$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a21dee66-37c0-469d-8b01-08b0f731a865.roa File: a21dee66-37c0-469d-8b01-08b0f731a865.roa (raw, json) Hash identifier: VWCwnSB9YwUsaTfIZt2FOcjUzTsSUKZ/Xcu41hPxf6s= Subject key identifier: 2F:71:A4:64:FB:B9:A4:A3:D2:68:53:62:B4:8D:C3:7A:58:39:02:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 041EB1C82799EBCDA43BFE9E43F98930A7BBC5F3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a21dee66-37c0-469d-8b01-08b0f731a865.roa Signing time: Tue 25 Mar 2025 16:11:03 +0000 ROA not before: Tue 25 Mar 2025 16:11:03 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:1e:b1:c8:27:99:eb:cd:a4:3b:fe:9e:43:f9:89:30:a7:bb:c5:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:11:03 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=09ce653f7c9fa70f1eb2b8c418abffe519a3f14e918ac3b7b1e58e0fff4f8654, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:ba:91:f1:3f:d0:6b:48:c1:43:ef:6b:b6:ec: 2f:69:d8:ed:d2:78:a9:89:31:48:38:82:38:82:4b: e1:b8:a4:a0:c7:cd:ea:1d:b1:0e:0a:01:5b:6c:a7: 19:48:da:27:53:85:ba:34:ef:a3:27:43:a9:10:ef: 90:d9:b4:e7:ab:72:0c:a0:a3:48:b9:f2:95:b6:c0: 1c:ae:c0:a2:0b:e8:f2:0f:2e:da:cb:e8:0b:73:53: 24:06:6f:8c:37:03:be:df:1f:5d:91:a5:46:89:bf: 63:58:ea:6f:a4:08:dc:b2:91:28:43:33:10:12:13: 7e:01:d2:cf:3f:b7:52:c1:91:2d:0f:85:49:cd:96: 6b:5e:a3:82:e5:01:9e:04:1d:a4:5d:5b:06:7a:3f: 22:f6:ae:97:3c:fc:1f:7c:74:86:d7:58:a0:15:3c: b8:68:37:57:05:29:fa:64:33:8a:09:da:fd:1e:30: f5:a1:96:87:f6:e3:9d:fb:dd:3f:b7:aa:17:de:b3: d4:8a:4a:8e:4c:ec:b9:86:f0:79:d4:ed:5e:40:d2: c7:d9:e6:d5:e7:c5:89:14:5a:ba:9c:a9:b0:a1:fb: 4c:1e:9f:b3:d5:d2:7d:8e:53:2b:24:db:10:d8:56: 14:b8:8e:37:56:56:b9:4c:95:26:60:7b:a6:9c:fe: 96:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:71:A4:64:FB:B9:A4:A3:D2:68:53:62:B4:8D:C3:7A:58:39:02:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a21dee66-37c0-469d-8b01-08b0f731a865.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:b000::/40 Signature Algorithm: sha256WithRSAEncryption 89:ab:fb:be:64:7d:4d:8e:3f:d1:f9:c7:d9:2c:1a:64:76:95: 58:2a:e3:f3:1a:df:2b:40:5d:13:45:ee:a0:fb:42:f2:16:5a: cd:25:41:c7:9e:f4:e4:2d:5d:34:3c:20:45:42:7a:74:6d:69: f9:73:01:f9:c3:fb:6e:dc:9d:01:93:78:af:d9:09:d8:4f:2f: 0f:23:96:ac:59:18:b4:b4:6d:e3:67:31:99:3a:b7:a7:63:36: ef:97:c6:58:79:ef:c0:55:96:2e:57:49:db:db:a2:e3:51:11: 28:dc:7f:ec:d9:42:62:e4:1a:77:11:30:57:d8:cf:c6:4f:16: 58:d5:5b:f8:1c:d1:59:cb:ac:88:d7:e2:18:7a:a6:d6:9b:0e: e3:29:80:8d:86:14:3f:83:0c:04:a3:e5:19:b5:d4:c6:3b:77: 1d:a9:f0:9e:10:70:70:1c:17:8e:b9:e5:67:15:cd:79:e9:ea: 02:e3:c8:3d:15:14:99:a8:d7:c0:b3:e8:f2:fd:a6:39:cd:38: fa:e4:7c:97:44:c9:aa:88:07:1c:ab:3c:bb:e3:69:34:22:20: 86:41:a9:9b:5b:e2:58:09:ad:ed:ee:28:51:1c:ea:97:0b:2e: 36:28:63:54:28:8c:66:71:a6:6a:10:94:80:4f:11:01:2b:5e: 8d:58:88:7c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBB6xyCeZ682kO/6eQ/mJMKe7xfMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MTEwM1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMDljZTY1M2Y3YzlmYTcwZjFlYjJi OGM0MThhYmZmZTUxOWEzZjE0ZTkxOGFjM2I3YjFlNThlMGZmZjRmODY1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrqR8T/Qa0jBQ+9rtuwvadjt0nip iTFIOII4gkvhuKSgx83qHbEOCgFbbKcZSNonU4W6NO+jJ0OpEO+Q2bTnq3IMoKNI ufKVtsAcrsCiC+jyDy7ay+gLc1MkBm+MNwO+3x9dkaVGib9jWOpvpAjcspEoQzMQ EhN+AdLPP7dSwZEtD4VJzZZrXqOC5QGeBB2kXVsGej8i9q6XPPwffHSG11igFTy4 aDdXBSn6ZDOKCdr9HjD1oZaH9uOd+90/t6oX3rPUikqOTOy5hvB51O1eQNLH2ebV 58WJFFq6nKmwoftMHp+z1dJ9jlMrJNsQ2FYUuI43Vla5TJUmYHumnP6WswIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFC9xpGT7uaSj0mhTYrSNw3pYOQJYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyMWRlZTY2LTM3YzAtNDY5ZC04YjAxLTA4YjBmNzMxYTg2NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNrAwDQYJKoZIhvcNAQELBQADggEBAImr+75kfU2OP9H5x9ks GmR2lVgq4/Ma3ytAXRNF7qD7QvIWWs0lQcee9OQtXTQ8IEVCenRtaflzAfnD+27c nQGTeK/ZCdhPLw8jlqxZGLS0beNnMZk6t6djNu+Xxlh578BVli5XSdvbouNRESjc f+zZQmLkGncRMFfYz8ZPFljVW/gc0VnLrIjX4hh6ptabDuMpgI2GFD+DDASj5Rm1 1MY7dx2p8J4QcHAcF4655WcVzXnp6gLjyD0VFJmo18Cz6PL9pjnNOPrkfJdEyaqI BxyrPLvjaTQiIIZBqZtb4lgJre3uKFEc6pcLLjYoY1QojGZxpmoQlIBPEQErXo1Y iHw= -----END CERTIFICATE-----Generated at Thu Apr 17 17:57:48 2025 by rpki-client