$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa File: 9b072caa-75fc-4171-a003-7c2d34288af7.roa (raw, json) Hash identifier: A7pYWAEYDHvAjjfTMP93tx7EmRdywVrHODLT2+y48JE= Subject key identifier: 75:DC:5A:3D:F1:CE:8D:30:3C:BF:FC:C5:84:A9:7C:6F:20:CE:EE:AF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08BFAE8D1381B561E1125C5F803563AEDDB15C64 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa Signing time: Tue 25 Mar 2025 16:41:27 +0000 ROA not before: Tue 25 Mar 2025 16:41:27 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da18::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:bf:ae:8d:13:81:b5:61:e1:12:5c:5f:80:35:63:ae:dd:b1:5c:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:41:27 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=7bf3268f93dea638d385d7c94c51ddfc32492fca3ae31e777550b8bc31c9eade, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:9d:2a:ac:0a:25:98:95:bd:75:16:16:88:9a: c3:bf:08:ff:b7:12:fb:e6:5b:9b:84:cd:f3:ae:67: fb:98:b3:c7:d9:10:79:a9:61:ff:54:f0:88:21:cd: 76:1f:97:5a:51:70:28:97:a8:88:63:8f:e0:a7:c5: ba:6a:43:b7:ef:a0:20:67:87:71:be:9d:bf:82:0c: 03:27:d0:a2:a0:b9:1b:47:1b:51:2f:8d:54:e7:55: ab:bf:58:55:59:c5:4f:38:aa:47:30:bf:d5:8a:5b: 26:a8:99:fb:e7:d6:96:b4:89:90:cd:f6:9e:1f:5b: 86:da:59:e5:76:b2:8c:9b:74:e9:cd:12:73:89:f9: bf:a3:50:6e:07:21:ec:9e:0c:31:6c:35:3e:1f:3a: 68:c2:6f:50:f4:4e:6d:38:24:f4:d7:45:5d:b0:c2: 47:9c:b7:b3:1c:b3:c2:27:33:7b:94:c0:7a:c0:61: 37:0d:75:8f:26:f3:93:63:34:45:3c:9f:93:34:f3: 48:51:53:46:31:bc:40:c1:b5:2e:1f:02:59:60:bb: 9b:20:49:66:42:ff:f8:8a:48:1d:8a:5f:90:34:19: 01:f0:e4:3a:43:10:dc:09:b8:4e:3b:e8:01:4a:67: 27:db:b1:b7:eb:e3:57:ac:80:1c:a3:d6:f2:3e:f7: 31:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:DC:5A:3D:F1:CE:8D:30:3C:BF:FC:C5:84:A9:7C:6F:20:CE:EE:AF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da18::/38 Signature Algorithm: sha256WithRSAEncryption ac:ae:a1:93:f9:7d:f7:37:79:73:9d:a7:69:41:62:bb:0a:e3: 61:f8:10:20:c2:e0:09:be:c1:58:de:59:0a:2c:ba:59:a2:11: 5d:b2:18:fe:1a:d6:1f:62:25:cf:29:42:cb:58:73:99:09:87: a1:fb:51:02:fd:d4:aa:d6:fe:f9:7e:68:26:d8:e5:2d:83:21: 37:c1:c8:7a:e3:16:3b:55:3d:f6:ba:85:2c:ff:dd:90:5f:cb: eb:ac:cc:a1:4f:13:7e:49:15:19:66:a5:8a:35:cd:4c:0c:f9: 3e:29:3c:77:e9:7f:c5:de:5f:cc:74:53:f1:e0:33:66:18:95: a7:bf:74:8e:e0:c3:da:e4:34:0c:f6:fb:df:42:46:3f:3d:e1: 42:31:ea:d5:ec:66:ca:bd:c9:da:9a:6d:c6:ff:cd:4e:1c:e4: 5a:6b:24:cb:b0:87:29:31:a2:b9:28:ec:c3:e7:1f:98:db:45: 88:1a:7e:c2:90:40:c6:16:5a:cc:6f:91:71:b7:23:d4:19:7e: f3:9f:35:4c:ec:46:b6:a9:83:9d:d1:e8:1b:9f:c5:8f:d9:b5: 19:26:17:08:91:a3:82:31:df:f0:4f:95:a0:61:bf:ea:c3:10: 31:4f:4d:88:ca:ec:cb:81:1b:48:17:cc:af:10:ae:57:73:79: c6:b5:35:7c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCL+ujROBtWHhElxfgDVjrt2xXGQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NDEyN1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAN2JmMzI2OGY5M2RlYTYzOGQzODVk N2M5NGM1MWRkZmMzMjQ5MmZjYTNhZTMxZTc3NzU1MGI4YmMzMWM5ZWFkZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx50qrAolmJW9dRYWiJrDvwj/txL7 5lubhM3zrmf7mLPH2RB5qWH/VPCIIc12H5daUXAol6iIY4/gp8W6akO376AgZ4dx vp2/ggwDJ9CioLkbRxtRL41U51Wrv1hVWcVPOKpHML/VilsmqJn759aWtImQzfae H1uG2lnldrKMm3TpzRJzifm/o1BuByHsngwxbDU+Hzpowm9Q9E5tOCT010VdsMJH nLezHLPCJzN7lMB6wGE3DXWPJvOTYzRFPJ+TNPNIUVNGMbxAwbUuHwJZYLubIElm Qv/4ikgdil+QNBkB8OQ6QxDcCbhOO+gBSmcn27G36+NXrIAco9byPvcxwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHXcWj3xzo0wPL/8xYSpfG8gzu6vMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzliMDcyY2FhLTc1ZmMtNDE3MS1hMDAzLTdjMmQzNDI4OGFmNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGAAwDQYJKoZIhvcNAQELBQADggEBAKyuoZP5ffc3eXOdp2lB YrsK42H4ECDC4Am+wVjeWQosulmiEV2yGP4a1h9iJc8pQstYc5kJh6H7UQL91KrW /vl+aCbY5S2DITfByHrjFjtVPfa6hSz/3ZBfy+uszKFPE35JFRlmpYo1zUwM+T4p PHfpf8XeX8x0U/HgM2YYlae/dI7gw9rkNAz2+99CRj894UIx6tXsZsq9ydqabcb/ zU4c5FprJMuwhykxorko7MPnH5jbRYgafsKQQMYWWsxvkXG3I9QZfvOfNUzsRrap g53R6BufxY/ZtRkmFwiRo4Ix3/BPlaBhv+rDEDFPTYjK7MuBG0gXzK8Qrldzeca1 NXw= -----END CERTIFICATE-----Generated at Thu Apr 17 17:57:46 2025 by rpki-client