$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c9bc976a-9bbb-401d-9a58-bcfa6dc78171.roa File: c9bc976a-9bbb-401d-9a58-bcfa6dc78171.roa (raw, json) Hash identifier: 6GlqS5RR6ZtXjOMreXY/rJygAev2ns3cAOHmlkBBDHQ= Subject key identifier: E8:C5:F0:B6:23:8E:3C:97:D7:21:0A:AB:42:3C:6A:58:98:E1:89:4F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 26FB6F221086BA3BEA74BF97995DF59773F302B9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c9bc976a-9bbb-401d-9a58-bcfa6dc78171.roa Signing time: Tue 25 Mar 2025 16:20:09 +0000 ROA not before: Tue 25 Mar 2025 16:20:09 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:fb:6f:22:10:86:ba:3b:ea:74:bf:97:99:5d:f5:97:73:f3:02:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:20:09 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=531e17ef9ebd4ac172e165ee2b5a10c0bd24b552a9b1bc433a85251e054fcec6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:15:aa:78:e3:5e:a7:69:fb:6a:56:28:70:1b: 34:79:9d:96:1d:82:1e:30:bc:26:d4:ec:73:e5:a6: 21:95:aa:ae:ef:b3:64:85:be:29:85:62:8d:32:39: 2b:17:6e:cb:96:8b:2a:cc:82:83:9d:bc:f9:71:ca: ad:10:a0:1c:a3:7c:eb:2a:3e:f5:00:06:68:52:8e: 87:0d:4a:ca:25:6e:94:e0:7e:36:09:a2:6c:0b:04: e4:ec:a0:26:6b:c3:c4:df:e9:e3:33:9d:d2:db:99: c4:86:d5:f7:b0:42:4a:65:a7:3a:47:2c:64:f7:4d: 0e:a1:cc:e0:92:f8:77:7b:bf:d3:36:b1:2c:cb:ee: 36:75:a4:f7:ed:12:e1:70:43:52:1b:bb:fe:e4:3b: 30:46:6d:35:04:15:f8:f1:1e:9a:6b:88:72:bd:d8: 7e:58:45:06:b2:39:9a:2f:f7:70:df:38:e0:7b:66: c7:77:e2:77:b8:3d:69:df:80:a2:bb:5a:f2:cd:0f: 7b:f4:78:74:5c:60:65:69:60:a0:84:f9:58:84:93: ef:b1:aa:1f:a2:54:4c:11:b9:73:96:93:3d:ce:0c: 43:8f:85:d0:23:dd:59:73:d6:e8:83:9a:a8:c9:9d: fc:58:31:75:39:1e:e8:20:06:13:cd:af:e1:03:ba: 56:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:C5:F0:B6:23:8E:3C:97:D7:21:0A:AB:42:3C:6A:58:98:E1:89:4F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c9bc976a-9bbb-401d-9a58-bcfa6dc78171.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:c800::/40 Signature Algorithm: sha256WithRSAEncryption b2:21:bc:b3:b0:e7:46:53:55:71:41:4c:30:95:e1:4b:b4:35: 08:fc:2d:39:f8:74:61:d4:b3:e1:07:2c:bb:46:ea:bc:25:c6: e4:89:d7:7b:5a:3a:d8:ed:b0:e1:f5:fe:01:b3:1f:34:d3:cf: 0d:7b:f8:5d:1b:6c:74:4f:10:b5:a6:a6:7f:5d:fb:79:a4:3d: 19:1c:22:4d:d1:e9:5e:e6:54:79:71:78:d2:30:02:9c:9d:e0: 6a:56:1e:61:72:97:32:db:f0:6e:22:72:4b:f5:ee:79:90:97: 83:ac:d6:d8:20:b9:83:7c:1f:0e:f6:30:3f:94:07:a8:b9:d7: 82:f5:ee:23:e2:c0:90:49:71:66:0f:f2:c0:f4:51:a3:c4:c8: 3c:a3:1c:bd:1a:06:52:80:db:86:8f:1b:0f:a6:4d:bc:92:8f: 80:3f:4c:d6:10:c5:af:a5:ee:6e:83:14:74:df:97:9f:a9:88: 26:83:b1:24:c7:8f:c9:64:62:f0:c9:cb:1f:27:a0:e3:73:42: 82:5b:b8:42:b1:d9:1c:b1:db:58:df:fe:c3:13:1d:93:37:48: 33:32:6a:82:e5:df:3b:08:9b:97:21:a6:5c:d9:50:65:05:bd: ea:0e:69:6c:b2:8b:a5:c7:76:d5:8f:af:95:7b:f0:dd:ba:65: 58:9e:57:4d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJvtvIhCGujvqdL+XmV31l3PzArkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MjAwOVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANTMxZTE3ZWY5ZWJkNGFjMTcyZTE2 NWVlMmI1YTEwYzBiZDI0YjU1MmE5YjFiYzQzM2E4NTI1MWUwNTRmY2VjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRWqeONep2n7alYocBs0eZ2WHYIe MLwm1Oxz5aYhlaqu77Nkhb4phWKNMjkrF27LlosqzIKDnbz5ccqtEKAco3zrKj71 AAZoUo6HDUrKJW6U4H42CaJsCwTk7KAma8PE3+njM53S25nEhtX3sEJKZac6Ryxk 900Ooczgkvh3e7/TNrEsy+42daT37RLhcENSG7v+5DswRm01BBX48R6aa4hyvdh+ WEUGsjmaL/dw3zjge2bHd+J3uD1p34Ciu1ryzQ979Hh0XGBlaWCghPlYhJPvsaof olRMEblzlpM9zgxDj4XQI91Zc9bog5qoyZ38WDF1OR7oIAYTza/hA7pWVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOjF8LYjjjyX1yEKq0I8aliY4YlPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M5YmM5NzZhLTliYmItNDAxZC05YTU4LWJjZmE2ZGM3ODE3MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9sgwDQYJKoZIhvcNAQELBQADggEBALIhvLOw50ZTVXFBTDCV 4Uu0NQj8LTn4dGHUs+EHLLtG6rwlxuSJ13taOtjtsOH1/gGzHzTTzw17+F0bbHRP ELWmpn9d+3mkPRkcIk3R6V7mVHlxeNIwApyd4GpWHmFylzLb8G4ickv17nmQl4Os 1tgguYN8Hw72MD+UB6i514L17iPiwJBJcWYP8sD0UaPEyDyjHL0aBlKA24aPGw+m TbySj4A/TNYQxa+l7m6DFHTfl5+piCaDsSTHj8lkYvDJyx8noONzQoJbuEKx2Ryx 21jf/sMTHZM3SDMyaoLl3zsIm5chplzZUGUFveoOaWyyi6XHdtWPr5V78N26ZVie V00= -----END CERTIFICATE-----Generated at Thu Apr 17 18:02:33 2025 by rpki-client