$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d2fd8734-3950-4090-9359-e2baa68e90e6.roa File: d2fd8734-3950-4090-9359-e2baa68e90e6.roa (raw, json) Hash identifier: ubiKgqdlOBPADMgWRHD+OuaitxOWY6lIA9DIpSSu/YM= Subject key identifier: 3E:0C:E7:99:85:F3:F2:51:1E:09:E5:4F:49:ED:C0:0E:30:34:1C:92 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5973CD9205C79EED721A18032C47E6CA75FA45C5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d2fd8734-3950-4090-9359-e2baa68e90e6.roa Signing time: Tue 25 Mar 2025 15:51:37 +0000 ROA not before: Tue 25 Mar 2025 15:51:37 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:4840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:73:cd:92:05:c7:9e:ed:72:1a:18:03:2c:47:e6:ca:75:fa:45:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:51:37 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=af246a79ae2124c626d5b427e6cc9aeeed73b452e45ae1c153709ac7b514a507, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:85:b1:fa:b7:fe:31:b4:82:a4:85:33:cb:3a: f0:99:3a:3f:2a:7e:c4:55:ec:8b:44:ab:59:ee:d3: 7b:7a:ab:80:f3:2e:cf:ec:69:d0:fb:a4:12:2e:8e: 31:a6:40:7b:a8:d6:69:b0:f6:9e:8a:08:50:88:5a: ee:b0:11:d7:c9:f3:3e:6c:02:2f:5b:2e:96:de:c4: 94:ac:aa:19:81:41:ed:fd:dd:e2:44:a1:0d:d9:1c: 48:73:db:0e:da:7c:8a:9e:0c:7c:20:2b:39:12:58: 08:37:56:d8:2e:4a:6f:91:2e:04:6b:4d:76:c1:69: 2c:2b:26:1d:38:95:25:33:68:64:4c:cc:2f:a4:36: 88:2d:92:ab:3d:07:6b:72:ce:9e:c8:9a:9a:5d:7f: fb:db:50:ba:7a:42:3d:8c:bf:ea:d0:50:2d:30:83: 34:e7:e6:9b:01:72:85:69:9e:0e:68:7e:64:83:7c: aa:eb:7e:ac:7e:4d:8c:ef:c4:5a:6f:bf:ca:b6:9a: f5:90:ba:6a:7e:c9:49:1d:ed:91:d4:c3:a3:28:25: c3:8b:db:af:b6:04:84:77:e5:b6:02:0c:28:4c:23: 9f:88:81:a4:92:25:01:1d:c6:09:08:3d:95:bd:41: 59:0f:9a:e0:c8:d3:dc:c1:dd:e2:02:1d:43:01:92: a7:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:0C:E7:99:85:F3:F2:51:1E:09:E5:4F:49:ED:C0:0E:30:34:1C:92 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d2fd8734-3950-4090-9359-e2baa68e90e6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:4840::/46 Signature Algorithm: sha256WithRSAEncryption 5b:42:b6:be:1c:94:a7:71:77:fc:b8:11:7d:cc:7d:8c:e0:cf: 6e:c1:e6:54:5b:ae:f5:ad:89:3d:36:0d:3e:e5:0d:04:92:68: 82:80:a8:97:8b:9c:68:0c:70:05:34:a4:04:9d:7a:cc:e6:df: 2b:82:75:a0:28:5f:33:89:cd:3a:ad:7d:76:09:9b:c2:10:ce: 53:7b:97:9b:e9:64:0e:78:f0:0b:52:48:91:dd:dd:aa:11:ed: c0:55:67:fa:06:01:f0:a6:33:60:c4:4e:93:c0:d1:9c:c7:d1: 9b:d0:d0:f2:6f:d4:c0:f0:a8:53:21:60:2a:37:b6:82:5f:2a: db:cc:28:fd:9d:b7:9d:5d:ab:d8:68:7a:9c:fe:ae:89:2e:9a: cb:b3:e9:05:6a:00:59:bb:86:57:d3:24:4d:57:72:74:7c:f2: 4a:30:ca:52:c4:b2:69:63:bf:65:93:7a:cd:60:7b:0d:33:23: a8:65:06:f2:4e:b0:8f:db:dd:50:df:ec:a5:10:3c:7c:70:ca: b2:d6:3d:6f:5b:3c:68:ae:1e:0e:b4:8f:71:99:3f:81:96:b4: f7:1a:17:11:27:53:7a:db:40:c8:23:d3:bd:e5:a1:15:be:72: 14:64:6e:1b:89:ad:11:a4:9d:f8:a8:0f:a5:14:24:38:a5:ed: b5:a9:26:ea -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWXPNkgXHnu1yGhgDLEfmynX6RcUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1NTEzN1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYWYyNDZhNzlhZTIxMjRjNjI2ZDVi NDI3ZTZjYzlhZWVlZDczYjQ1MmU0NWFlMWMxNTM3MDlhYzdiNTE0YTUwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYWx+rf+MbSCpIUzyzrwmTo/Kn7E VeyLRKtZ7tN7equA8y7P7GnQ+6QSLo4xpkB7qNZpsPaeighQiFrusBHXyfM+bAIv Wy6W3sSUrKoZgUHt/d3iRKEN2RxIc9sO2nyKngx8ICs5ElgIN1bYLkpvkS4Ea012 wWksKyYdOJUlM2hkTMwvpDaILZKrPQdrcs6eyJqaXX/721C6ekI9jL/q0FAtMIM0 5+abAXKFaZ4OaH5kg3yq636sfk2M78Rab7/Ktpr1kLpqfslJHe2R1MOjKCXDi9uv tgSEd+W2AgwoTCOfiIGkkiUBHcYJCD2VvUFZD5rgyNPcwd3iAh1DAZKnUQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFD4M55mF8/JRHgnlT0ntwA4wNBySMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QyZmQ4NzM0LTM5NTAtNDA5MC05MzU5LWUyYmFhNjhlOTBlNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+0hAMA0GCSqGSIb3DQEBCwUAA4IBAQBbQra+HJSncXf8uBF9 zH2M4M9uweZUW671rYk9Ng0+5Q0EkmiCgKiXi5xoDHAFNKQEnXrM5t8rgnWgKF8z ic06rX12CZvCEM5Te5eb6WQOePALUkiR3d2qEe3AVWf6BgHwpjNgxE6TwNGcx9Gb 0NDyb9TA8KhTIWAqN7aCXyrbzCj9nbedXavYaHqc/q6JLprLs+kFagBZu4ZX0yRN V3J0fPJKMMpSxLJpY79lk3rNYHsNMyOoZQbyTrCP291Q3+ylEDx8cMqy1j1vWzxo rh4OtI9xmT+BlrT3GhcRJ1N620DII9O95aEVvnIUZG4bia0RpJ34qA+lFCQ4pe21 qSbq -----END CERTIFICATE-----Generated at Thu Apr 17 18:07:09 2025 by rpki-client