$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0276322-5c62-450c-9379-22ba77895050.roa File: c0276322-5c62-450c-9379-22ba77895050.roa (raw, json) Hash identifier: t3Pquj0L++uqV3HOTcYMN/Qdb7Pu8B+Vewn6hxFKSGY= Subject key identifier: D1:D3:00:08:53:EC:A0:B3:73:82:B4:DB:BE:12:FF:1C:39:35:D4:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 288B001B8FE2C1DFA3E01FAD2EA91420FE6599EC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0276322-5c62-450c-9379-22ba77895050.roa Signing time: Tue 25 Mar 2025 16:30:48 +0000 ROA not before: Tue 25 Mar 2025 16:30:48 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1f::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:8b:00:1b:8f:e2:c1:df:a3:e0:1f:ad:2e:a9:14:20:fe:65:99:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:30:48 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=250507fcd296b41f3a7f50b7ac16790ab3ac12865b281aa41f0772df81752b6a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:b2:66:e5:33:ea:cd:d4:aa:b5:72:b4:0e:f1: df:ec:4c:45:1d:49:2a:4a:7a:12:53:0d:5a:48:af: db:64:49:3a:14:17:6a:1c:8a:31:9e:55:31:08:5a: 0d:7d:b2:cf:0f:67:c2:3a:2b:51:17:bb:d0:de:25: 8b:36:fb:22:bd:4a:9a:b9:fe:5c:f6:28:06:06:4b: 8f:45:a0:fc:c5:53:24:b7:2c:a2:79:37:87:6d:c5: 73:ce:f6:36:95:12:e7:4b:62:50:bc:cc:ef:33:82: 20:19:2b:86:a4:06:57:2c:d6:87:f7:a2:ee:04:67: 10:82:3b:ad:45:ee:2b:1a:ae:96:2c:58:d0:3b:f0: ed:dd:8b:20:b5:8e:73:ae:81:52:11:5f:dc:8e:9a: 7d:49:24:bc:60:d0:11:01:67:3c:14:3b:4d:25:ca: 66:75:17:13:25:2c:da:44:67:06:52:dc:48:03:35: 45:f1:f2:df:0c:a3:fd:c7:f6:b3:6c:a1:26:b9:e4: ef:a0:2e:70:45:05:d3:f2:36:c8:04:3d:39:58:80: a3:c1:80:52:c5:28:87:f1:0d:34:c6:35:2a:0b:7f: 90:45:9a:b5:81:f4:a9:ef:7b:1b:f8:8e:d4:4b:b2: 83:5d:00:19:0f:b7:d8:3a:45:43:9a:8d:2d:88:f6: 47:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:D3:00:08:53:EC:A0:B3:73:82:B4:DB:BE:12:FF:1C:39:35:D4:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0276322-5c62-450c-9379-22ba77895050.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1f::/38 Signature Algorithm: sha256WithRSAEncryption 91:9b:49:3d:13:ca:45:63:76:a8:7b:c9:9d:4a:df:ea:7e:b1: da:7a:dd:0c:1c:61:5a:0a:56:0d:34:ec:6b:70:b6:cf:b4:57: 2e:93:62:2c:bc:1d:e9:42:00:7e:97:fa:23:0c:8b:bd:d4:17: 02:7b:d9:1f:a1:81:d2:30:6e:9e:7a:62:59:fa:4e:ee:18:2b: 7a:24:a0:bb:54:95:e5:8c:87:9e:92:57:ab:5c:23:4f:79:de: 6f:f9:bc:63:0f:1e:8c:a8:51:ff:67:f4:40:c6:f8:33:85:74: 17:2b:30:5d:e2:50:0e:02:4b:70:f9:e3:da:de:19:8a:1c:9c: 98:a2:f1:14:e4:f9:0f:16:d2:de:19:2d:f7:7b:2d:20:3b:25: 28:1f:3b:f4:f8:eb:23:56:21:8e:68:94:fb:1c:e6:21:e2:78: e1:53:84:64:d0:00:09:a5:69:0b:e4:21:d3:e1:7b:ca:e2:b9: 74:96:24:1a:ac:6b:4a:c9:a7:88:a9:67:9e:94:b8:84:9d:52: 5f:d4:99:cd:48:ed:4d:6e:b4:18:15:2e:f0:d4:ed:e9:1a:d3: 11:b8:9a:4c:1c:da:9b:e0:4f:6e:d3:a3:29:3b:ea:c3:e2:d5: 9e:a9:76:0e:70:68:72:ae:89:c6:89:bb:81:2e:24:95:dc:45: e7:3a:14:fe -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKIsAG4/iwd+j4B+tLqkUIP5lmewwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MzA0OFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMjUwNTA3ZmNkMjk2YjQxZjNhN2Y1 MGI3YWMxNjc5MGFiM2FjMTI4NjViMjgxYWE0MWYwNzcyZGY4MTc1MmI2YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7Jm5TPqzdSqtXK0DvHf7ExFHUkq SnoSUw1aSK/bZEk6FBdqHIoxnlUxCFoNfbLPD2fCOitRF7vQ3iWLNvsivUqauf5c 9igGBkuPRaD8xVMktyyieTeHbcVzzvY2lRLnS2JQvMzvM4IgGSuGpAZXLNaH96Lu BGcQgjutRe4rGq6WLFjQO/Dt3YsgtY5zroFSEV/cjpp9SSS8YNARAWc8FDtNJcpm dRcTJSzaRGcGUtxIAzVF8fLfDKP9x/azbKEmueTvoC5wRQXT8jbIBD05WICjwYBS xSiH8Q00xjUqC3+QRZq1gfSp73sb+I7US7KDXQAZD7fYOkVDmo0tiPZHvwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNHTAAhT7KCzc4K0274S/xw5NdRAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwMjc2MzIyLTVjNjItNDUwYy05Mzc5LTIyYmE3Nzg5NTA1MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHwAwDQYJKoZIhvcNAQELBQADggEBAJGbST0TykVjdqh7yZ1K 3+p+sdp63QwcYVoKVg007Gtwts+0Vy6TYiy8HelCAH6X+iMMi73UFwJ72R+hgdIw bp56Yln6Tu4YK3okoLtUleWMh56SV6tcI0953m/5vGMPHoyoUf9n9EDG+DOFdBcr MF3iUA4CS3D549reGYocnJii8RTk+Q8W0t4ZLfd7LSA7JSgfO/T46yNWIY5olPsc 5iHieOFThGTQAAmlaQvkIdPhe8riuXSWJBqsa0rJp4ipZ56UuISdUl/Umc1I7U1u tBgVLvDU7eka0xG4mkwc2pvgT27Toyk76sPi1Z6pdg5waHKuicaJu4EuJJXcRec6 FP4= -----END CERTIFICATE-----Generated at Thu Apr 17 18:22:04 2025 by rpki-client