$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa File: 84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa (raw, json) Hash identifier: sINapMhUy/xWTpo5K3Y/bnn4CHLmPeG0GY4ZGMfjC90= Subject key identifier: DF:61:18:2A:18:CB:BF:2F:B2:F4:66:5B:06:87:46:3D:F5:96:2D:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1CD1C626970347368844D5A0CC6BF232A00621A0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa Signing time: Tue 25 Mar 2025 00:40:49 +0000 ROA not before: Tue 25 Mar 2025 00:40:49 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:d1:c6:26:97:03:47:36:88:44:d5:a0:cc:6b:f2:32:a0:06:21:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:40:49 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=8bcf37ee0c2f61be9ec8ae19bf05795a834b60b0d143a1c5efc5a5796405dadd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:9a:8f:70:30:63:03:7d:52:4b:a7:75:97:86: 1d:3e:43:4f:07:a8:60:c4:99:d1:05:8e:22:b0:b8: 56:03:bf:81:76:c2:89:e5:14:07:2f:c4:63:87:04: f2:cb:e2:40:f7:5e:64:b2:1a:ba:9e:15:be:2d:ca: df:51:14:2e:63:c2:3c:df:f6:d8:d8:11:45:cf:be: 58:94:01:62:3b:76:ab:b6:3a:3b:55:df:33:4c:b9: 87:bb:db:14:1a:8b:88:b0:53:ba:a9:cb:0d:9f:26: ca:a8:f2:f4:4e:68:9c:1e:7e:e7:e1:76:72:cb:30: d2:21:2c:73:54:9c:ef:6d:3e:b4:e9:da:1c:03:44: 8a:d6:b6:22:c2:97:61:c8:1b:35:5b:ac:0c:5e:2c: 32:0c:6a:1b:b6:ed:b4:0c:d3:a2:a5:d2:d5:86:d5: 1c:e8:5f:a1:d6:44:ec:74:ec:08:73:84:ff:b2:a7: 9f:78:96:4f:84:a9:41:24:84:71:a2:e3:47:4b:f4: 44:d0:9c:68:fa:e4:d8:f1:3f:2c:ee:d7:e8:9d:46: 72:b3:80:ea:f2:b0:22:c5:a0:70:15:9e:78:91:16: 9f:f0:85:6b:1c:db:ee:ab:86:8e:3b:45:e2:aa:57: f9:4c:96:ba:a2:f2:18:e1:63:05:0d:06:6d:35:46: a3:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:61:18:2A:18:CB:BF:2F:B2:F4:66:5B:06:87:46:3D:F5:96:2D:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 61:03:fb:f8:ec:84:60:c0:49:41:d8:57:a0:91:a9:ea:e9:68: ba:c6:32:f3:75:4d:51:9a:ab:77:02:2c:26:56:15:1d:d3:d9: 33:f7:0e:6c:2d:8b:56:21:46:58:d7:1b:58:0e:99:65:4c:07: 7b:2e:6b:35:0c:04:91:b4:45:2f:e3:0b:1f:83:8f:a3:36:af: e0:cd:84:99:2e:ac:f9:20:48:22:fe:85:d3:be:53:f5:95:de: 51:ac:c2:8d:05:88:d0:82:9d:e1:0e:ad:f4:33:de:b7:26:4b: 41:2b:6d:94:3f:6c:1d:8d:27:4b:44:10:e2:3f:ff:44:ba:0d: 80:ed:b8:de:67:25:cf:c6:4a:9a:8a:99:14:07:9e:c3:1b:b4: 85:bd:b3:6e:f3:b0:0f:b1:65:00:15:93:07:d7:00:f8:28:a7: 8c:bf:a0:48:8c:79:ba:59:5f:41:d0:2d:ac:77:7c:d5:3f:0e: 69:d3:99:f2:47:e8:8a:b0:19:31:5c:e9:14:8e:2c:a0:db:f5: 3f:ea:f4:b4:75:6c:53:b7:04:ce:27:11:cf:04:35:c7:fb:53: b2:05:3a:ca:7a:7d:94:2d:2a:1f:c7:d8:25:40:43:79:df:80: 81:d3:f6:1e:d3:35:d4:e6:19:b7:1c:03:13:46:a6:22:19:85: ff:76:3e:2b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHNHGJpcDRzaIRNWgzGvyMqAGIaAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNDA0OVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAOGJjZjM3ZWUwYzJmNjFiZTllYzhh ZTE5YmYwNTc5NWE4MzRiNjBiMGQxNDNhMWM1ZWZjNWE1Nzk2NDA1ZGFkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJqPcDBjA31SS6d1l4YdPkNPB6hg xJnRBY4isLhWA7+BdsKJ5RQHL8RjhwTyy+JA915kshq6nhW+LcrfURQuY8I83/bY 2BFFz75YlAFiO3artjo7Vd8zTLmHu9sUGouIsFO6qcsNnybKqPL0TmicHn7n4XZy yzDSISxzVJzvbT606docA0SK1rYiwpdhyBs1W6wMXiwyDGobtu20DNOipdLVhtUc 6F+h1kTsdOwIc4T/sqefeJZPhKlBJIRxouNHS/RE0Jxo+uTY8T8s7tfonUZys4Dq 8rAixaBwFZ54kRaf8IVrHNvuq4aOO0Xiqlf5TJa6ovIY4WMFDQZtNUajlwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN9hGCoYy78vsvRmWwaHRj31li3VMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0Y2UxNGQ1LTdiZjgtNDYxMC04ZGFlLTBmMmVhNGNlODJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8oDAMA0GCSqGSIb3DQEBCwUAA4IBAQBhA/v47IRgwElB2Feg kanq6Wi6xjLzdU1Rmqt3AiwmVhUd09kz9w5sLYtWIUZY1xtYDpllTAd7Lms1DASR tEUv4wsfg4+jNq/gzYSZLqz5IEgi/oXTvlP1ld5RrMKNBYjQgp3hDq30M963JktB K22UP2wdjSdLRBDiP/9Eug2A7bjeZyXPxkqaipkUB57DG7SFvbNu87APsWUAFZMH 1wD4KKeMv6BIjHm6WV9B0C2sd3zVPw5p05nyR+iKsBkxXOkUjiyg2/U/6vS0dWxT twTOJxHPBDXH+1OyBTrKen2ULSofx9glQEN534CB0/Ye0zXU5hm3HAMTRqYiGYX/ dj4r -----END CERTIFICATE-----Generated at Thu Apr 17 18:07:07 2025 by rpki-client