$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/817269f2-96fa-459a-a02d-a57162c8041a.roa File: 817269f2-96fa-459a-a02d-a57162c8041a.roa (raw, json) Hash identifier: G4r1cRSdL6KiFfkwQj91CooknAMUPG9jQ5XI4WzLZQ8= Subject key identifier: 41:15:28:95:10:65:F1:59:FF:94:0F:09:BA:B7:17:A1:B5:AC:86:D0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7D17DB5D775050EB28694E128C4CB46B95BBE92E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/817269f2-96fa-459a-a02d-a57162c8041a.roa Signing time: Tue 25 Mar 2025 16:50:10 +0000 ROA not before: Tue 25 Mar 2025 16:50:10 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:17:db:5d:77:50:50:eb:28:69:4e:12:8c:4c:b4:6b:95:bb:e9:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:50:10 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=0785169be23a3a3420937878a37703640cb89e2be973bbb84f3bab4a1662eb81, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a2:50:e6:02:2e:3a:95:80:af:de:ec:aa:05: 5f:f8:fd:93:9c:9a:0f:d0:83:df:c3:c4:8f:ea:7e: bc:96:13:97:a4:06:a5:d5:42:23:2e:db:15:43:89: 33:72:63:ad:d5:47:0e:18:8d:c3:a7:7c:f5:85:97: a7:eb:9c:8c:16:ca:a1:17:b7:2d:29:bd:ff:31:70: 44:e3:16:e6:ad:3e:05:76:dc:e0:c7:80:97:0e:ae: 90:19:f0:3f:e3:90:b0:c9:52:ec:04:ff:3f:b3:5d: f8:c6:83:9e:99:a2:dc:ba:36:ac:05:2c:ba:70:a8: 57:fe:d2:3b:3a:1a:da:1a:e7:c8:c3:42:87:5f:b1: 90:46:68:f1:81:2a:91:80:13:e5:1f:cd:c9:86:d4: ff:6f:c0:15:ca:63:9d:b1:31:e0:f8:a0:cc:13:c5: d9:35:f4:b2:9b:e4:cd:3e:dc:ef:9b:e0:3b:f9:44: 7a:93:ae:44:5a:b7:9c:0d:84:2a:bb:1c:6f:35:2b: 2a:db:35:92:6f:12:bf:d5:33:74:43:69:b1:50:b4: b3:f4:de:04:a1:3c:61:1a:75:25:d4:03:17:2b:f2: 5f:8b:74:a3:3f:3f:54:34:57:06:01:2d:9e:8b:d2: d6:63:c2:49:34:c3:78:b4:d8:6a:9b:fd:e9:db:1a: 5c:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:15:28:95:10:65:F1:59:FF:94:0F:09:BA:B7:17:A1:B5:AC:86:D0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/817269f2-96fa-459a-a02d-a57162c8041a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1e::/32 Signature Algorithm: sha256WithRSAEncryption b1:82:63:99:fa:4c:a4:ab:e4:9a:8b:dc:b0:91:1a:1f:a3:74: b7:d4:20:14:e6:46:f5:80:96:3b:d7:34:a6:5a:45:0c:6e:de: 90:7c:67:8e:a7:c4:2b:69:3f:fa:43:fa:49:70:9d:08:69:4e: 00:ab:2e:b7:d8:cb:16:60:58:3d:f9:bb:37:fa:1c:99:17:8f: bb:cb:13:fb:9c:a6:34:03:d7:a8:99:fe:fb:0f:73:54:9d:2b: 8f:0d:6d:80:ce:85:7c:d6:63:e0:2c:04:59:55:d9:db:d5:5a: 56:c3:a3:4b:f8:22:10:cc:c7:21:a3:33:3e:3a:a5:fb:18:13: b8:06:71:5e:38:df:55:de:d9:6f:a0:e3:cd:27:cf:23:a7:ef: 61:0b:2f:de:4c:5f:8c:6a:13:65:81:f9:5a:e9:37:30:cc:62: ad:33:f1:3c:81:00:71:64:b9:c9:fb:db:92:04:a5:95:c9:af: 9d:e7:12:49:c2:91:ce:5e:35:20:df:3c:cc:e1:39:7a:6e:d5: e1:d0:42:36:52:8d:30:a1:af:1d:40:1c:73:07:60:07:27:8f: b2:fe:32:2b:84:ed:32:2a:ca:f0:4f:73:3e:c5:41:f4:bf:8c: 41:05:5e:5c:70:3d:43:b3:14:db:a3:bb:4e:5c:4d:df:b8:a3: 02:1c:d5:55 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUfRfbXXdQUOsoaU4SjEy0a5W76S4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NTAxMFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMDc4NTE2OWJlMjNhM2EzNDIwOTM3 ODc4YTM3NzAzNjQwY2I4OWUyYmU5NzNiYmI4NGYzYmFiNGExNjYyZWI4MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16JQ5gIuOpWAr97sqgVf+P2TnJoP 0IPfw8SP6n68lhOXpAal1UIjLtsVQ4kzcmOt1UcOGI3Dp3z1hZen65yMFsqhF7ct Kb3/MXBE4xbmrT4Fdtzgx4CXDq6QGfA/45CwyVLsBP8/s134xoOemaLcujasBSy6 cKhX/tI7OhraGufIw0KHX7GQRmjxgSqRgBPlH83JhtT/b8AVymOdsTHg+KDME8XZ NfSym+TNPtzvm+A7+UR6k65EWrecDYQquxxvNSsq2zWSbxK/1TN0Q2mxULSz9N4E oTxhGnUl1AMXK/Jfi3SjPz9UNFcGAS2ei9LWY8JJNMN4tNhqm/3p2xpcSQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFEEVKJUQZfFZ/5QPCbq3F6G1rIbQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxNzI2OWYyLTk2ZmEtNDU5YS1hMDJkLWE1NzE2MmM4MDQxYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaHjANBgkqhkiG9w0BAQsFAAOCAQEAsYJjmfpMpKvkmovcsJEa H6N0t9QgFOZG9YCWO9c0plpFDG7ekHxnjqfEK2k/+kP6SXCdCGlOAKsut9jLFmBY Pfm7N/ocmRePu8sT+5ymNAPXqJn++w9zVJ0rjw1tgM6FfNZj4CwEWVXZ29VaVsOj S/giEMzHIaMzPjql+xgTuAZxXjjfVd7Zb6DjzSfPI6fvYQsv3kxfjGoTZYH5Wuk3 MMxirTPxPIEAcWS5yfvbkgSllcmvnecSScKRzl41IN88zOE5em7V4dBCNlKNMKGv HUAccwdgByePsv4yK4TtMirK8E9zPsVB9L+MQQVeXHA9Q7MU26O7TlxN37ijAhzV VQ== -----END CERTIFICATE-----Generated at Thu Apr 17 17:34:02 2025 by rpki-client