$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7aea9a9f-13ed-40f9-9c2d-72c00a3b17c9.roa File: 7aea9a9f-13ed-40f9-9c2d-72c00a3b17c9.roa (raw, json) Hash identifier: KjfEqlKAT54K/9mwF4O1MvvdYwe1B64IX3QE5Mg+3tE= Subject key identifier: DF:B5:52:35:A3:29:89:A6:AB:EB:90:4B:D4:56:CD:3E:18:2F:55:F0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24C9C5A75403D5268D7944B8042EF3F91F142165 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7aea9a9f-13ed-40f9-9c2d-72c00a3b17c9.roa Signing time: Tue 25 Mar 2025 16:50:48 +0000 ROA not before: Tue 25 Mar 2025 16:50:48 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da17:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:c9:c5:a7:54:03:d5:26:8d:79:44:b8:04:2e:f3:f9:1f:14:21:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:50:48 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=4201d76da647dc51c4f295134265488845759a2aa91cbe79bf72e899fd17ac6f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:07:dc:ec:2d:f9:1e:e8:8f:44:6a:68:94:56: e2:06:2e:66:04:74:be:a5:da:cc:7d:c5:ff:c6:d8: 28:d6:bf:d1:da:c8:06:f9:3a:03:cb:24:7c:c4:9d: 97:d0:34:bd:c0:e6:0b:a4:6e:bd:11:bf:ca:c6:4c: 9d:32:60:f6:6e:31:ad:26:25:ec:1a:a5:9a:b9:0f: 87:f4:6b:97:af:98:88:c1:77:b0:98:17:53:69:4a: b8:2e:94:c6:5c:b9:30:d8:b1:1f:5d:5e:d7:ca:e7: 52:9f:4e:f3:17:69:8d:6e:fb:df:93:02:c4:11:b9: 69:bf:0d:5f:f0:21:ce:fb:98:70:0b:46:d7:35:29: 84:25:ba:b3:a9:79:94:4b:82:50:c8:ab:f9:ee:73: c6:f3:32:4c:73:09:bc:31:d0:e0:f3:98:e0:09:1c: 71:a3:34:0b:08:db:76:50:75:a9:bb:25:3d:d9:4e: 3e:56:25:1a:30:13:66:7f:b8:32:c4:cc:75:ae:20: 9d:55:e0:2b:e4:31:a2:98:a6:04:59:38:d6:4c:94: fa:a8:3e:1e:18:ca:69:22:15:e3:94:91:22:43:93: 76:13:d7:34:54:10:8a:f4:5f:4d:05:37:a6:88:d9: 66:c0:a3:0f:2d:a9:49:a5:0b:2e:54:2a:1a:8e:3a: ff:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:B5:52:35:A3:29:89:A6:AB:EB:90:4B:D4:56:CD:3E:18:2F:55:F0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7aea9a9f-13ed-40f9-9c2d-72c00a3b17c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da17:400::/38 Signature Algorithm: sha256WithRSAEncryption 4d:fe:19:86:96:31:f2:7e:37:d6:6a:ef:9b:f5:85:b7:a1:87: 58:93:ff:5a:fc:43:85:95:41:88:cf:b6:3b:6d:6d:0b:4e:8b: 99:57:43:50:9c:86:5f:44:c1:83:37:ab:8b:06:58:23:24:3c: e9:47:f2:27:9c:a5:16:b6:ed:35:dd:bf:7d:62:0b:59:e2:0b: e9:f4:e4:cb:52:32:02:f5:e3:f9:c0:e2:f7:e9:1e:6e:bd:22: 92:63:a3:2a:79:a7:9a:a2:8d:5c:bc:27:97:a6:f5:95:96:88: b7:ae:e3:44:40:c4:6e:0a:c6:b2:fb:5a:e1:25:42:37:db:c0: 13:21:b8:2e:1f:b7:b3:ce:d8:08:90:2a:ef:95:2b:b1:8a:db: 9e:59:c2:5f:a0:62:79:07:6c:70:81:f3:bd:45:15:e9:b7:bb: c4:a4:fa:7f:4c:da:0b:be:a7:18:24:4e:86:98:a8:af:42:64: 8f:3d:99:48:02:c4:44:15:bb:72:a1:d9:c4:cc:5e:79:4c:e8: 1e:98:95:1e:cb:f1:9b:76:72:0b:5e:8d:65:83:28:95:b8:1a: 8c:8d:23:2e:a5:e0:ad:d9:f1:9d:a7:d7:d7:63:98:50:48:2a: 7f:d3:ee:74:a3:17:e8:dc:48:f6:0b:68:2a:97:f6:15:2c:78: ff:34:6d:03 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJMnFp1QD1SaNeUS4BC7z+R8UIWUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NTA0OFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANDIwMWQ3NmRhNjQ3ZGM1MWM0ZjI5 NTEzNDI2NTQ4ODg0NTc1OWEyYWE5MWNiZTc5YmY3MmU4OTlmZDE3YWM2ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wfc7C35HuiPRGpolFbiBi5mBHS+ pdrMfcX/xtgo1r/R2sgG+ToDyyR8xJ2X0DS9wOYLpG69Eb/KxkydMmD2bjGtJiXs GqWauQ+H9GuXr5iIwXewmBdTaUq4LpTGXLkw2LEfXV7XyudSn07zF2mNbvvfkwLE Eblpvw1f8CHO+5hwC0bXNSmEJbqzqXmUS4JQyKv57nPG8zJMcwm8MdDg85jgCRxx ozQLCNt2UHWpuyU92U4+ViUaMBNmf7gyxMx1riCdVeAr5DGimKYEWTjWTJT6qD4e GMppIhXjlJEiQ5N2E9c0VBCK9F9NBTemiNlmwKMPLalJpQsuVCoajjr/OQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN+1UjWjKYmmq+uQS9RWzT4YL1XwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdhZWE5YTlmLTEzZWQtNDBmOS05YzJkLTcyYzAwYTNiMTdjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFwQwDQYJKoZIhvcNAQELBQADggEBAE3+GYaWMfJ+N9Zq75v1 hbehh1iT/1r8Q4WVQYjPtjttbQtOi5lXQ1Cchl9EwYM3q4sGWCMkPOlH8iecpRa2 7TXdv31iC1niC+n05MtSMgL14/nA4vfpHm69IpJjoyp5p5qijVy8J5em9ZWWiLeu 40RAxG4KxrL7WuElQjfbwBMhuC4ft7PO2AiQKu+VK7GK255Zwl+gYnkHbHCB871F Fem3u8Sk+n9M2gu+pxgkToaYqK9CZI89mUgCxEQVu3Kh2cTMXnlM6B6YlR7L8Zt2 cgtejWWDKJW4GoyNIy6l4K3Z8Z2n19djmFBIKn/T7nSjF+jcSPYLaCqX9hUseP80 bQM= -----END CERTIFICATE-----Generated at Thu Apr 17 17:31:44 2025 by rpki-client