$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b722e8e8-9dc4-4578-b939-252603f62da2.roa File: b722e8e8-9dc4-4578-b939-252603f62da2.roa (raw, json) Hash identifier: IYwoIo9VpCk/Kvn6i0loHGutIrHiqVNN3kVmjgIA1yE= Subject key identifier: 40:44:2F:F6:04:E9:9A:3C:41:34:39:C3:11:65:E8:A5:9F:D1:FE:D0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37312B54B96E8EA3F5EE07BEE0BF27E19A403A64 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b722e8e8-9dc4-4578-b939-252603f62da2.roa Signing time: Tue 25 Mar 2025 15:31:40 +0000 ROA not before: Tue 25 Mar 2025 15:31:40 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:9080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:31:2b:54:b9:6e:8e:a3:f5:ee:07:be:e0:bf:27:e1:9a:40:3a:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:31:40 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=22d8df86fc751dc27d12738b2c8548433cf0db19a88d70364cf9e617f5536823, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:52:2b:cf:f7:57:8d:64:84:1a:35:ab:43:52: 5b:1f:db:00:10:55:a2:88:15:fe:f3:37:34:ca:dd: e5:e0:51:1f:57:47:fc:f0:6f:2a:e8:ac:7e:cb:78: 18:cd:8a:7a:0f:0d:65:e6:30:7b:ff:ab:a9:f9:83: c6:7f:85:9a:88:7b:4a:09:9b:9f:83:11:a0:69:76: 1d:02:59:5c:c8:43:04:6c:0a:92:e1:e8:a7:06:47: 41:9f:a4:f8:0a:02:05:09:74:7f:cc:9a:27:59:5f: 4e:22:75:b9:f4:d0:e0:f8:f4:c8:0f:77:4e:d7:2e: 62:98:48:84:94:03:72:2d:d7:55:e4:d9:7c:78:23: ea:d5:fb:5c:7c:73:f5:13:2e:22:ba:32:99:3b:d0: cd:fb:eb:a5:cf:59:37:c1:eb:b3:99:b9:64:b8:d8: 94:30:74:31:ec:d6:5e:63:3f:e8:02:77:e0:42:72: 84:07:b8:a2:de:cd:5b:02:73:dd:b4:ca:57:fd:72: e9:fa:be:d7:b6:69:38:0c:95:a5:64:a8:7f:b9:cf: 0f:d5:69:3b:3c:96:e4:12:b0:a2:39:2e:8d:0e:85: 3e:39:80:a8:69:1b:0b:4d:45:77:78:ba:19:bf:d2: dd:5d:28:e8:06:ed:d6:13:ee:43:82:7e:52:36:5d: 43:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:44:2F:F6:04:E9:9A:3C:41:34:39:C3:11:65:E8:A5:9F:D1:FE:D0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b722e8e8-9dc4-4578-b939-252603f62da2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:9080::/46 Signature Algorithm: sha256WithRSAEncryption b1:21:58:4e:67:d9:31:5e:d4:e6:0a:6f:89:54:87:0a:f6:7c: fd:5d:5f:6f:40:2f:59:48:2a:c2:38:cf:bd:0d:1f:58:37:b8: 21:67:3f:80:9f:55:bb:00:bf:52:c2:97:0f:1f:78:a9:e0:a7: af:c0:a5:1a:35:2d:eb:bb:09:1d:71:f7:ad:77:1e:41:47:18: f2:d5:af:df:1b:36:fd:60:5e:fd:a5:18:52:b1:2a:3c:86:4e: b5:69:ab:bc:1d:6e:d2:be:a4:03:13:0a:31:50:e2:bd:18:28: 04:82:a6:a8:09:8d:2d:ab:fe:6e:b9:a2:b8:aa:6e:8f:7b:b3: 5b:71:74:27:ce:db:ea:98:0f:bc:f8:4e:e5:a5:8b:e2:2f:79: 77:f5:95:b9:5d:fb:c5:b2:82:63:73:ab:0e:64:ec:93:eb:08: 15:5f:e8:ed:f2:a4:df:34:6c:99:94:b8:05:62:9f:1b:e7:3b: e5:46:46:c1:28:ef:5a:75:e0:bb:bf:07:55:45:9f:2c:43:ee: 82:c6:30:05:15:ef:f6:b2:88:82:a2:4d:19:b7:1b:66:cb:95: de:bf:be:2b:2d:56:4b:fc:91:2a:f3:95:2f:4b:65:e5:26:8d: 5c:cd:6b:dc:48:bb:9a:b5:25:2d:31:de:b8:9e:0f:bf:c6:c9: b8:e2:89:66 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNzErVLlujqP17ge+4L8n4ZpAOmQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MzE0MFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMjJkOGRmODZmYzc1MWRjMjdkMTI3 MzhiMmM4NTQ4NDMzY2YwZGIxOWE4OGQ3MDM2NGNmOWU2MTdmNTUzNjgyMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslIrz/dXjWSEGjWrQ1JbH9sAEFWi iBX+8zc0yt3l4FEfV0f88G8q6Kx+y3gYzYp6Dw1l5jB7/6up+YPGf4WaiHtKCZuf gxGgaXYdAllcyEMEbAqS4einBkdBn6T4CgIFCXR/zJonWV9OInW59NDg+PTID3dO 1y5imEiElANyLddV5Nl8eCPq1ftcfHP1Ey4iujKZO9DN++ulz1k3weuzmblkuNiU MHQx7NZeYz/oAnfgQnKEB7ii3s1bAnPdtMpX/XLp+r7Xtmk4DJWlZKh/uc8P1Wk7 PJbkErCiOS6NDoU+OYCoaRsLTUV3eLoZv9LdXSjoBu3WE+5Dgn5SNl1D9QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEBEL/YE6Zo8QTQ5wxFl6KWf0f7QMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I3MjJlOGU4LTlkYzQtNDU3OC1iOTM5LTI1MjYwM2Y2MmRhMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaZCAMA0GCSqGSIb3DQEBCwUAA4IBAQCxIVhOZ9kxXtTmCm+J VIcK9nz9XV9vQC9ZSCrCOM+9DR9YN7ghZz+An1W7AL9SwpcPH3ip4KevwKUaNS3r uwkdcfetdx5BRxjy1a/fGzb9YF79pRhSsSo8hk61aau8HW7SvqQDEwoxUOK9GCgE gqaoCY0tq/5uuaK4qm6Pe7NbcXQnztvqmA+8+E7lpYviL3l39ZW5XfvFsoJjc6sO ZOyT6wgVX+jt8qTfNGyZlLgFYp8b5zvlRkbBKO9adeC7vwdVRZ8sQ+6CxjAFFe/2 soiCok0Ztxtmy5Xev74rLVZL/JEq85UvS2XlJo1czWvcSLuatSUtMd64ng+/xsm4 4olm -----END CERTIFICATE-----Generated at Thu Apr 17 17:50:41 2025 by rpki-client