$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/797893b8-c104-4c3c-a4c9-4fe82cad340d.roa File: 797893b8-c104-4c3c-a4c9-4fe82cad340d.roa (raw, json) Hash identifier: vodX0inOoZrpxkO/FFDTgATa25v1drmBR54VKu68xas= Subject key identifier: 28:C0:25:3A:3B:C8:A3:4C:89:AE:9D:29:35:67:57:70:8F:64:DB:72 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4A7635A921537E73393A5527B8A23786E97D4F12 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/797893b8-c104-4c3c-a4c9-4fe82cad340d.roa Signing time: Mon 24 Mar 2025 15:20:06 +0000 ROA not before: Mon 24 Mar 2025 15:20:06 +0000 ROA not after: Mon 28 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:8840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:76:35:a9:21:53:7e:73:39:3a:55:27:b8:a2:37:86:e9:7d:4f:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 24 15:20:06 2025 GMT Not After : Apr 28 23:59:59 2025 GMT Subject: serialNumber=d64cf429bef65b3658ed4ec3ce525624b6f267d46324b1047df9c81b446ae0c4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:01:d1:47:32:c1:ca:1b:d1:d7:62:c7:2b:95: ee:f3:b1:6a:9b:31:04:84:08:7b:bd:dd:2e:05:2e: 8f:7a:b3:62:21:50:eb:15:6c:0c:58:61:4b:ed:a1: d9:6a:c2:48:02:64:29:d0:45:d2:f9:d4:ea:f5:91: a7:67:02:95:95:b4:6f:65:08:50:9e:3d:eb:55:3c: 5a:79:ab:34:37:1e:4a:19:7c:83:bb:5c:a7:8d:1a: dd:d7:da:96:5f:d3:7a:f2:f2:98:1d:b8:01:b1:ee: e5:59:74:83:b3:97:cf:95:29:72:38:62:9b:c6:48: d6:df:f2:f4:d7:19:45:52:8d:eb:9c:3c:3e:02:62: 16:2e:bd:4a:0e:87:5a:a7:97:b5:29:de:b4:b6:79: ad:2a:01:31:5d:6c:5e:03:fb:a9:2f:96:08:ef:65: 23:b4:b4:d9:d0:af:b2:5b:c4:56:12:d7:76:6d:29: a4:35:82:1f:f0:46:aa:d7:e9:c7:ab:37:c2:0b:3f: 5b:a1:6f:fe:cb:bf:84:77:e6:2b:2f:3e:61:93:8a: 3a:38:97:de:a7:d7:5e:ae:9a:ca:f8:32:7d:15:cb: 13:f0:f8:00:70:dc:00:4c:cb:4e:fa:27:bd:bc:50: 1d:7c:aa:56:b8:0d:49:4f:f2:91:59:5a:ad:39:74: b0:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:C0:25:3A:3B:C8:A3:4C:89:AE:9D:29:35:67:57:70:8F:64:DB:72 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/797893b8-c104-4c3c-a4c9-4fe82cad340d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:8840::/48 Signature Algorithm: sha256WithRSAEncryption 34:3f:cc:30:85:22:c1:d1:7a:0f:73:01:1d:84:48:71:bd:f3: ba:47:be:7e:89:1f:cb:f5:7d:44:90:65:ab:9b:b1:f7:d2:2c: e2:8f:c6:6f:33:37:ca:96:57:c2:ca:3d:ca:da:80:73:40:7e: d6:0f:6e:32:cc:2d:92:69:3a:7c:60:42:1f:61:8d:f2:eb:5a: f0:62:28:75:45:b7:30:81:35:dc:0c:2a:75:ce:1f:cb:ac:48: 18:d9:b7:69:90:70:b1:ad:03:54:a3:95:7b:db:3f:d7:7e:1b: 4b:30:09:32:04:d2:f4:fd:fe:a8:04:ed:24:53:0b:3d:43:29: 7e:73:aa:91:ab:a8:30:91:68:da:4f:76:12:02:c5:50:a8:ce: be:e1:a6:88:1e:04:14:24:0c:e7:0c:6f:7e:7e:1e:49:9a:88: 42:a9:48:2c:9f:5e:9c:c7:a7:60:4c:b0:03:d8:e7:9e:5c:1a: 8a:f8:9d:ce:e5:8c:b3:cd:84:bc:ac:9d:28:3e:08:db:5a:52: 73:6a:9a:6d:35:48:44:11:a4:4e:58:05:02:17:90:91:f6:fd: 6e:ca:2c:1b:a2:8d:e3:2e:46:a6:a8:33:42:78:6c:a0:f4:2d: 57:bc:95:47:a0:1b:7a:2d:96:b0:d5:7b:44:ab:b4:e0:3c:09: 7e:a6:a8:ba -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSnY1qSFTfnM5OlUnuKI3hul9TxIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNDE1MjAwNloX DTI1MDQyODIzNTk1OVowejFJMEcGA1UEBRNAZDY0Y2Y0MjliZWY2NWIzNjU4ZWQ0 ZWMzY2U1MjU2MjRiNmYyNjdkNDYzMjRiMTA0N2RmOWM4MWI0NDZhZTBjNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwHRRzLByhvR12LHK5Xu87FqmzEE hAh7vd0uBS6PerNiIVDrFWwMWGFL7aHZasJIAmQp0EXS+dTq9ZGnZwKVlbRvZQhQ nj3rVTxaeas0Nx5KGXyDu1ynjRrd19qWX9N68vKYHbgBse7lWXSDs5fPlSlyOGKb xkjW3/L01xlFUo3rnDw+AmIWLr1KDodap5e1Kd60tnmtKgExXWxeA/upL5YI72Uj tLTZ0K+yW8RWEtd2bSmkNYIf8Eaq1+nHqzfCCz9boW/+y7+Ed+YrLz5hk4o6OJfe p9derprK+DJ9FcsT8PgAcNwATMtO+ie9vFAdfKpWuA1JT/KRWVqtOXSwYQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCjAJTo7yKNMia6dKTVnV3CPZNtyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5Nzg5M2I4LWMxMDQtNGMzYy1hNGM5LTRmZTgyY2FkMzQwZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYYhAMA0GCSqGSIb3DQEBCwUAA4IBAQA0P8wwhSLB0XoPcwEd hEhxvfO6R75+iR/L9X1EkGWrm7H30izij8ZvMzfKllfCyj3K2oBzQH7WD24yzC2S aTp8YEIfYY3y61rwYih1RbcwgTXcDCp1zh/LrEgY2bdpkHCxrQNUo5V72z/XfhtL MAkyBNL0/f6oBO0kUws9Qyl+c6qRq6gwkWjaT3YSAsVQqM6+4aaIHgQUJAznDG9+ fh5JmohCqUgsn16cx6dgTLAD2OeeXBqK+J3O5YyzzYS8rJ0oPgjbWlJzapptNUhE EaROWAUCF5CR9v1uyiwboo3jLkamqDNCeGyg9C1XvJVHoBt6LZaw1XtEq7TgPAl+ pqi6 -----END CERTIFICATE-----Generated at Thu Apr 17 17:26:54 2025 by rpki-client