$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa File: c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa (raw, json) Hash identifier: G73+TIfTCNFvVrh3Rxmohge9DCSE7VufHSdjxswZmOg= Subject key identifier: 2C:D4:9C:DA:CE:57:33:A1:4D:8F:AC:63:5E:08:AD:9F:08:68:71:C0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 418DD3F1D5ACF4D85F665A7C7F8CB6432C9D8CCC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa Signing time: Tue 25 Mar 2025 15:51:01 +0000 ROA not before: Tue 25 Mar 2025 15:51:01 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:e0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:8d:d3:f1:d5:ac:f4:d8:5f:66:5a:7c:7f:8c:b6:43:2c:9d:8c:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:51:01 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=9c275510172cf5422395408a64197f4168672912baea5744f31462eaeee5cd7a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:6a:9a:c3:b2:a4:cf:70:20:a2:82:41:61:d5: 75:79:6a:a7:fd:24:00:24:f7:97:e0:56:47:56:93: bc:fb:22:ea:df:c5:eb:c4:91:ff:9d:6f:fd:2b:3b: d8:64:ad:79:87:b9:6f:0e:3f:68:1f:76:3b:bf:e0: 92:b2:ff:63:74:d4:27:2a:91:cc:27:0b:40:88:30: a6:d8:54:8a:a0:cf:fc:25:6b:97:a7:dd:24:68:28: a2:60:9e:48:8c:d8:df:39:99:50:d1:d7:40:ad:bf: c7:d9:e6:6f:fe:9e:1b:55:1e:8d:39:b4:48:47:98: a6:f2:f0:8c:10:8d:f5:06:3e:86:0b:09:a8:85:1a: da:e6:62:79:bd:52:5b:19:32:1a:37:96:fd:29:78: 3f:a6:e3:f8:90:eb:d7:a1:c9:4a:99:de:fd:71:ae: a4:eb:ad:08:2d:e9:e7:47:b8:43:2e:53:d3:df:11: 4b:1e:41:1e:c5:90:d2:4d:a4:54:d3:f2:be:52:59: 6d:07:f5:72:6e:74:0e:5b:16:09:6e:ea:87:08:69: 96:d3:9d:f4:86:ae:31:48:85:65:7f:26:26:04:1d: d4:97:e5:07:31:85:17:86:aa:c2:2c:5a:88:a4:73: e8:f7:b1:22:75:bd:74:a4:0e:87:28:15:18:cf:b4: 6c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:D4:9C:DA:CE:57:33:A1:4D:8F:AC:63:5E:08:AD:9F:08:68:71:C0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:e0c0::/46 Signature Algorithm: sha256WithRSAEncryption 87:66:36:29:68:0d:a4:df:b6:e5:35:31:3c:a9:80:bf:88:71: 3e:c0:b4:a9:9b:87:5d:f3:cd:7d:6e:6c:47:93:f4:0f:47:0f: 91:00:47:f8:1d:b8:36:b8:48:af:46:9e:86:51:2b:c0:82:09: 3c:fc:b8:5a:54:9f:ab:4f:68:ef:32:df:99:d6:59:50:cd:d5: 5d:20:54:a5:6a:ec:e1:4b:70:6d:29:6f:ab:db:1d:1d:9f:4a: 07:58:a9:7a:82:c9:2b:fe:a6:65:c4:4f:03:5f:45:d9:7d:d2: 69:f6:52:51:c5:12:ba:7b:ba:be:f5:f9:b8:63:ba:73:84:be: b4:64:c1:21:f4:69:6f:01:a7:6b:f4:f8:80:31:44:d6:4e:72: 26:4b:20:48:7c:fd:47:d1:c4:7c:e3:3d:89:86:aa:5c:3b:84: da:79:d4:4e:1f:37:77:21:2e:f3:99:7c:de:e1:cd:57:55:df: 32:64:3f:90:8e:a6:97:05:4d:b3:2b:b5:7c:d3:bd:2a:31:a6: 62:b0:a1:7a:25:f4:e4:7c:6b:eb:61:57:10:37:52:69:1f:2f: 7a:d4:57:f3:14:52:40:3e:35:7e:59:1f:17:31:ee:cd:88:17: a5:ba:5a:96:69:97:92:f8:17:ff:7e:ec:97:ad:b1:54:fb:7e: ef:c7:10:eb -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQY3T8dWs9NhfZlp8f4y2QyydjMwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1NTEwMVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAOWMyNzU1MTAxNzJjZjU0MjIzOTU0 MDhhNjQxOTdmNDE2ODY3MjkxMmJhZWE1NzQ0ZjMxNDYyZWFlZWU1Y2Q3YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGqaw7Kkz3AgooJBYdV1eWqn/SQA JPeX4FZHVpO8+yLq38XrxJH/nW/9KzvYZK15h7lvDj9oH3Y7v+CSsv9jdNQnKpHM JwtAiDCm2FSKoM/8JWuXp90kaCiiYJ5IjNjfOZlQ0ddArb/H2eZv/p4bVR6NObRI R5im8vCMEI31Bj6GCwmohRra5mJ5vVJbGTIaN5b9KXg/puP4kOvXoclKmd79ca6k 660ILennR7hDLlPT3xFLHkEexZDSTaRU0/K+UlltB/VybnQOWxYJbuqHCGmW0530 hq4xSIVlfyYmBB3Ul+UHMYUXhqrCLFqIpHPo97Eidb10pA6HKBUYz7RsMwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCzUnNrOVzOhTY+sY14IrZ8IaHHAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZWMxZmU5LTc0ZGEtNGMwNy1hZGIyLWFjNzQ0NmRlMzg5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba++DAMA0GCSqGSIb3DQEBCwUAA4IBAQCHZjYpaA2k37blNTE8 qYC/iHE+wLSpm4dd8819bmxHk/QPRw+RAEf4Hbg2uEivRp6GUSvAggk8/LhaVJ+r T2jvMt+Z1llQzdVdIFSlauzhS3BtKW+r2x0dn0oHWKl6gskr/qZlxE8DX0XZfdJp 9lJRxRK6e7q+9fm4Y7pzhL60ZMEh9GlvAadr9PiAMUTWTnImSyBIfP1H0cR84z2J hqpcO4TaedROHzd3IS7zmXze4c1XVd8yZD+QjqaXBU2zK7V8070qMaZisKF6JfTk fGvrYVcQN1JpHy961FfzFFJAPjV+WR8XMe7NiBelulqWaZeS+Bf/fuyXrbFU+37v xxDr -----END CERTIFICATE-----Generated at Thu Apr 17 17:38:51 2025 by rpki-client