$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bb4fc6d-b270-4df7-a776-77d2795dda17.roa File: 8bb4fc6d-b270-4df7-a776-77d2795dda17.roa (raw, json) Hash identifier: yWKfm0Etu0fi3TFS1tDf47iVgSZI27Y4nMFFKdUjoD8= Subject key identifier: 8B:09:73:3D:C0:66:37:43:F7:DC:0E:54:32:28:A2:D8:84:1F:0A:CD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D01914FA44AED13754E0D9B5CECDCDA3B729CCD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bb4fc6d-b270-4df7-a776-77d2795dda17.roa Signing time: Tue 25 Mar 2025 16:30:09 +0000 ROA not before: Tue 25 Mar 2025 16:30:09 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da16:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:01:91:4f:a4:4a:ed:13:75:4e:0d:9b:5c:ec:dc:da:3b:72:9c:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:30:09 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=da20ccaebf6536d9aebdb44a8147353ea585cd1a703087c4d0cdd30ac3230976, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:c7:e0:7d:4d:6c:35:5b:c7:10:45:e8:ed:53: ba:86:aa:9a:92:c3:9c:a5:3e:26:09:9e:a2:3a:80: f7:c9:a3:50:e7:e5:7f:a4:26:5e:9e:59:16:67:69: 77:3b:e1:58:80:a8:b7:5c:25:14:d2:ad:46:04:cc: c7:d2:ec:17:16:bd:6b:d2:8b:c7:d4:e3:c7:3e:5d: 1e:ab:e4:1a:7c:be:18:f9:02:12:c8:a8:6c:19:46: a8:d7:b9:6c:8d:89:42:3b:4b:49:3d:fe:3f:95:b3: b8:af:00:83:c9:be:1b:71:08:73:d3:c4:b2:c4:9f: a0:b5:48:b9:ac:3c:e8:4a:c6:bc:d1:05:d8:9d:bc: ff:c7:cb:af:0c:cc:52:b6:e6:50:d0:9f:e1:53:40: ed:ac:47:19:ae:36:36:1f:66:f7:ac:a8:37:ce:5e: 69:cb:d4:c4:e7:8c:36:4a:0e:51:23:5a:61:41:c3: c1:22:3c:7a:98:8d:b3:dd:5f:ed:e0:21:f4:6c:e1: 26:ac:d9:80:3f:e2:19:95:89:44:41:cc:c5:b4:16: b0:de:9b:a4:47:92:38:34:b9:c4:43:89:c2:4b:02: 64:40:43:20:bc:b9:71:5e:da:d6:e3:8c:1f:6f:9a: 3c:cc:e1:f1:86:99:9e:60:44:1b:7b:0f:e5:3a:09: 93:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:09:73:3D:C0:66:37:43:F7:DC:0E:54:32:28:A2:D8:84:1F:0A:CD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bb4fc6d-b270-4df7-a776-77d2795dda17.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da16:c00::/38 Signature Algorithm: sha256WithRSAEncryption 02:7a:df:94:aa:19:c2:4e:1d:1c:22:4b:4a:0a:3a:f8:cb:91: a6:10:5b:8d:ce:d9:90:92:b1:d3:f2:17:49:c3:d5:f0:37:09: 29:06:b5:a6:18:f5:87:bb:47:a9:b4:e0:23:cc:9d:dd:e1:c6: 81:e0:69:5d:af:b0:dc:8b:55:3f:41:25:be:43:47:0d:ea:b9: 1d:4e:f3:d9:4a:92:d3:c0:f1:7e:c8:c8:66:6e:db:cb:4c:68: f3:f8:33:63:47:00:56:0f:7f:4b:55:9c:df:d9:e7:ab:08:f2: 69:49:9e:1c:a4:9b:c8:bd:d5:38:e5:ee:67:15:e8:df:c9:37: 9a:c4:70:3f:2f:f0:fd:d6:0b:5e:ae:cd:b4:9b:c9:55:3f:8b: 6a:61:03:2a:e8:55:86:94:99:20:12:58:aa:20:f1:cb:c3:a4: cb:a7:1b:e4:f4:d6:93:e7:96:d2:7c:9a:ff:53:bb:83:ae:39: e2:00:70:9b:8a:7b:e9:e4:a5:9c:11:c7:72:41:3b:e7:ba:d0: 1e:bd:8b:31:58:1f:74:02:83:56:5e:a1:2e:89:0d:ef:da:db: 11:ba:70:f4:80:cd:dc:00:aa:7c:c0:f3:e0:cd:16:b8:ab:d9: 38:ed:a7:15:a5:0f:9e:79:be:7c:1b:27:64:45:45:47:61:50: 0c:f4:00:13 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPQGRT6RK7RN1Tg2bXOzc2jtynM0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MzAwOVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZGEyMGNjYWViZjY1MzZkOWFlYmRi NDRhODE0NzM1M2VhNTg1Y2QxYTcwMzA4N2M0ZDBjZGQzMGFjMzIzMDk3NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMfgfU1sNVvHEEXo7VO6hqqaksOc pT4mCZ6iOoD3yaNQ5+V/pCZenlkWZ2l3O+FYgKi3XCUU0q1GBMzH0uwXFr1r0ovH 1OPHPl0eq+QafL4Y+QISyKhsGUao17lsjYlCO0tJPf4/lbO4rwCDyb4bcQhz08Sy xJ+gtUi5rDzoSsa80QXYnbz/x8uvDMxStuZQ0J/hU0DtrEcZrjY2H2b3rKg3zl5p y9TE54w2Sg5RI1phQcPBIjx6mI2z3V/t4CH0bOEmrNmAP+IZlYlEQczFtBaw3puk R5I4NLnEQ4nCSwJkQEMgvLlxXtrW44wfb5o8zOHxhpmeYEQbew/lOgmT7wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIsJcz3AZjdD99wOVDIootiEHwrNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiYjRmYzZkLWIyNzAtNGRmNy1hNzc2LTc3ZDI3OTVkZGExNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFgwwDQYJKoZIhvcNAQELBQADggEBAAJ635SqGcJOHRwiS0oK OvjLkaYQW43O2ZCSsdPyF0nD1fA3CSkGtaYY9Ye7R6m04CPMnd3hxoHgaV2vsNyL VT9BJb5DRw3quR1O89lKktPA8X7IyGZu28tMaPP4M2NHAFYPf0tVnN/Z56sI8mlJ nhykm8i91Tjl7mcV6N/JN5rEcD8v8P3WC16uzbSbyVU/i2phAyroVYaUmSASWKog 8cvDpMunG+T01pPnltJ8mv9Tu4OuOeIAcJuKe+nkpZwRx3JBO+e60B69izFYH3QC g1ZeoS6JDe/a2xG6cPSAzdwAqnzA8+DNFrir2TjtpxWlD555vnwbJ2RFRUdhUAz0 ABM= -----END CERTIFICATE-----Generated at Thu Apr 17 18:00:12 2025 by rpki-client