$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa File: 9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa (raw, json) Hash identifier: +iczhfdPDpSWBM7qgaA70RKpEZiCorhzQDdUxEri1D0= Subject key identifier: 21:87:33:46:B4:4E:E4:3D:66:41:07:96:1C:F0:99:96:AE:69:18:91 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 77C9D0672313B67E436A43FA27CD4FD330A06272 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa Signing time: Tue 25 Mar 2025 16:30:25 +0000 ROA not before: Tue 25 Mar 2025 16:30:25 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:8c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:c9:d0:67:23:13:b6:7e:43:6a:43:fa:27:cd:4f:d3:30:a0:62:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:30:25 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=7af1139175dc33ce810ad373ac8a9d3fff1d951c94537ac55bee14aa966826c1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:52:e3:fc:cb:c3:a5:bb:6e:4e:98:8f:3e:2c: b1:7c:1e:95:87:02:4a:0a:12:f3:30:5c:ea:b4:20: 6a:63:ce:22:e8:b9:7e:0f:36:24:26:a4:cf:1c:f4: 6d:43:e0:7b:ce:51:ea:8c:42:46:23:71:3c:67:21: 28:28:c4:ce:45:fd:2e:55:fb:aa:b2:bc:7a:a9:7e: ae:a7:fb:fc:25:de:2f:58:6e:37:79:79:94:04:90: b8:b3:36:cf:7b:9d:c2:4a:a2:92:67:85:1a:ed:c0: d8:2c:eb:17:eb:65:75:77:df:28:e7:36:a0:45:00: e6:89:41:50:1b:1e:3b:36:9d:b4:9b:f0:7a:ba:32: a6:0c:32:bd:18:51:c1:d5:d1:06:d6:2d:55:3c:c4: 47:e6:0b:8d:50:69:30:ce:40:07:de:a5:f4:35:db: 5c:90:7f:bb:64:6f:30:9b:0c:bc:4d:9b:b8:ac:b4: 33:8b:0b:1d:84:0c:cd:a5:c0:23:2b:49:bb:4f:be: ca:39:21:2f:63:49:d1:1c:1d:35:d2:92:e4:3d:b3: f2:35:43:44:e8:c6:5c:a7:a3:14:10:00:fb:96:c2: 4b:d9:be:38:07:61:ad:21:96:9b:2c:8d:21:f4:f6: 93:f8:2a:4e:c6:39:0f:bc:29:0f:5d:d6:c8:d2:15: d8:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:87:33:46:B4:4E:E4:3D:66:41:07:96:1C:F0:99:96:AE:69:18:91 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:8c00::/38 Signature Algorithm: sha256WithRSAEncryption 8d:8a:d8:3e:18:70:e7:c9:8b:b2:3e:36:21:fa:bc:7f:a0:af: 65:ba:76:36:da:d7:f1:e1:f3:f7:b6:80:f8:90:f7:a5:66:a6: 68:b3:de:d7:2f:c5:b2:e2:bb:49:90:e3:f0:16:61:d1:e8:a6: 74:bf:4a:80:0b:40:32:d6:fd:b3:4f:ce:0b:b3:eb:39:8b:68: 5b:80:b8:09:13:6c:d8:cf:4c:9f:27:d5:d9:16:46:3d:95:d6: f9:bc:f2:f0:42:44:4b:ee:fd:dc:98:f7:21:ca:e1:a7:fe:b9: cc:f9:e7:6b:4c:67:af:a7:a3:e5:55:da:81:40:0e:45:7d:8d: b0:29:71:7c:62:78:bd:6d:e5:88:c6:09:07:92:7a:1c:a0:b3: 8a:37:2c:4b:f3:78:ad:a5:9b:d4:72:11:eb:62:91:77:56:93: f7:81:b9:3b:ef:c3:ab:26:29:93:70:13:43:97:94:e2:12:4e: d3:ba:0b:73:89:42:03:bc:16:4e:07:fa:51:d2:95:94:d6:26: 3d:94:1c:72:77:83:01:d9:ae:5f:2d:5d:a8:08:45:14:01:79: ce:39:2d:3c:57:86:f0:de:c1:df:dd:96:75:47:99:39:28:c1: 85:b7:41:a1:f9:be:25:3e:74:01:eb:eb:e6:62:40:f2:c4:67: 7d:f8:a0:74 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUd8nQZyMTtn5DakP6J81P0zCgYnIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MzAyNVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAN2FmMTEzOTE3NWRjMzNjZTgxMGFk MzczYWM4YTlkM2ZmZjFkOTUxYzk0NTM3YWM1NWJlZTE0YWE5NjY4MjZjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlLj/MvDpbtuTpiPPiyxfB6VhwJK ChLzMFzqtCBqY84i6Ll+DzYkJqTPHPRtQ+B7zlHqjEJGI3E8ZyEoKMTORf0uVfuq srx6qX6up/v8Jd4vWG43eXmUBJC4szbPe53CSqKSZ4Ua7cDYLOsX62V1d98o5zag RQDmiUFQGx47Np20m/B6ujKmDDK9GFHB1dEG1i1VPMRH5guNUGkwzkAH3qX0Ndtc kH+7ZG8wmwy8TZu4rLQziwsdhAzNpcAjK0m7T77KOSEvY0nRHB010pLkPbPyNUNE 6MZcp6MUEAD7lsJL2b44B2GtIZabLI0h9PaT+CpOxjkPvCkPXdbI0hXYlwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCGHM0a0TuQ9ZkEHlhzwmZauaRiRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlkNjA5N2JiLTQ2ZjctNGEzOS05YWZlLTk4MjcxYzhiMDViOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHIwwDQYJKoZIhvcNAQELBQADggEBAI2K2D4YcOfJi7I+NiH6 vH+gr2W6djba1/Hh8/e2gPiQ96Vmpmiz3tcvxbLiu0mQ4/AWYdHopnS/SoALQDLW /bNPzguz6zmLaFuAuAkTbNjPTJ8n1dkWRj2V1vm88vBCREvu/dyY9yHK4af+ucz5 52tMZ6+no+VV2oFADkV9jbApcXxieL1t5YjGCQeSehygs4o3LEvzeK2lm9RyEeti kXdWk/eBuTvvw6smKZNwE0OXlOISTtO6C3OJQgO8Fk4H+lHSlZTWJj2UHHJ3gwHZ rl8tXagIRRQBec45LTxXhvDewd/dlnVHmTkowYW3QaH5viU+dAHr6+ZiQPLEZ334 oHQ= -----END CERTIFICATE-----Generated at Thu Apr 17 18:09:24 2025 by rpki-client