$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa File: cebc5290-288e-4f33-9035-a2d651433cdd.roa (raw, json) Hash identifier: M8CvIDYZcyS/hkPdnGg3E2burAOPM9rOcMHGvKdfmbw= Subject key identifier: 4C:2C:BC:D6:92:DB:4A:34:A3:64:E9:50:91:23:D1:E5:B9:40:00:FA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0E1742D6D18D727F9A6D0891898C1B18716A1DAB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa Signing time: Tue 25 Mar 2025 00:41:23 +0000 ROA not before: Tue 25 Mar 2025 00:41:23 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:17:42:d6:d1:8d:72:7f:9a:6d:08:91:89:8c:1b:18:71:6a:1d:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:41:23 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=49f960d78f209558211fec9270adcafbdf8dcf62a66d32bf1ed5a0edf7e25562, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ea:6e:e9:c2:bc:d2:c3:38:7a:34:e8:33:57: e0:c3:91:3f:26:4c:11:ee:2d:bd:0d:92:f3:2a:b1: e8:90:ee:cc:c0:05:d5:8a:41:9c:19:22:f6:40:79: 8a:7d:86:de:07:b0:33:ba:f9:c7:9c:a5:6f:02:97: ec:38:a3:7e:e6:ef:41:4f:35:62:64:db:bc:47:0f: ad:8b:6b:97:aa:d2:48:80:9c:17:fb:c8:3a:2c:05: 32:be:e3:17:f4:51:8d:b0:a6:e2:dd:66:ce:3d:cd: bd:8c:06:d9:f4:d2:54:13:20:63:2b:ad:26:bf:b9: 0b:58:9c:8c:b0:d3:c4:6a:46:46:cc:e4:e4:9d:2d: ee:64:3b:59:26:fb:2f:49:38:29:80:13:92:7d:c6: 16:9c:b3:20:ed:20:72:05:40:8b:3e:38:65:2f:e8: f3:7a:bb:07:6d:08:3c:4b:e1:c2:3a:3b:89:90:a5: c4:b7:63:9d:5d:a8:33:4e:e5:96:bb:2c:e0:8c:2f: 03:18:41:bf:31:10:d3:c4:95:89:aa:00:f6:11:91: c0:f7:50:0a:b5:2e:3b:21:5b:ab:3d:5c:2b:ea:8d: 3b:13:f9:7b:ed:5f:39:07:d4:79:46:b1:89:c6:a8: 61:30:5a:a7:22:ce:4b:99:f4:c3:c3:89:40:85:46: ab:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:2C:BC:D6:92:DB:4A:34:A3:64:E9:50:91:23:D1:E5:B9:40:00:FA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c000::/40 Signature Algorithm: sha256WithRSAEncryption 3d:38:bb:e4:7e:ea:25:1e:d3:00:cc:83:a1:fe:f2:5d:ca:c7: 6d:43:15:96:0a:4d:55:30:95:d6:6d:2f:c5:65:b7:04:88:7f: 04:fb:39:a8:22:ed:d7:dd:c2:d5:77:1a:36:42:54:07:68:ec: aa:31:cc:bd:e7:e9:c4:ed:9d:c2:38:d3:7e:78:49:1c:e6:6f: 03:c4:35:2c:84:de:bf:e1:ed:f3:a8:26:95:90:35:ce:22:96: b4:e9:b7:32:32:dd:37:8e:91:6b:88:0b:e3:13:88:9f:e4:38: 41:68:2c:91:b4:64:fc:cb:b5:c2:ce:a6:f2:75:40:78:85:c1: 40:e2:6a:26:c4:af:d2:92:bd:44:22:03:54:d6:80:00:a3:7f: b6:18:41:57:f3:09:47:88:53:f9:aa:19:c4:5a:26:af:44:d6: a3:93:ed:28:c1:ae:f4:0e:68:91:38:d8:bf:67:dc:65:d6:b9: 51:19:b0:bd:df:24:cb:53:c0:92:0d:4a:e5:ee:b3:8f:73:c2: a6:39:c7:be:6e:7f:f3:cd:f9:9d:7a:70:08:76:29:f0:5d:47: 3f:0c:e4:6c:e6:7d:4a:d6:a0:49:6f:ce:0c:31:02:5e:5d:1b: 90:ae:8b:0d:2d:b8:d7:55:b6:99:ac:63:86:a9:9c:e5:4a:17: 55:c3:24:0e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDhdC1tGNcn+abQiRiYwbGHFqHaswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNDEyM1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANDlmOTYwZDc4ZjIwOTU1ODIxMWZl YzkyNzBhZGNhZmJkZjhkY2Y2MmE2NmQzMmJmMWVkNWEwZWRmN2UyNTU2MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzupu6cK80sM4ejToM1fgw5E/JkwR 7i29DZLzKrHokO7MwAXVikGcGSL2QHmKfYbeB7AzuvnHnKVvApfsOKN+5u9BTzVi ZNu8Rw+ti2uXqtJIgJwX+8g6LAUyvuMX9FGNsKbi3WbOPc29jAbZ9NJUEyBjK60m v7kLWJyMsNPEakZGzOTknS3uZDtZJvsvSTgpgBOSfcYWnLMg7SByBUCLPjhlL+jz ersHbQg8S+HCOjuJkKXEt2OdXagzTuWWuyzgjC8DGEG/MRDTxJWJqgD2EZHA91AK tS47IVurPVwr6o07E/l77V85B9R5RrGJxqhhMFqnIs5LmfTDw4lAhUarNwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEwsvNaS20o0o2TpUJEj0eW5QAD6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NlYmM1MjkwLTI4OGUtNGYzMy05MDM1LWEyZDY1MTQzM2NkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAMAwDQYJKoZIhvcNAQELBQADggEBAD04u+R+6iUe0wDMg6H+ 8l3Kx21DFZYKTVUwldZtL8VltwSIfwT7Oagi7dfdwtV3GjZCVAdo7KoxzL3n6cTt ncI40354SRzmbwPENSyE3r/h7fOoJpWQNc4ilrTptzIy3TeOkWuIC+MTiJ/kOEFo LJG0ZPzLtcLOpvJ1QHiFwUDiaibEr9KSvUQiA1TWgACjf7YYQVfzCUeIU/mqGcRa Jq9E1qOT7SjBrvQOaJE42L9n3GXWuVEZsL3fJMtTwJINSuXus49zwqY5x75uf/PN +Z16cAh2KfBdRz8M5GzmfUrWoElvzgwxAl5dG5Cuiw0tuNdVtpmsY4apnOVKF1XD JA4= -----END CERTIFICATE-----Generated at Thu Apr 17 17:41:15 2025 by rpki-client