$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81172d75-5a52-4f36-88ec-3f25283c8dba.roa File: 81172d75-5a52-4f36-88ec-3f25283c8dba.roa (raw, json) Hash identifier: rsSXgWkzM1+aL7gzJx60S/PiM5ODdv1Y/4bPM0wdqEQ= Subject key identifier: D3:98:6C:23:EF:05:3A:AD:3B:B3:AA:53:3C:5B:E8:ED:1B:6A:0F:36 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 226C3D3FD622DECA48F3E482F4489B5191E78714 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81172d75-5a52-4f36-88ec-3f25283c8dba.roa Signing time: Tue 25 Mar 2025 00:41:01 +0000 ROA not before: Tue 25 Mar 2025 00:41:01 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:6c:3d:3f:d6:22:de:ca:48:f3:e4:82:f4:48:9b:51:91:e7:87:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:41:01 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=ba48a4530d4ea6b5970b6d22db9854fa54e7e18cdbcb8fde41b6457acaf9ea84, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:3c:ab:38:60:e8:98:76:11:13:0c:7f:2e:b1: 0a:81:c7:28:0e:3f:34:72:99:6c:e9:6f:e5:2f:d7: 98:4c:bb:36:4b:30:2d:42:0d:ea:4c:b2:e1:ef:04: 16:cb:e5:5f:fa:6d:b3:86:64:05:82:b7:27:85:1f: c9:1c:da:9a:ec:a5:7a:e2:b8:5f:4b:a9:c2:1a:50: fb:27:89:ab:de:06:eb:5a:1c:0a:eb:fb:f1:4b:71: 2d:3d:ce:03:66:97:36:db:05:e5:c3:50:6d:b7:a0: 18:0c:e9:41:21:03:8d:2b:32:ca:75:9b:ff:e2:c4: 39:aa:06:5f:f7:1e:c1:a8:ea:b8:5e:26:61:af:d0: 4c:33:7c:da:73:81:2a:72:f8:67:ba:58:f6:1b:b2: 6a:19:d3:c8:2f:db:e7:ce:d1:66:06:d0:f5:d4:5f: b1:9c:94:bf:51:87:e2:c9:bc:f6:de:c0:61:69:71: d1:f7:f7:83:bf:cd:a3:6f:66:b8:31:ef:39:07:13: 7c:1a:34:41:16:90:29:f4:47:d0:c7:7d:05:3b:c6: f3:1e:e3:e6:06:86:95:9e:fb:22:b4:a2:60:2b:f1: b3:ce:46:e7:11:3d:d9:98:1c:c2:74:99:26:67:31: ad:e1:4d:94:7e:42:94:47:ff:f8:9f:23:a7:20:48: fa:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:98:6C:23:EF:05:3A:AD:3B:B3:AA:53:3C:5B:E8:ED:1B:6A:0F:36 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81172d75-5a52-4f36-88ec-3f25283c8dba.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:8800::/40 Signature Algorithm: sha256WithRSAEncryption ad:4d:24:f6:66:32:fa:6e:1b:4d:c2:96:ff:5e:1e:fc:d8:09: 1d:7f:3e:8b:4b:ea:ef:92:45:58:30:ff:42:a8:8f:79:56:1e: a3:2f:e9:f8:6c:37:ae:5c:3d:a0:c3:25:3b:0d:aa:dd:3a:ab: 9d:12:10:85:3e:a0:81:b5:d8:1f:2f:13:4d:29:50:07:81:40: 50:32:8e:16:26:cf:ac:b3:c6:2d:c7:fb:7f:9d:df:56:70:bb: fc:46:29:46:cd:29:1b:32:79:70:b8:34:26:8a:58:40:31:25: 52:02:d8:35:2c:47:a6:e7:7f:ce:f8:35:97:72:bb:88:e2:a8: b6:00:a0:1b:43:eb:e3:55:dd:1b:75:45:81:0c:6b:1c:0b:31: 4d:b3:31:76:7b:3f:be:30:89:e8:b9:ce:f7:d9:f9:0b:fe:8c: 03:26:35:a9:fd:8e:d1:9e:80:1f:89:45:13:30:cd:64:3a:bb: ed:3d:ea:c8:ed:13:93:31:69:b3:5d:53:f9:a4:1e:ca:f7:a9: 42:11:43:1e:b2:98:0d:b0:a0:78:76:7c:84:43:a1:89:73:67: 9f:40:72:06:c3:0f:79:a7:c1:17:02:ba:73:ae:7f:67:3b:c6: b1:b7:28:c1:3e:b7:5c:12:5a:b3:a7:a7:91:05:6d:ba:65:f1: 55:00:47:53 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUImw9P9Yi3spI8+SC9EibUZHnhxQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNDEwMVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYmE0OGE0NTMwZDRlYTZiNTk3MGI2 ZDIyZGI5ODU0ZmE1NGU3ZTE4Y2RiY2I4ZmRlNDFiNjQ1N2FjYWY5ZWE4NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DyrOGDomHYREwx/LrEKgccoDj80 cpls6W/lL9eYTLs2SzAtQg3qTLLh7wQWy+Vf+m2zhmQFgrcnhR/JHNqa7KV64rhf S6nCGlD7J4mr3gbrWhwK6/vxS3EtPc4DZpc22wXlw1Btt6AYDOlBIQONKzLKdZv/ 4sQ5qgZf9x7BqOq4XiZhr9BMM3zac4Eqcvhnulj2G7JqGdPIL9vnztFmBtD11F+x nJS/UYfiybz23sBhaXHR9/eDv82jb2a4Me85BxN8GjRBFpAp9EfQx30FO8bzHuPm BoaVnvsitKJgK/GzzkbnET3ZmBzCdJkmZzGt4U2UfkKUR//4nyOnIEj66QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNOYbCPvBTqtO7OqUzxb6O0bag82MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxMTcyZDc1LTVhNTItNGYzNi04OGVjLTNmMjUyODNjOGRiYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYYgwDQYJKoZIhvcNAQELBQADggEBAK1NJPZmMvpuG03Clv9e HvzYCR1/PotL6u+SRVgw/0Koj3lWHqMv6fhsN65cPaDDJTsNqt06q50SEIU+oIG1 2B8vE00pUAeBQFAyjhYmz6yzxi3H+3+d31Zwu/xGKUbNKRsyeXC4NCaKWEAxJVIC 2DUsR6bnf874NZdyu4jiqLYAoBtD6+NV3Rt1RYEMaxwLMU2zMXZ7P74wiei5zvfZ +Qv+jAMmNan9jtGegB+JRRMwzWQ6u+096sjtE5MxabNdU/mkHsr3qUIRQx6ymA2w oHh2fIRDoYlzZ59AcgbDD3mnwRcCunOuf2c7xrG3KME+t1wSWrOnp5EFbbpl8VUA R1M= -----END CERTIFICATE-----Generated at Thu Apr 17 17:53:14 2025 by rpki-client