$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa File: 8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa (raw, json) Hash identifier: bub7RbUBOVEVpvfK7rkDjKXDyUjteTBuiSJx/irAccw= Subject key identifier: D1:25:95:19:8B:F3:4B:06:A6:5D:F9:54:63:F8:6B:18:D3:72:D2:F6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2F766E789808C27843716431A746BF1A1FB3DFF4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa Signing time: Tue 25 Mar 2025 00:50:06 +0000 ROA not before: Tue 25 Mar 2025 00:50:06 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:76:6e:78:98:08:c2:78:43:71:64:31:a7:46:bf:1a:1f:b3:df:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:50:06 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=1e2f7a4eb0a04ed16d9f6d8c57cd0eb9363a77bee40c0e2185ec96dc81ba1deb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:46:b3:64:dd:9a:06:5a:a4:f9:ce:ae:5c:74: 47:2d:71:50:69:6d:1a:94:3d:03:33:92:46:b6:e6: 57:62:72:14:01:3e:97:a3:4f:9e:5e:72:c9:64:19: f9:d1:72:30:52:b2:f3:7b:3d:8e:6b:1a:90:b7:2c: 5b:2c:a9:ba:0e:cc:78:fd:b4:64:29:d9:be:5c:33: 40:da:ac:dd:0c:78:98:04:2d:68:ee:a0:47:be:c9: dc:e5:37:9b:6a:21:ed:30:19:44:82:91:54:be:0f: 09:02:77:f1:f0:7a:7d:ba:4a:de:1f:9c:91:bd:18: 80:67:8e:53:15:a0:c2:39:50:40:8e:8f:cc:16:dd: de:91:ab:b1:75:44:6d:73:5b:5b:6d:82:d7:d8:61: f2:5f:ee:39:44:ec:05:f5:3f:76:0b:fb:ff:8d:2a: 00:43:60:69:7a:03:17:97:69:e1:23:cb:64:61:25: b8:19:41:a9:51:fb:27:c0:f5:42:23:95:8c:90:6d: 91:34:ee:b3:5f:67:8d:20:49:84:13:cf:0f:85:4a: 48:24:82:4d:6f:49:3f:b4:b4:98:46:5a:a9:60:1a: 9d:37:c3:04:9e:62:bb:f8:fd:4b:57:1e:81:d0:4a: 40:3b:13:4f:44:8b:0a:2c:db:49:71:9f:64:81:35: 8f:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:25:95:19:8B:F3:4B:06:A6:5D:F9:54:63:F8:6B:18:D3:72:D2:F6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:8020::/48 Signature Algorithm: sha256WithRSAEncryption 5b:70:6b:c4:3c:38:aa:0e:e0:39:3e:ee:37:e2:a6:a7:2e:cc: ef:c2:51:b2:98:44:b0:cf:79:8f:65:46:e9:7e:23:cc:42:27: 42:bc:c6:e1:1e:23:60:c9:7e:4b:5f:1d:01:45:cc:e6:e8:3d: cd:2c:66:57:31:7b:78:1d:5d:25:73:6c:73:a1:48:a9:86:fe: 58:87:14:1c:12:fc:e1:15:0a:97:6b:07:d0:df:8c:34:0c:f9: 49:98:8a:1b:91:61:31:7f:03:4d:64:58:6e:49:97:43:55:db: 5e:bc:93:d1:fb:6b:d1:2d:9a:31:3d:18:66:28:51:08:4d:91: 54:23:57:69:97:d0:3a:7d:80:66:bb:65:15:b7:ba:af:43:a9: fe:d9:93:e9:48:3b:b3:d4:69:34:c7:01:18:49:36:4b:74:b2: a3:9f:41:83:07:80:b6:94:59:81:f8:18:97:ee:72:0f:cc:14: 86:1d:9d:e1:5b:8c:25:b6:e9:08:3f:2f:34:a0:a5:6e:18:cb: e5:d3:54:6b:82:2d:5b:de:df:94:9f:a7:7a:ed:96:aa:79:3a: bb:e7:e1:c5:83:63:c2:bc:c8:30:2c:7e:84:01:81:d6:9e:46: b7:ba:bf:5c:91:6e:ff:67:c3:85:af:7d:4a:08:6c:af:06:fa: e3:6b:99:da -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUL3ZueJgIwnhDcWQxp0a/Gh+z3/QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNTAwNloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMWUyZjdhNGViMGEwNGVkMTZkOWY2 ZDhjNTdjZDBlYjkzNjNhNzdiZWU0MGMwZTIxODVlYzk2ZGM4MWJhMWRlYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UazZN2aBlqk+c6uXHRHLXFQaW0a lD0DM5JGtuZXYnIUAT6Xo0+eXnLJZBn50XIwUrLzez2OaxqQtyxbLKm6Dsx4/bRk Kdm+XDNA2qzdDHiYBC1o7qBHvsnc5TebaiHtMBlEgpFUvg8JAnfx8Hp9ukreH5yR vRiAZ45TFaDCOVBAjo/MFt3ekauxdURtc1tbbYLX2GHyX+45ROwF9T92C/v/jSoA Q2BpegMXl2nhI8tkYSW4GUGpUfsnwPVCI5WMkG2RNO6zX2eNIEmEE88PhUpIJIJN b0k/tLSYRlqpYBqdN8MEnmK7+P1LVx6B0EpAOxNPRIsKLNtJcZ9kgTWPxwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNEllRmL80sGpl35VGP4axjTctL2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhjYTM3MWQ5LTIxNTMtNDA1My05OWFjLTFiZGMwYzQyOTRhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQBbcGvEPDiqDuA5Pu43 4qanLszvwlGymESwz3mPZUbpfiPMQidCvMbhHiNgyX5LXx0BRczm6D3NLGZXMXt4 HV0lc2xzoUiphv5YhxQcEvzhFQqXawfQ34w0DPlJmIobkWExfwNNZFhuSZdDVdte vJPR+2vRLZoxPRhmKFEITZFUI1dpl9A6fYBmu2UVt7qvQ6n+2ZPpSDuz1Gk0xwEY STZLdLKjn0GDB4C2lFmB+BiX7nIPzBSGHZ3hW4wltukIPy80oKVuGMvl01Rrgi1b 3t+Un6d67ZaqeTq75+HFg2PCvMgwLH6EAYHWnka3ur9ckW7/Z8OFr31KCGyvBvrj a5na -----END CERTIFICATE-----Generated at Thu Apr 17 18:00:11 2025 by rpki-client