$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa File: 996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json) Hash identifier: VvSR38C4MjOOD+5xwBM3KS3S80jTwRasIJ5THxA+c3c= Subject key identifier: 8E:D4:27:02:AF:30:24:7A:75:40:75:FC:9D:27:EB:4A:69:59:3E:FC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6D0792A79A7EFBD919D980362E1272908834AB3D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa Signing time: Sat 05 Apr 2025 00:00:18 +0000 ROA not before: Sat 05 Apr 2025 00:00:18 +0000 ROA not after: Sat 10 May 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da00:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:07:92:a7:9a:7e:fb:d9:19:d9:80:36:2e:12:72:90:88:34:ab:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 5 00:00:18 2025 GMT Not After : May 10 23:59:59 2025 GMT Subject: serialNumber=844743dec8a3825fbc8a29b9a434abe5a179b64a57ad82b5b2f25a63e007af42, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:33:13:81:ad:4c:cf:ac:34:a8:39:dd:25:72: 70:80:c2:68:77:cf:5f:64:6d:64:72:c1:a7:c2:bd: fb:8e:4c:3b:fa:10:14:ac:17:b6:1a:21:cf:3a:bd: 07:e4:16:23:34:2b:05:75:ab:09:9e:f0:1f:d3:7c: 32:fc:6f:4b:11:6a:39:d2:b4:ab:5d:78:48:bf:5e: 4b:02:1a:57:34:8c:53:7d:76:4f:b1:e9:08:7b:3a: 16:3e:95:9a:24:0c:77:97:6c:57:08:b8:52:f2:18: 61:36:e9:ca:90:18:6f:d1:5f:55:55:4d:8b:87:22: 19:d8:9b:7e:65:75:21:08:93:68:9c:87:b7:2a:cf: 3b:3c:53:7b:ac:ec:d3:14:83:f3:f8:bb:fa:cd:bb: 30:a4:df:8a:fc:e8:7b:71:cf:2d:94:d1:9c:69:97: da:0f:bb:71:2d:1c:ad:68:7a:12:89:1c:33:fd:d3: be:f2:39:fa:de:42:e3:0c:c9:25:f3:3b:56:9d:b1: cc:66:e7:6a:ae:bd:0d:ed:d3:fa:d9:59:05:26:4a: fc:ba:42:5d:61:e5:6a:f3:b4:d4:14:9f:73:55:67: f2:bd:f0:ac:8d:7a:5c:28:8c:61:b7:9a:c6:1a:0d: 63:12:f2:d6:b1:aa:06:d6:90:1a:65:17:56:81:5d: b2:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:D4:27:02:AF:30:24:7A:75:40:75:FC:9D:27:EB:4A:69:59:3E:FC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 7f:0b:54:ed:33:4d:62:21:44:f3:a3:32:97:56:17:c4:96:2d: df:ad:9b:eb:0f:fe:75:d2:c4:f8:75:2e:a0:d0:9d:10:79:9d: 91:e5:11:7e:bf:cd:c4:64:73:71:a7:46:6b:c3:47:5a:75:4c: 6d:c4:28:56:6d:0e:c3:bf:5b:d6:b2:92:33:dc:a6:84:8d:b1: a2:b9:30:8c:21:0d:01:e5:5b:6a:a6:85:17:1d:fb:58:d5:0d: dd:2f:f0:ce:f6:60:06:8d:65:8f:0e:24:8e:11:f4:d2:9b:fa: db:cf:09:87:81:38:4c:4a:11:1b:12:59:cb:8a:43:d5:fb:f0: 7d:47:fa:0b:aa:84:bd:7a:cd:63:d9:20:e5:e1:5b:3d:40:33: e8:2c:09:0d:76:fd:1d:d8:ad:e1:be:7f:52:ae:ee:9b:aa:83: 5c:cc:6a:93:4a:29:0c:77:6d:ce:e1:d8:dd:96:40:35:13:54: b1:a8:21:c0:34:9c:b4:a5:bf:b1:7f:67:84:c5:54:72:60:0d: 5b:7e:01:f8:1a:17:da:0c:bb:ee:83:a5:d1:8f:a5:03:de:cf: d8:7a:cb:98:4d:17:84:b7:3a:5a:d9:7e:d8:68:84:c5:d6:a0: b4:d0:ef:77:14:9b:15:8c:b7:34:bc:9b:03:a7:87:94:6f:ce: 87:64:60:93 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbQeSp5p++9kZ2YA2LhJykIg0qz0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQwNTAwMDAxOFoX DTI1MDUxMDIzNTk1OVowejFJMEcGA1UEBRNAODQ0NzQzZGVjOGEzODI1ZmJjOGEy OWI5YTQzNGFiZTVhMTc5YjY0YTU3YWQ4MmI1YjJmMjVhNjNlMDA3YWY0MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDMTga1Mz6w0qDndJXJwgMJod89f ZG1kcsGnwr37jkw7+hAUrBe2GiHPOr0H5BYjNCsFdasJnvAf03wy/G9LEWo50rSr XXhIv15LAhpXNIxTfXZPsekIezoWPpWaJAx3l2xXCLhS8hhhNunKkBhv0V9VVU2L hyIZ2Jt+ZXUhCJNonIe3Ks87PFN7rOzTFIPz+Lv6zbswpN+K/Oh7cc8tlNGcaZfa D7txLRytaHoSiRwz/dO+8jn63kLjDMkl8ztWnbHMZudqrr0N7dP62VkFJkr8ukJd YeVq87TUFJ9zVWfyvfCsjXpcKIxht5rGGg1jEvLWsaoG1pAaZRdWgV2yXQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFI7UJwKvMCR6dUB1/J0n60ppWT78MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQB/C1TtM01iIUTzozKX VhfEli3frZvrD/510sT4dS6g0J0QeZ2R5RF+v83EZHNxp0Zrw0dadUxtxChWbQ7D v1vWspIz3KaEjbGiuTCMIQ0B5VtqpoUXHftY1Q3dL/DO9mAGjWWPDiSOEfTSm/rb zwmHgThMShEbElnLikPV+/B9R/oLqoS9es1j2SDl4Vs9QDPoLAkNdv0d2K3hvn9S ru6bqoNczGqTSikMd23O4djdlkA1E1SxqCHANJy0pb+xf2eExVRyYA1bfgH4Ghfa DLvug6XRj6UD3s/YesuYTReEtzpa2X7YaITF1qC00O93FJsVjLc0vJsDp4eUb86H ZGCT -----END CERTIFICATE-----Generated at Thu Apr 17 17:43:39 2025 by rpki-client