$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac94887b-5f68-400d-969c-c7c686f570d1.roa File: ac94887b-5f68-400d-969c-c7c686f570d1.roa (raw, json) Hash identifier: q6BJN9TQZtaCknZgRfA2KyYC/TyhhCnlxuri1DJM5nA= Subject key identifier: 44:BC:C6:8C:D4:E7:CD:67:3D:F2:03:DF:18:7C:E8:02:6F:76:4E:15 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1725C8BBB76D7B24B2D568AD445928907A5971E5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac94887b-5f68-400d-969c-c7c686f570d1.roa Signing time: Tue 25 Mar 2025 15:11:13 +0000 ROA not before: Tue 25 Mar 2025 15:11:13 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:25:c8:bb:b7:6d:7b:24:b2:d5:68:ad:44:59:28:90:7a:59:71:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:11:13 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=9530ea586e3924399b1ac2f48aa170732da1f7f21925828607263a96db2a5e5e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:cb:5a:69:bb:14:de:fd:ea:cb:d4:c4:5d:7d: 7c:f8:2f:be:07:79:96:c2:da:17:66:3d:80:8a:f1: 99:78:20:1c:42:62:81:63:b5:7c:d5:84:d8:16:83: 8f:3b:cf:6a:07:ee:63:c3:d8:01:14:7f:fc:57:70: 32:ed:d0:91:40:e7:aa:b3:14:61:ec:e7:69:a6:56: fe:72:bb:c3:23:86:73:e4:e2:7d:f2:78:75:3a:7a: e1:b9:31:da:4a:d7:c0:11:33:81:55:a8:ac:aa:0c: 25:94:3d:07:ee:45:16:75:d2:af:c5:09:a8:57:6f: 4d:ea:a5:a3:41:b9:d4:cb:9c:da:b1:50:13:0e:d5: 7c:0f:08:dd:b6:ac:23:22:53:e0:9f:ec:98:99:cb: 55:d0:88:f4:ab:df:9f:4a:b9:73:8c:8e:66:67:d2: 44:58:9e:bd:77:02:40:f9:55:8b:51:08:00:12:67: b4:c8:8f:9d:96:1f:c1:8a:11:70:a8:2c:bf:d1:17: 6a:9c:32:f4:fd:8c:b4:97:ae:62:82:97:96:a7:a4: 55:b0:ba:5d:88:1f:25:f3:52:c9:37:90:ba:38:f3: 62:9e:96:3d:fa:49:54:36:19:2f:ba:dd:a3:6b:4a: 3d:2f:4c:ab:de:5f:7c:a9:ad:ec:95:a0:cd:7d:78: 81:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:BC:C6:8C:D4:E7:CD:67:3D:F2:03:DF:18:7C:E8:02:6F:76:4E:15 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac94887b-5f68-400d-969c-c7c686f570d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:1000::/40 Signature Algorithm: sha256WithRSAEncryption cb:69:59:95:e9:71:b2:5f:6b:e0:37:d9:aa:f1:95:9e:d3:af: 97:ec:34:80:9d:1a:f8:7e:52:67:76:f8:5b:c8:1c:58:a3:95: 50:89:a1:21:a3:43:9e:c0:e3:27:6f:48:dc:06:93:f1:76:9d: cb:35:1d:8e:e0:ad:16:e5:8b:63:a4:e9:96:5d:0e:d9:19:70: 88:3d:f7:47:d6:43:86:33:d2:01:01:6a:99:50:a8:6f:c4:d5: ce:0b:70:53:a3:03:5f:67:4f:20:b8:10:c1:f3:3e:3d:58:0c: ab:55:cb:94:be:f8:99:bd:0a:dd:8b:59:e2:e1:b6:76:64:76: 7f:7a:8b:4e:3a:1b:32:04:14:7e:c0:85:d1:ad:00:63:fd:1f: 35:ab:90:04:9e:6f:39:c3:da:89:f6:3e:2e:bb:41:74:f0:71: 61:f5:a2:fe:06:2b:aa:89:1f:9e:d8:02:12:83:b0:0f:cc:f6: a9:9b:2d:f7:89:b0:40:6c:cc:5e:86:b8:8e:54:cd:e2:74:cc: a2:dd:bc:e2:c3:71:65:a5:3d:55:90:76:90:f2:24:1e:9e:11: f7:2c:26:de:4c:33:64:3f:fb:04:fd:08:a6:49:bb:6b:cc:7b: d4:e0:17:c4:54:cf:37:ba:0f:c0:90:3d:78:f1:38:af:79:be: bc:4b:28:c4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFyXIu7dteySy1WitRFkokHpZceUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MTExM1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAOTUzMGVhNTg2ZTM5MjQzOTliMWFj MmY0OGFhMTcwNzMyZGExZjdmMjE5MjU4Mjg2MDcyNjNhOTZkYjJhNWU1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MtaabsU3v3qy9TEXX18+C++B3mW wtoXZj2AivGZeCAcQmKBY7V81YTYFoOPO89qB+5jw9gBFH/8V3Ay7dCRQOeqsxRh 7Odpplb+crvDI4Zz5OJ98nh1OnrhuTHaStfAETOBVaisqgwllD0H7kUWddKvxQmo V29N6qWjQbnUy5zasVATDtV8DwjdtqwjIlPgn+yYmctV0Ij0q9+fSrlzjI5mZ9JE WJ69dwJA+VWLUQgAEme0yI+dlh/BihFwqCy/0RdqnDL0/Yy0l65igpeWp6RVsLpd iB8l81LJN5C6OPNinpY9+klUNhkvut2ja0o9L0yr3l98qa3slaDNfXiBfQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFES8xozU581nPfID3xh86AJvdk4VMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjOTQ4ODdiLTVmNjgtNDAwZC05NjljLWM3YzY4NmY1NzBkMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8hAwDQYJKoZIhvcNAQELBQADggEBAMtpWZXpcbJfa+A32arx lZ7Tr5fsNICdGvh+Umd2+FvIHFijlVCJoSGjQ57A4ydvSNwGk/F2ncs1HY7grRbl i2Ok6ZZdDtkZcIg990fWQ4Yz0gEBaplQqG/E1c4LcFOjA19nTyC4EMHzPj1YDKtV y5S++Jm9Ct2LWeLhtnZkdn96i046GzIEFH7AhdGtAGP9HzWrkASebznD2on2Pi67 QXTwcWH1ov4GK6qJH57YAhKDsA/M9qmbLfeJsEBszF6GuI5UzeJ0zKLdvOLDcWWl PVWQdpDyJB6eEfcsJt5MM2Q/+wT9CKZJu2vMe9TgF8RUzze6D8CQPXjxOK95vrxL KMQ= -----END CERTIFICATE-----Generated at Thu Apr 17 17:36:32 2025 by rpki-client