$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7cd1e7c3-243e-4be8-b49a-8e8be60aeba7.roa File: 7cd1e7c3-243e-4be8-b49a-8e8be60aeba7.roa (raw, json) Hash identifier: aN8AcGYVrhsjzS2m5XPX43acckmSTgcbLxpkHWi4+ZA= Subject key identifier: 87:66:35:A0:6E:48:E6:9E:CC:C8:74:93:6F:14:38:06:72:C4:8A:21 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 12EAD3A4664137F06FE4CEE17EDE460B75C58F40 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7cd1e7c3-243e-4be8-b49a-8e8be60aeba7.roa Signing time: Tue 25 Mar 2025 16:50:18 +0000 ROA not before: Tue 25 Mar 2025 16:50:18 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da18:8000::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:ea:d3:a4:66:41:37:f0:6f:e4:ce:e1:7e:de:46:0b:75:c5:8f:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:50:18 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=ab5a4e2dae15f1a641af7537d84f891162712e35aaf3757cff7e2f64e5971430, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b1:04:27:19:7a:ae:06:ce:33:b5:8d:e3:e9: a2:64:93:03:97:41:65:70:19:8f:28:d8:b8:c6:d3: 24:d6:f7:0b:6d:97:b9:4a:eb:f8:ee:c8:4a:15:f2: 5e:13:87:db:a5:d0:58:91:f8:0a:91:4e:cd:9a:d7: ac:d8:a1:5a:87:e6:8d:62:4e:d4:cb:cc:00:4c:48: 29:05:63:b2:e1:62:de:bf:04:8d:22:26:a9:6f:30: 28:c9:ba:e9:72:73:ac:19:4d:b2:89:ab:16:9b:c5: 84:f0:10:8b:8c:86:4b:92:31:75:75:0f:32:2f:c2: 5e:49:ca:77:36:e2:9f:a5:ea:8a:f3:34:f7:75:55: 84:c6:8e:ad:b6:53:00:2e:c4:14:bb:d0:0c:17:2a: 23:6b:5e:fc:7c:a7:1b:4e:5e:92:39:d6:d4:ae:0a: 63:97:67:01:f0:99:0f:72:58:e8:55:e5:74:8f:82: 4e:42:4d:23:65:71:7a:01:f1:41:8f:b3:be:2b:3d: 9c:3d:21:d4:6d:e3:77:72:84:8d:fd:ce:53:77:56: fa:17:9d:8b:02:6d:60:5e:ca:cb:b8:43:48:7a:29: c5:8c:fc:7c:91:63:42:28:b6:42:75:99:39:3f:5c: 55:91:1b:aa:ea:fd:c1:d4:02:a1:b7:5e:b4:ee:c6: e2:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:66:35:A0:6E:48:E6:9E:CC:C8:74:93:6F:14:38:06:72:C4:8A:21 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7cd1e7c3-243e-4be8-b49a-8e8be60aeba7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da18:8000::/37 Signature Algorithm: sha256WithRSAEncryption 99:35:32:53:ad:4e:d3:c9:87:87:09:1f:dc:8e:c6:81:c4:eb: 70:5c:20:4e:e0:d0:d6:0f:fd:5a:9b:c7:d4:53:50:1d:02:1b: c7:e7:3b:fd:6e:b4:eb:fb:1b:b3:5f:d7:83:9b:8e:54:80:81: f4:72:fc:bb:77:93:39:02:68:8d:a5:e0:ef:37:e2:aa:c3:da: cf:2d:fe:17:8d:78:f3:13:79:b9:f8:8c:18:43:55:76:58:22: a1:c6:6b:5c:03:de:94:82:39:60:47:e1:78:c9:cf:a5:89:c1: f8:4e:c2:f0:69:89:53:69:12:f4:46:5c:7b:72:4e:63:66:0e: 76:08:50:f2:dd:a5:c6:5c:d0:20:0d:d3:c3:da:be:72:9e:5b: 09:e2:ba:96:37:66:c9:2b:b7:55:ab:c7:50:f7:c9:f3:d4:33: 3d:14:2b:3c:e4:94:fb:89:66:29:f6:be:3c:8e:f9:06:b6:c3: 80:86:85:ce:09:9c:60:5c:1c:56:52:48:1d:a7:26:46:32:15: e8:7b:8a:83:31:26:0b:52:83:f7:6d:8b:79:a8:44:ae:8d:d1: 3e:f8:02:26:67:e3:22:17:64:3e:4b:ea:e1:77:bd:3b:7a:5e: 27:65:24:79:cd:76:00:f6:50:a9:61:d6:3b:f8:3b:8d:e6:dd: cb:cf:8d:09 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEurTpGZBN/Bv5M7hft5GC3XFj0AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NTAxOFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYWI1YTRlMmRhZTE1ZjFhNjQxYWY3 NTM3ZDg0Zjg5MTE2MjcxMmUzNWFhZjM3NTdjZmY3ZTJmNjRlNTk3MTQzMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrEEJxl6rgbOM7WN4+miZJMDl0Fl cBmPKNi4xtMk1vcLbZe5Suv47shKFfJeE4fbpdBYkfgKkU7Nmtes2KFah+aNYk7U y8wATEgpBWOy4WLevwSNIiapbzAoybrpcnOsGU2yiasWm8WE8BCLjIZLkjF1dQ8y L8JeScp3NuKfpeqK8zT3dVWExo6ttlMALsQUu9AMFyoja178fKcbTl6SOdbUrgpj l2cB8JkPcljoVeV0j4JOQk0jZXF6AfFBj7O+Kz2cPSHUbeN3coSN/c5Td1b6F52L Am1gXsrLuENIeinFjPx8kWNCKLZCdZk5P1xVkRuq6v3B1AKht1607sbi3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIdmNaBuSOaezMh0k28UOAZyxIohMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdjZDFlN2MzLTI0M2UtNGJlOC1iNDlhLThlOGJlNjBhZWJhNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYDJAbaGIAwDQYJKoZIhvcNAQELBQADggEBAJk1MlOtTtPJh4cJH9yO xoHE63BcIE7g0NYP/Vqbx9RTUB0CG8fnO/1utOv7G7Nf14ObjlSAgfRy/Lt3kzkC aI2l4O834qrD2s8t/heNePMTebn4jBhDVXZYIqHGa1wD3pSCOWBH4XjJz6WJwfhO wvBpiVNpEvRGXHtyTmNmDnYIUPLdpcZc0CAN08PavnKeWwniupY3Zskrt1Wrx1D3 yfPUMz0UKzzklPuJZin2vjyO+Qa2w4CGhc4JnGBcHFZSSB2nJkYyFeh7ioMxJgtS g/dti3moRK6N0T74AiZn4yIXZD5L6uF3vTt6XidlJHnNdgD2UKlh1jv4O43m3cvP jQk= -----END CERTIFICATE-----Generated at Thu Apr 17 17:31:39 2025 by rpki-client