$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa File: cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa (raw, json) Hash identifier: sHiczSsPeRf5mLQHkR364zUd3kPHWhb4wX5ygo4eEZs= Subject key identifier: BD:A8:68:2A:FD:82:7E:92:D6:FA:5B:61:8D:62:71:9F:83:E7:60:AE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 686337329F600A9BF51E4E9C67903C44E69D5055 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa Signing time: Mon 24 Mar 2025 15:00:07 +0000 ROA not before: Mon 24 Mar 2025 15:00:07 +0000 ROA not after: Mon 28 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:63:37:32:9f:60:0a:9b:f5:1e:4e:9c:67:90:3c:44:e6:9d:50:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 24 15:00:07 2025 GMT Not After : Apr 28 23:59:59 2025 GMT Subject: serialNumber=8e4a3d95bf78042b61f420788e07d21af422ce64c6ae9193f0d07530507a0a43, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:fc:89:b0:e7:7d:56:a9:ef:cb:27:00:c0:23: 46:a4:c7:3c:5b:c1:a4:15:eb:b5:0f:19:ed:4a:ad: f0:34:0d:b5:eb:a1:46:94:0d:df:33:4f:7b:ff:af: 7a:3b:cb:7c:1d:2c:f2:00:b4:af:48:46:7c:ac:e3: 9a:39:81:a9:34:05:cc:6b:69:26:71:a1:b9:44:4c: f2:db:58:d6:33:d4:ae:cc:c8:8a:5e:c6:14:b6:19: fa:ca:a6:fc:a5:91:44:15:2f:45:6d:ec:dc:5b:f9: 01:05:e6:31:67:ad:ae:72:27:19:68:3d:ae:01:5f: 48:47:ef:ce:53:8b:56:9a:e8:49:1f:3a:ca:98:79: 82:9b:79:40:b8:c6:50:8c:3a:f7:da:c4:c3:bd:d3: d8:8a:c9:6e:17:93:46:a3:6d:67:36:7c:17:46:ee: 5d:3d:c2:57:f4:b7:a8:4a:82:96:71:fb:b9:de:41: 94:61:49:85:a4:d1:fa:61:17:44:cb:a0:c9:4f:fc: 2b:69:fa:38:4e:53:42:e0:1c:2f:e8:3c:5f:09:be: 77:c9:ff:eb:ef:34:5d:f2:21:d7:73:e1:34:ad:63: dd:01:7f:3e:75:61:c7:66:14:cb:3d:1e:05:05:75: a9:ae:f6:2c:03:0a:0e:2e:6b:8d:4c:99:00:ea:94: a1:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:A8:68:2A:FD:82:7E:92:D6:FA:5B:61:8D:62:71:9F:83:E7:60:AE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:60c0::/48 Signature Algorithm: sha256WithRSAEncryption ae:c9:fe:bc:f1:da:92:a7:b5:21:c1:74:76:ab:56:77:d0:69: e0:76:d5:6a:fa:d6:47:9a:b8:86:aa:b8:3d:ee:3d:94:da:7a: 49:86:11:1f:b7:e5:5d:04:38:c0:65:d8:a6:ea:98:e7:66:62: 5d:74:5b:2a:8a:4a:01:0a:1d:71:5b:a4:bf:ca:27:dc:2e:d9: 78:03:8a:0e:f4:59:e9:0a:c1:63:3b:a3:bd:5b:4e:08:7a:4d: 04:c8:6a:a1:bc:bc:64:dc:22:40:d3:bc:1c:43:60:83:c5:39: ad:3c:65:f1:0f:1d:34:93:54:e7:c9:7a:5e:4c:06:a4:b5:47: f7:f9:47:bc:74:43:fd:cf:7a:0c:53:07:25:b4:c6:1b:84:2c: e1:b3:51:ba:af:96:82:a2:04:33:3d:36:00:1c:77:c3:2c:50: 54:ea:a9:90:6c:d3:73:da:49:d7:0b:d1:db:62:12:8b:f8:69: 32:30:6d:74:13:fb:c0:21:f6:ad:87:84:b3:8a:e2:1f:ab:35: 47:55:61:f9:52:a3:e1:38:c6:c1:b8:eb:66:aa:93:47:2c:aa: 92:12:21:93:a5:0c:cc:2b:c2:11:5d:7c:2f:22:30:ef:7b:7b: f3:b5:bb:4e:5d:29:6d:d2:2f:fb:33:4f:76:b0:f5:e1:eb:fe: ca:9c:a0:68 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaGM3Mp9gCpv1Hk6cZ5A8ROadUFUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNDE1MDAwN1oX DTI1MDQyODIzNTk1OVowejFJMEcGA1UEBRNAOGU0YTNkOTViZjc4MDQyYjYxZjQy MDc4OGUwN2QyMWFmNDIyY2U2NGM2YWU5MTkzZjBkMDc1MzA1MDdhMGE0MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfyJsOd9VqnvyycAwCNGpMc8W8Gk Feu1DxntSq3wNA2166FGlA3fM097/696O8t8HSzyALSvSEZ8rOOaOYGpNAXMa2km caG5REzy21jWM9SuzMiKXsYUthn6yqb8pZFEFS9FbezcW/kBBeYxZ62ucicZaD2u AV9IR+/OU4tWmuhJHzrKmHmCm3lAuMZQjDr32sTDvdPYisluF5NGo21nNnwXRu5d PcJX9LeoSoKWcfu53kGUYUmFpNH6YRdEy6DJT/wrafo4TlNC4Bwv6DxfCb53yf/r 7zRd8iHXc+E0rWPdAX8+dWHHZhTLPR4FBXWprvYsAwoOLmuNTJkA6pShmQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL2oaCr9gn6S1vpbYY1icZ+D52CuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmNmY2ZTc1LTZiYWItNGJjMS04ODIyLTFiN2VjMWZjMTQ4ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mDAMA0GCSqGSIb3DQEBCwUAA4IBAQCuyf688dqSp7UhwXR2 q1Z30GngdtVq+tZHmriGqrg97j2U2npJhhEft+VdBDjAZdim6pjnZmJddFsqikoB Ch1xW6S/yifcLtl4A4oO9FnpCsFjO6O9W04Iek0EyGqhvLxk3CJA07wcQ2CDxTmt PGXxDx00k1TnyXpeTAaktUf3+Ue8dEP9z3oMUwcltMYbhCzhs1G6r5aCogQzPTYA HHfDLFBU6qmQbNNz2knXC9HbYhKL+GkyMG10E/vAIfath4SziuIfqzVHVWH5UqPh OMbBuOtmqpNHLKqSEiGTpQzMK8IRXXwvIjDve3vztbtOXSlt0i/7M092sPXh6/7K nKBo -----END CERTIFICATE-----Generated at Thu Apr 17 17:38:45 2025 by rpki-client