$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa File: 8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa (raw, json) Hash identifier: jLa/M3+OrFqLjPTd1XeFf7ULRCB4eFTSbhkORC4tGYA= Subject key identifier: 10:61:94:56:FE:C9:03:6E:E9:44:EA:38:7F:51:82:C0:09:70:03:2A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 470384D3EA757B6EAEA2EF106D080CE2F4CF6B90 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa Signing time: Tue 25 Mar 2025 15:51:59 +0000 ROA not before: Tue 25 Mar 2025 15:51:59 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:03:84:d3:ea:75:7b:6e:ae:a2:ef:10:6d:08:0c:e2:f4:cf:6b:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:51:59 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=d72bf5f08f82165e7444cbfad36a9f3ccfd2e2d2a3208295f755a601fe95d49f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c9:dd:2b:ec:a3:47:99:ba:27:52:a3:d0:ae: 38:e9:c3:12:e8:c7:b3:bd:d7:e8:82:f6:6d:e8:68: d2:93:b3:c3:38:de:4a:a9:7e:e8:8e:90:38:94:e6: 2d:b4:08:a6:7d:04:6e:c6:ad:fe:b3:3f:fd:b4:2b: 36:cb:03:71:7f:1e:92:4d:e4:ea:60:11:72:ae:53: 36:08:a9:71:c8:f2:92:65:dc:24:38:f6:15:ac:c5: 80:11:a8:32:8c:1c:bd:28:08:2d:5c:47:45:d1:4e: 11:4d:cb:17:01:8f:c0:95:ca:43:cb:10:54:37:52: 3f:52:f9:9e:c1:d4:fe:1b:18:be:f6:f7:5d:1c:5c: e4:cc:0d:50:0e:4c:00:6f:fc:ba:03:22:d4:4b:6e: 7d:99:6c:62:59:a4:8e:77:fe:a9:4a:6e:b3:4f:27: a1:3e:88:b3:45:7d:ee:84:6b:21:29:53:16:b5:5d: aa:27:2f:ed:86:36:ec:48:29:b6:fd:2d:c8:44:4f: 9d:06:e3:ea:52:aa:ba:78:59:f5:e2:d0:e5:68:af: 96:0a:82:6a:9e:87:0c:75:6d:c0:20:86:0f:03:12: 02:0b:ef:59:46:7b:78:e6:90:0a:c6:2d:49:09:34: 1c:d8:51:ab:a0:21:83:22:2c:55:b5:d4:02:b2:20: 7f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:61:94:56:FE:C9:03:6E:E9:44:EA:38:7F:51:82:C0:09:70:03:2A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:c000::/40 Signature Algorithm: sha256WithRSAEncryption 78:d0:a0:2b:b2:9d:64:a8:96:d5:dc:8e:be:1f:ea:d1:fd:bc: a5:fa:02:14:b6:9c:7b:97:75:51:83:ac:83:12:75:ba:21:c7: 79:d4:9e:8d:34:64:37:2c:d1:33:29:8e:01:3b:92:e7:9a:8b: ab:0d:70:07:17:0e:ee:be:4e:92:05:b0:0d:f3:8e:93:95:3b: 6c:ff:27:77:8d:77:d6:a7:bf:1f:35:23:e6:27:d5:36:b1:9d: a6:b6:b2:7c:3a:07:cd:31:ef:ff:3c:e3:62:b0:0f:a4:2e:84: e9:0a:50:b4:16:f9:26:ce:a7:56:ca:7b:91:ca:29:90:cb:d6: 4a:81:21:65:c1:79:e5:ac:73:9e:42:8e:28:dd:6d:ef:0d:57: a3:a1:b6:d9:cb:d1:3d:eb:33:91:14:7d:b3:50:f1:da:89:11: e6:60:c9:60:6a:5e:ba:45:ad:a0:ad:31:2b:57:b7:5f:76:ce: 0f:5d:d9:7a:cc:ab:4b:92:5c:bc:5b:2c:86:64:b1:1a:d9:78: ca:37:f1:32:9e:ca:8b:75:d8:21:38:e6:f2:eb:ed:33:70:67: fa:81:83:4e:2e:08:d5:e2:94:e8:40:81:09:c6:2e:f4:ee:96: 76:4d:ee:a2:ff:1b:3c:98:e6:a3:c0:1f:08:16:17:6b:e9:4c: a7:ce:2c:21 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURwOE0+p1e26uou8QbQgM4vTPa5AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1NTE1OVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZDcyYmY1ZjA4ZjgyMTY1ZTc0NDRj YmZhZDM2YTlmM2NjZmQyZTJkMmEzMjA4Mjk1Zjc1NWE2MDFmZTk1ZDQ5ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssndK+yjR5m6J1Kj0K446cMS6Mez vdfogvZt6GjSk7PDON5KqX7ojpA4lOYttAimfQRuxq3+sz/9tCs2ywNxfx6STeTq YBFyrlM2CKlxyPKSZdwkOPYVrMWAEagyjBy9KAgtXEdF0U4RTcsXAY/AlcpDyxBU N1I/UvmewdT+Gxi+9vddHFzkzA1QDkwAb/y6AyLUS259mWxiWaSOd/6pSm6zTyeh PoizRX3uhGshKVMWtV2qJy/thjbsSCm2/S3IRE+dBuPqUqq6eFn14tDlaK+WCoJq nocMdW3AIIYPAxICC+9ZRnt45pAKxi1JCTQc2FGroCGDIixVtdQCsiB/oQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBBhlFb+yQNu6UTqOH9RgsAJcAMqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhhNzY1YWE2LWUwZGMtNGUzYS05YzUxLWJkZWNhZGJkYjhkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba98AwDQYJKoZIhvcNAQELBQADggEBAHjQoCuynWSoltXcjr4f 6tH9vKX6AhS2nHuXdVGDrIMSdbohx3nUno00ZDcs0TMpjgE7kueai6sNcAcXDu6+ TpIFsA3zjpOVO2z/J3eNd9anvx81I+Yn1Taxnaa2snw6B80x7/8842KwD6QuhOkK ULQW+SbOp1bKe5HKKZDL1kqBIWXBeeWsc55Cjijdbe8NV6OhttnL0T3rM5EUfbNQ 8dqJEeZgyWBqXrpFraCtMStXt192zg9d2XrMq0uSXLxbLIZksRrZeMo38TKeyot1 2CE45vLr7TNwZ/qBg04uCNXilOhAgQnGLvTulnZN7qL/GzyY5qPAHwgWF2vpTKfO LCE= -----END CERTIFICATE-----Generated at Thu Apr 17 17:38:51 2025 by rpki-client