:e4:f2: 16:c8:5e:d0:47:4e:b6:a4:1e:26:2f:5b:07:3e:8e: de:1f:90:38:60:33:23:b4:40:d2:c9:cb:34:41:89: 90:0c:f5:0c:ee:37:11:80:b5:8d:42:bd:b9:64:0b: 9c:f3:ea:b7:18:75:7f:66:6f:c2:ee:b0:5c:e3:aa: 61:bf:b0:6d:4f:4d:b1:ec:80:75:21:e0:c5:47:7a: 3d:bf:78:4b:62:69:ab:8a:4f:31:af:e8:bf:c3:68: 4c:5f:ac:eb:e6:6b:2a:c5:f9:9f:7b:cd:59:a3:38: 46:cf:a9:25:ff:68:68:7e:c5:2e:8e:9f:12:07:2f: 80:5f:58:5d:40:ea:be:d5:6c:12:ae:8a:07:62:34: 7b:d3:27:db:a9:af:c2:ea:81:24:d0:5d:23:7d:c8: c5:77:1b:10:cf:fa:12:ad:c4:bb:53:d0:8d:b4:5f: a4:1f:fb:70:dd:90:a9:d2:79:5b:05:66:2c:4d:f5: 65:5c:d7:e4:27:45:92:bd:88:dd:de:3f:39:d9:32: 21:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:9E:7D:39:87:C6:5D:31:0B:EE:68:1A:34:C1:87:86:34:0C:03:A9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/793c08d0-65bf-4078-a267-d0adfdb54fc8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4080::/48 Signature Algorithm: sha256WithRSAEncryption 91:ce:76:45:cb:86:1f:52:6a:f7:f9:75:54:c3:c6:4f:ec:f5: 08:09:df:ff:3e:6b:b2:26:98:76:90:4b:75:7d:86:51:6d:a7: 0a:3e:46:84:9c:5b:54:52:9e:3e:b0:3c:bd:9d:ec:f7:94:db: a8:e9:53:7a:79:04:b2:c0:30:d9:cf:bc:89:5f:da:84:8e:cb: 0c:d3:09:64:3a:7c:55:62:12:89:f6:fb:62:65:49:61:27:18: e6:2d:a1:31:f1:24:e6:28:92:9f:84:67:2a:6f:af:7f:e2:43: 8e:ea:3c:d7:ce:58:61:37:62:ad:62:fb:b1:e3:ae:fd:d5:7f: a7:e4:7b:d1:9f:14:26:3c:e1:da:6e:bc:d1:86:e7:e6:c0:fc: fa:7c:f1:fc:bb:d9:f3:e6:a8:6a:5d:8e:22:cb:bb:ce:54:ad: a2:dc:90:30:32:a6:c2:90:40:cf:29:02:24:81:7b:16:35:40: cc:14:d8:1a:f6:d0:78:f4:1c:34:34:06:ce:b6:d0:f0:50:38: bd:66:83:72:8f:50:11:4a:8f:9c:c8:2c:9b:77:c8:b2:d7:de: 20:bb:ff:fe:4a:c0:92:8b:03:e7:a3:1b:d5:03:06:5f:64:b0: a0:3f:8b:b2:b9:04:d7:73:26:0b:f8:e2:91:2a:c6:a9:70:55: 28:fa:34:7b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUafS3CUh+HKYjuvHn18lWjJea7uMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNTEyOFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAOGMxMDEyZDY3MTAxNWI0NjU3OTAx ZWJjMGFiMTI4YTYwOThmZTNlMjhiYjQ2N2RiNDUyNjhhZjdkMjI5NThhZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEsIeaKdUgxhAca0gNAtQuGvbg9i cxuJzPomkU87mFghArOmzRh7JTkbVYR2nvb90iVtmJO0vUIs5PIWyF7QR062pB4m L1sHPo7eH5A4YDMjtEDSycs0QYmQDPUM7jcRgLWNQr25ZAuc8+q3GHV/Zm/C7rBc 46phv7BtT02x7IB1IeDFR3o9v3hLYmmrik8xr+i/w2hMX6zr5msqxfmfe81ZozhG z6kl/2hofsUujp8SBy+AX1hdQOq+1WwSrooHYjR70yfbqa/C6oEk0F0jfcjFdxsQ z/oSrcS7U9CNtF+kH/tw3ZCp0nlbBWYsTfVlXNfkJ0WSvYjd3j852TIhzQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFyefTmHxl0xC+5oGjTBh4Y0DAOpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5M2MwOGQwLTY1YmYtNDA3OC1hMjY3LWQwYWRmZGI1NGZjOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQCRznZFy4YfUmr3+XVU w8ZP7PUICd//PmuyJph2kEt1fYZRbacKPkaEnFtUUp4+sDy9nez3lNuo6VN6eQSy wDDZz7yJX9qEjssM0wlkOnxVYhKJ9vtiZUlhJxjmLaEx8STmKJKfhGcqb69/4kOO 6jzXzlhhN2KtYvux46791X+n5HvRnxQmPOHabrzRhufmwPz6fPH8u9nz5qhqXY4i y7vOVK2i3JAwMqbCkEDPKQIkgXsWNUDMFNga9tB49Bw0NAbOttDwUDi9ZoNyj1AR So+cyCybd8iy194gu//+SsCSiwPnoxvVAwZfZLCgP4uyuQTXcyYL+OKRKsapcFUo +jR7 -----END CERTIFICATE-----Generated at Thu Apr 17 18:00:11 2025 by rpki-client