$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac7225c2-bba5-4a82-9be4-4396405c0a57.roa File: ac7225c2-bba5-4a82-9be4-4396405c0a57.roa (raw, json) Hash identifier: mnzLiD1K8uZEdlLsu3CCQ4ksBxNjsJPi9YVT9dzSmVU= Subject key identifier: 93:59:67:28:85:B9:0D:48:86:DA:A1:0C:C0:D6:AA:61:7A:18:97:B8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19F628F343E59757FE564FB7831A81B9821A8EA4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac7225c2-bba5-4a82-9be4-4396405c0a57.roa Signing time: Tue 25 Mar 2025 00:21:12 +0000 ROA not before: Tue 25 Mar 2025 00:21:12 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:60a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:f6:28:f3:43:e5:97:57:fe:56:4f:b7:83:1a:81:b9:82:1a:8e:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:21:12 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=07ad34fb52b693bbd265a23f9445bac45120c49f1e247abef1209080ae6befd7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:21:b4:0d:ce:9c:41:a5:95:a0:2e:e8:46:73: 52:a1:99:70:a8:fb:98:75:8a:71:c6:38:1c:3f:4a: 43:b5:a7:e8:d8:e1:a7:5f:0e:37:6e:57:f5:d0:ee: dd:ad:83:97:a0:a8:17:ab:f2:94:f1:fb:cf:a6:fe: cd:21:a2:02:0d:63:c9:ae:a6:9f:9b:f1:5f:cc:c5: 74:36:f7:a4:c4:52:6f:44:3a:2c:28:b7:d1:1e:d2: 8f:98:30:5e:8d:69:a4:c4:ce:96:74:05:c5:dc:d6: 33:10:e4:ba:ad:bd:d3:1d:62:15:92:1b:0d:58:fd: 50:1e:0a:bb:ca:8b:42:c5:9b:30:f2:e1:74:19:8a: fc:c5:5e:0e:e9:09:ed:29:09:2d:ec:50:8d:39:b4: e2:b5:ca:1e:bd:b9:8e:a3:c3:01:46:1e:d7:67:4d: d7:a4:6c:f9:7d:f2:18:3e:b3:d8:56:1a:d0:3c:15: d0:3e:51:ac:1e:f0:8f:93:f1:91:bb:4e:9a:8c:63: b1:c2:e9:8e:1e:28:38:01:18:14:54:5b:4d:a4:8f: 09:f3:ba:91:ea:a1:31:b5:13:ef:57:4d:24:88:d2: c2:ed:51:e6:5f:f7:8f:66:60:f8:9d:ce:f2:be:be: c0:80:a3:24:f3:c7:38:13:9b:8b:87:4f:5c:ab:39: 78:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:59:67:28:85:B9:0D:48:86:DA:A1:0C:C0:D6:AA:61:7A:18:97:B8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac7225c2-bba5-4a82-9be4-4396405c0a57.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:60a0::/48 Signature Algorithm: sha256WithRSAEncryption a4:06:fa:ca:c9:c1:2c:f0:55:39:45:55:7e:d1:77:00:88:ab: ed:63:fe:39:06:75:44:97:39:44:75:0c:d0:dc:67:3e:49:44: 3f:ef:e0:d0:b2:53:77:af:b8:72:3b:fc:8f:09:43:a1:3c:a8: 50:31:5e:52:4c:dd:bb:2d:d7:7f:82:31:c6:44:c5:7e:6b:fe: 12:53:be:b2:ec:f0:a8:af:66:26:f3:75:7b:46:7d:32:4a:c6: 4e:28:9c:b0:53:e0:fd:bd:53:e0:fe:e5:43:b3:9f:0c:59:1e: 26:19:a4:65:1f:6f:e9:15:9b:af:bc:c0:44:6b:47:14:12:11: c6:53:58:2f:62:c2:60:3f:70:dd:6b:59:19:a7:3c:56:47:a4: 8a:4d:b2:63:aa:2e:26:59:ad:4a:f8:3c:e1:4b:06:3c:3c:7a: 32:6b:02:5b:d5:ef:3e:a9:75:f1:8f:9a:c4:ca:1e:c6:3a:5b: 02:42:61:4a:c4:a6:90:5e:a4:2b:75:96:35:76:af:cc:1b:2a: df:2e:28:cd:cb:38:39:cc:28:64:ee:1c:28:87:c1:f3:23:fa: 1c:19:53:ab:cf:86:37:0c:65:8c:be:ab:48:12:e0:9f:ea:56: 61:fe:6a:b3:89:3f:e0:a7:a5:36:de:c5:e6:56:e1:4c:f1:46: ef:b9:3b:fc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGfYo80Pll1f+Vk+3gxqBuYIajqQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwMjExMloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMDdhZDM0ZmI1MmI2OTNiYmQyNjVh MjNmOTQ0NWJhYzQ1MTIwYzQ5ZjFlMjQ3YWJlZjEyMDkwODBhZTZiZWZkNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiG0Dc6cQaWVoC7oRnNSoZlwqPuY dYpxxjgcP0pDtafo2OGnXw43blf10O7drYOXoKgXq/KU8fvPpv7NIaICDWPJrqaf m/FfzMV0NvekxFJvRDosKLfRHtKPmDBejWmkxM6WdAXF3NYzEOS6rb3THWIVkhsN WP1QHgq7yotCxZsw8uF0GYr8xV4O6QntKQkt7FCNObTitcoevbmOo8MBRh7XZ03X pGz5ffIYPrPYVhrQPBXQPlGsHvCPk/GRu06ajGOxwumOHig4ARgUVFtNpI8J87qR 6qExtRPvV00kiNLC7VHmX/ePZmD4nc7yvr7AgKMk88c4E5uLh09cqzl4RwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJNZZyiFuQ1IhtqhDMDWqmF6GJe4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjNzIyNWMyLWJiYTUtNGE4Mi05YmU0LTQzOTY0MDVjMGE1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/2CgMA0GCSqGSIb3DQEBCwUAA4IBAQCkBvrKycEs8FU5RVV+ 0XcAiKvtY/45BnVElzlEdQzQ3Gc+SUQ/7+DQslN3r7hyO/yPCUOhPKhQMV5STN27 Ldd/gjHGRMV+a/4SU76y7PCor2Ym83V7Rn0ySsZOKJywU+D9vVPg/uVDs58MWR4m GaRlH2/pFZuvvMBEa0cUEhHGU1gvYsJgP3Dda1kZpzxWR6SKTbJjqi4mWa1K+Dzh SwY8PHoyawJb1e8+qXXxj5rEyh7GOlsCQmFKxKaQXqQrdZY1dq/MGyrfLijNyzg5 zChk7hwoh8HzI/ocGVOrz4Y3DGWMvqtIEuCf6lZh/mqziT/gp6U23sXmVuFM8Ubv uTv8 -----END CERTIFICATE-----Generated at Thu Apr 17 17:43:38 2025 by rpki-client