$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9189bfbf-3763-4a1c-b4d7-fb9e56961927.roa File: 9189bfbf-3763-4a1c-b4d7-fb9e56961927.roa (raw, json) Hash identifier: 0nfqYXJv6HAXpEbRAOayGrhv2e88ZuRnDkRNGlFkpzs= Subject key identifier: D3:74:01:7F:3B:31:15:62:85:7D:26:6E:98:2A:9C:E2:BA:BD:D4:A2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43D470A76DB68A428861FBCC1D112222C549F2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9189bfbf-3763-4a1c-b4d7-fb9e56961927.roa Signing time: Tue 25 Mar 2025 16:31:32 +0000 ROA not before: Tue 25 Mar 2025 16:31:32 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:d4:70:a7:6d:b6:8a:42:88:61:fb:cc:1d:11:22:22:c5:49:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:31:32 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=7974045bbe141becb6fe2f99fbc7de6271a7ac994aaac41d18ab817d611b9f9c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:10:41:2a:58:11:34:5e:40:eb:cb:9f:f4:67: a6:e1:9c:6b:e5:70:72:da:71:1b:ea:37:2f:1a:89: d7:b4:28:b5:cb:12:fa:0a:ff:6c:c9:da:a7:c6:72: 8c:05:7c:cb:49:5f:8a:6d:4d:a2:51:96:f2:51:a6: 28:a7:5a:6e:9e:4d:54:a4:8d:85:ec:89:be:38:f4: f0:f2:10:0c:2e:bf:ce:22:6f:15:bf:c3:ca:3f:74: 9a:d4:31:87:4c:c0:48:09:e7:fe:89:04:75:2a:a5: 1c:e0:d9:2a:74:83:53:3f:23:da:3e:b6:50:5d:68: 9b:f7:88:89:b6:99:e8:53:59:27:8a:b0:35:b2:ce: d3:cf:11:df:74:ff:5c:2b:7b:28:75:0d:83:1f:45: 06:f9:76:ef:f2:f8:be:68:6e:15:95:ff:d6:0c:07: 6a:b5:14:2f:21:17:4f:ca:ea:7c:1e:b6:ca:72:8b: 5d:3b:bb:e6:51:ef:41:8c:5c:21:db:8e:9e:97:d1: 64:51:a3:16:7a:5f:eb:55:e8:c7:75:24:22:2c:84: 51:84:c4:50:f6:20:fd:8c:72:12:82:7d:46:fc:3b: 54:8c:cb:b0:71:f9:41:d9:b2:ce:8c:40:b1:87:3f: 8c:1d:15:27:f6:a3:a8:57:d2:20:e9:98:a4:11:a6: 19:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:74:01:7F:3B:31:15:62:85:7D:26:6E:98:2A:9C:E2:BA:BD:D4:A2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9189bfbf-3763-4a1c-b4d7-fb9e56961927.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:7000::/40 Signature Algorithm: sha256WithRSAEncryption 0d:99:8d:e9:75:ea:9d:0c:79:0a:06:cf:34:10:ca:7a:1b:46: 81:d8:ba:4d:49:4a:5e:86:70:7e:c1:c1:7b:ec:9a:f3:84:91: cf:98:8d:5a:f6:81:bc:02:79:3d:12:bc:cd:e5:e3:43:0e:a9: 26:e9:34:a3:8e:e5:9d:04:d5:ca:48:dd:68:c2:34:32:19:b7: 22:d1:b9:70:64:bc:ed:65:72:27:d9:4f:57:bc:90:06:d3:1e: 6e:62:37:bb:69:a1:b6:55:32:f7:9e:db:a9:c4:31:fb:9b:f0: a2:24:27:45:88:ff:d9:11:be:91:23:df:72:56:8d:c8:a2:eb: 3c:14:ce:30:c2:20:68:d2:40:47:97:47:24:71:13:23:30:6b: bb:b8:e4:3a:62:ad:d0:36:c1:77:53:70:2e:86:bc:4d:67:36: 59:bc:cc:59:b6:37:a2:74:fe:62:39:41:6e:03:99:99:55:79: 29:e4:6c:21:2f:b5:0d:96:2f:a5:3e:3e:b7:a7:1a:c9:a5:46: f2:99:7d:69:71:63:fd:99:1e:e4:7e:5d:b4:fb:50:68:5f:b3: 23:30:c3:63:fe:9a:64:bd:86:7b:4b:0e:35:bf:b2:aa:43:61: c8:d6:c6:ab:71:d8:61:58:73:3a:f4:e9:e0:18:7a:ac:dd:b6: 30:a4:e4:b2 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITQ9Rwp222ikKIYfvMHREiIsVJ8jANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwMzI1MTYzMTMyWhcN MjUwNDI5MjM1OTU5WjB6MUkwRwYDVQQFE0A3OTc0MDQ1YmJlMTQxYmVjYjZmZTJm OTlmYmM3ZGU2MjcxYTdhYzk5NGFhYWM0MWQxOGFiODE3ZDYxMWI5ZjljMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXEEEqWBE0XkDry5/0Z6bhnGvlcHLa cRvqNy8aide0KLXLEvoK/2zJ2qfGcowFfMtJX4ptTaJRlvJRpiinWm6eTVSkjYXs ib449PDyEAwuv84ibxW/w8o/dJrUMYdMwEgJ5/6JBHUqpRzg2Sp0g1M/I9o+tlBd aJv3iIm2mehTWSeKsDWyztPPEd90/1wreyh1DYMfRQb5du/y+L5obhWV/9YMB2q1 FC8hF0/K6nwetspyi107u+ZR70GMXCHbjp6X0WRRoxZ6X+tV6Md1JCIshFGExFD2 IP2MchKCfUb8O1SMy7Bx+UHZss6MQLGHP4wdFSf2o6hX0iDpmKQRphlTAgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQU03QBfzsxFWKFfSZumCqc4rq91KIwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv OTE4OWJmYmYtMzc2My00YTFjLWI0ZDctZmI5ZTU2OTYxOTI3LnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAkBtoycDANBgkqhkiG9w0BAQsFAAOCAQEADZmN6XXqnQx5CgbPNBDK ehtGgdi6TUlKXoZwfsHBe+ya84SRz5iNWvaBvAJ5PRK8zeXjQw6pJuk0o47lnQTV ykjdaMI0Mhm3ItG5cGS87WVyJ9lPV7yQBtMebmI3u2mhtlUy957bqcQx+5vwoiQn RYj/2RG+kSPfclaNyKLrPBTOMMIgaNJAR5dHJHETIzBru7jkOmKt0DbBd1NwLoa8 TWc2WbzMWbY3onT+YjlBbgOZmVV5KeRsIS+1DZYvpT4+t6cayaVG8pl9aXFj/Zke 5H5dtPtQaF+zIzDDY/6aZL2Ge0sONb+yqkNhyNbGq3HYYVhzOvTp4Bh6rN22MKTk sg== -----END CERTIFICATE-----Generated at Thu Apr 17 18:14:02 2025 by rpki-client