$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd7eded-c7ab-48c4-8c04-ddd5ef73c985.roa File: 8bd7eded-c7ab-48c4-8c04-ddd5ef73c985.roa (raw, json) Hash identifier: xqDf88FqvwZdRAkaEYrzIfQGnHYl98BD5NJWRpF6H5c= Subject key identifier: 13:B8:C6:4B:0E:9A:10:34:D6:61:67:A5:26:C1:6D:E0:B2:09:93:C2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19A42EAB02D894DA1FEAEF89F4C30C3B56AA37FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd7eded-c7ab-48c4-8c04-ddd5ef73c985.roa Signing time: Tue 25 Mar 2025 16:50:40 +0000 ROA not before: Tue 25 Mar 2025 16:50:40 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da11::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:a4:2e:ab:02:d8:94:da:1f:ea:ef:89:f4:c3:0c:3b:56:aa:37:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:50:40 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=edc9b4fd906a55e1a13c10b5fa393c1c8daf593fa7316807a146838630b00fb1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:96:75:0b:3b:a3:b7:28:b2:ad:6b:91:8d:5c: 6c:aa:66:5c:9f:8c:17:b5:af:46:ad:df:e0:bf:5c: 9a:fc:ee:42:e2:a1:1d:43:32:88:6f:23:64:27:e8: af:7f:d4:33:07:5f:7e:87:8b:40:64:56:dc:af:e5: 3a:e3:06:d8:fc:ce:5a:8b:70:69:22:55:44:d4:71: b5:a8:3f:ad:43:26:d5:12:81:0d:f2:0e:aa:b9:6a: 36:0f:5b:d2:88:56:0f:1a:da:f9:30:71:de:7d:c5: 85:22:25:94:58:ab:8c:43:9d:a1:44:70:da:d5:5d: 31:6a:b8:18:fc:bd:99:1b:94:5e:06:60:c1:5e:1b: 7b:0b:48:aa:58:71:e7:04:b9:db:8a:c2:53:7b:2e: 28:44:74:09:20:7d:01:8a:e8:92:b3:e6:1e:9d:69: 49:d6:e1:79:e9:ae:1c:a5:1e:d1:a5:93:e3:e2:f1: d3:9a:e9:58:e2:6f:c0:c4:93:33:5e:c1:6b:56:30: 82:7f:13:5a:c8:51:30:7b:eb:02:54:4c:5b:9a:d4: 02:62:8a:64:0c:a0:9d:09:c1:9a:36:f1:bb:0f:56: e5:ff:bb:8e:ca:89:11:61:65:79:d3:67:df:45:c4: 4d:17:bb:f5:6a:0c:96:23:fd:1d:4a:8c:cc:9a:24: 68:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:B8:C6:4B:0E:9A:10:34:D6:61:67:A5:26:C1:6D:E0:B2:09:93:C2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd7eded-c7ab-48c4-8c04-ddd5ef73c985.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da11::/36 Signature Algorithm: sha256WithRSAEncryption 4d:3c:18:8a:37:b3:57:ae:49:d8:9b:58:ea:3c:2b:0d:57:86: 52:ad:4c:52:27:7a:88:e0:59:d7:85:3f:e3:29:59:8f:6c:17: bb:ca:00:e7:dd:90:68:cb:8d:75:a6:16:4d:4d:c2:15:ad:19: b1:d2:9b:af:79:15:cc:bb:8e:44:79:75:14:4e:13:0e:a5:cc: 8c:95:0a:06:5c:30:a0:86:a6:8c:15:15:69:db:56:1b:8d:a0: a0:e8:70:27:ae:76:2d:28:88:a5:61:04:b6:61:24:e0:ed:0e: 4d:bb:ca:6e:14:4d:38:a2:1b:73:a3:a5:33:96:75:af:b6:c2: ea:2e:40:a7:47:66:82:3a:0a:4d:21:e8:52:52:11:fe:17:e6: ee:c7:fc:b5:b2:ac:db:7c:fb:74:9b:30:a1:30:dd:01:98:87: 64:10:04:94:00:78:f3:65:c4:91:37:f7:84:ab:3c:1d:a7:ae: 55:6e:71:0f:59:d6:bb:82:e2:5d:af:92:94:d8:ac:2e:da:c6: a6:f8:ec:29:7b:26:29:e3:81:8b:b6:8d:54:65:24:db:d6:07: c7:7f:b6:8b:ed:96:75:5b:2d:f7:0e:9f:22:97:61:e2:e2:d0: 83:09:f4:7a:ee:d1:81:b7:75:cb:15:4d:92:11:31:45:96:0a: e8:61:46:86 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGaQuqwLYlNof6u+J9MMMO1aqN/owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NTA0MFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZWRjOWI0ZmQ5MDZhNTVlMWExM2Mx MGI1ZmEzOTNjMWM4ZGFmNTkzZmE3MzE2ODA3YTE0NjgzODYzMGIwMGZiMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpZ1CzujtyiyrWuRjVxsqmZcn4wX ta9Grd/gv1ya/O5C4qEdQzKIbyNkJ+ivf9QzB19+h4tAZFbcr+U64wbY/M5ai3Bp IlVE1HG1qD+tQybVEoEN8g6quWo2D1vSiFYPGtr5MHHefcWFIiWUWKuMQ52hRHDa 1V0xargY/L2ZG5ReBmDBXht7C0iqWHHnBLnbisJTey4oRHQJIH0BiuiSs+YenWlJ 1uF56a4cpR7RpZPj4vHTmulY4m/AxJMzXsFrVjCCfxNayFEwe+sCVExbmtQCYopk DKCdCcGaNvG7D1bl/7uOyokRYWV502ffRcRNF7v1agyWI/0dSozMmiRoCwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBO4xksOmhA01mFnpSbBbeCyCZPCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiZDdlZGVkLWM3YWItNDhjNC04YzA0LWRkZDVlZjczYzk4NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaEQAwDQYJKoZIhvcNAQELBQADggEBAE08GIo3s1euSdibWOo8 Kw1XhlKtTFIneojgWdeFP+MpWY9sF7vKAOfdkGjLjXWmFk1NwhWtGbHSm695Fcy7 jkR5dRROEw6lzIyVCgZcMKCGpowVFWnbVhuNoKDocCeudi0oiKVhBLZhJODtDk27 ym4UTTiiG3OjpTOWda+2wuouQKdHZoI6Ck0h6FJSEf4X5u7H/LWyrNt8+3SbMKEw 3QGYh2QQBJQAePNlxJE394SrPB2nrlVucQ9Z1ruC4l2vkpTYrC7axqb47Cl7Jinj gYu2jVRlJNvWB8d/tovtlnVbLfcOnyKXYeLi0IMJ9Hru0YG3dcsVTZIRMUWWCuhh RoY= -----END CERTIFICATE-----Generated at Thu Apr 17 17:29:12 2025 by rpki-client