$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa File: a0d0474f-3a63-4312-ba91-4caeffc8b819.roa (raw, json) Hash identifier: c2v8W3IN1nLTuUQ5G+97l4TWwddQf1ERz7vwQnm3iiQ= Subject key identifier: 61:3C:8C:42:13:3B:0E:5F:BD:FF:83:AE:D9:1F:C7:8E:EF:A6:68:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 751A104BB24B85EB454FF96327C9859BABEECA5D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa Signing time: Tue 25 Mar 2025 16:21:31 +0000 ROA not before: Tue 25 Mar 2025 16:21:31 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:1a:10:4b:b2:4b:85:eb:45:4f:f9:63:27:c9:85:9b:ab:ee:ca:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:21:31 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=0f1ec6ebf98d3e4c7e3327bea669f0ed3fdf6b444185bb0433310a1555c69a8e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:9c:59:5b:ef:ec:34:dc:a7:8e:8b:b4:ad:83: c3:5f:0c:f3:ef:11:af:8f:5c:a1:b3:01:12:fe:f3: 10:ae:65:84:bd:d5:42:90:5b:58:11:84:df:20:47: ee:fb:f9:e4:17:7d:cc:ea:09:34:65:7d:38:ea:58: 7a:6e:23:41:4e:2f:d7:58:7e:70:87:fd:f0:84:e4: 52:c8:31:d0:e5:18:ff:ae:5e:2f:06:07:fa:90:b8: b5:e2:c3:1c:23:f7:f6:d6:c2:6f:ce:0a:0b:69:cc: 26:1b:2b:03:05:05:ed:35:b3:e0:ef:d8:30:a2:09: bb:47:69:41:e6:d9:3e:b6:e1:65:e8:b3:99:27:72: 25:e9:6f:a4:8d:26:07:5d:a5:f3:f0:12:56:59:7b: ed:fc:66:6d:4b:5b:50:17:ef:5d:6a:95:5a:21:a5: fe:9d:34:eb:a4:1c:ac:08:9a:bf:64:15:ed:b2:02: aa:b7:e7:9e:fa:e0:0f:41:6d:95:e9:dd:48:01:e4: 69:7f:63:53:40:05:0e:d8:76:4c:03:e5:79:b5:31: 5b:fe:26:0c:a4:17:12:d6:bd:68:e8:ba:d5:f9:8e: 93:fc:6e:4d:5b:3b:f3:b2:f2:2a:70:5d:3c:4a:94: 08:0b:62:17:2c:a3:8c:02:12:e1:d8:8e:9c:4c:b2: de:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:3C:8C:42:13:3B:0E:5F:BD:FF:83:AE:D9:1F:C7:8E:EF:A6:68:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4800::/40 Signature Algorithm: sha256WithRSAEncryption 3a:95:d2:25:87:fc:78:a5:9e:fb:a5:76:59:b4:1c:5b:eb:6c: ee:99:11:cd:5a:c7:30:4e:b6:b2:a7:54:5a:3d:c0:ca:be:ae: 69:ca:11:c5:8b:76:26:3f:5b:d1:af:60:48:65:7e:0d:69:d3: 39:4a:15:6a:d8:37:ac:02:8b:d1:b0:44:b4:67:fa:42:6f:55: 55:4f:8a:30:4f:1a:4f:f3:22:ce:02:1e:ab:89:49:e9:cf:17: 11:52:fe:67:83:85:9d:57:80:7c:02:27:ff:38:c7:0b:fd:7c: 45:70:11:73:22:17:bf:84:dd:33:52:d0:a6:2b:77:cf:21:fe: 8c:ed:c8:d1:ec:4a:7c:f2:51:65:8d:ba:dc:85:68:c6:49:67: 58:f9:78:f1:95:2b:e6:a1:7a:51:29:b9:f1:e0:a0:a8:22:e8: 61:48:c6:c1:f5:fe:13:5b:c1:5d:44:47:23:a7:c2:b6:63:1e: 7f:91:84:5a:8f:4e:e3:4a:8c:7f:0b:5b:3f:1c:f9:dd:4a:63: 0c:82:7a:09:54:20:67:12:3d:72:03:6b:9a:32:1d:95:99:64: 32:69:65:e8:29:72:77:78:3e:64:c0:a5:73:67:22:fe:17:b7: 2a:a7:af:d8:81:f3:da:cb:b3:66:97:f7:51:e8:9f:96:f2:dc: 14:a0:54:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdRoQS7JLhetFT/ljJ8mFm6vuyl0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MjEzMVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMGYxZWM2ZWJmOThkM2U0YzdlMzMy N2JlYTY2OWYwZWQzZmRmNmI0NDQxODViYjA0MzMzMTBhMTU1NWM2OWE4ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJxZW+/sNNynjou0rYPDXwzz7xGv j1yhswES/vMQrmWEvdVCkFtYEYTfIEfu+/nkF33M6gk0ZX046lh6biNBTi/XWH5w h/3whORSyDHQ5Rj/rl4vBgf6kLi14sMcI/f21sJvzgoLacwmGysDBQXtNbPg79gw ogm7R2lB5tk+tuFl6LOZJ3Il6W+kjSYHXaXz8BJWWXvt/GZtS1tQF+9dapVaIaX+ nTTrpBysCJq/ZBXtsgKqt+ee+uAPQW2V6d1IAeRpf2NTQAUO2HZMA+V5tTFb/iYM pBcS1r1o6LrV+Y6T/G5NWzvzsvIqcF08SpQIC2IXLKOMAhLh2I6cTLLenwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGE8jEITOw5fvf+Drtkfx47vpmgxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EwZDA0NzRmLTNhNjMtNDMxMi1iYTkxLTRjYWVmZmM4YjgxOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEgwDQYJKoZIhvcNAQELBQADggEBADqV0iWH/Hilnvuldlm0 HFvrbO6ZEc1axzBOtrKnVFo9wMq+rmnKEcWLdiY/W9GvYEhlfg1p0zlKFWrYN6wC i9GwRLRn+kJvVVVPijBPGk/zIs4CHquJSenPFxFS/meDhZ1XgHwCJ/84xwv9fEVw EXMiF7+E3TNS0KYrd88h/oztyNHsSnzyUWWNutyFaMZJZ1j5ePGVK+ahelEpufHg oKgi6GFIxsH1/hNbwV1ERyOnwrZjHn+RhFqPTuNKjH8LWz8c+d1KYwyCeglUIGcS PXIDa5oyHZWZZDJpZegpcnd4PmTApXNnIv4Xtyqnr9iB89rLs2aX91Hon5by3BSg VPU= -----END CERTIFICATE-----Generated at Thu Apr 17 17:53:14 2025 by rpki-client