$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa File: d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa (raw, json) Hash identifier: b/gKtdCEzZfBAQC12sCUFRURpnl5ubI+m7dUG45zuls= Subject key identifier: DD:43:AA:9C:9E:37:13:D0:A4:5F:B2:D1:72:B4:06:96:56:92:E5:32 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1B55303B30C6F5BEB2C135EDD6E9D8C87CDBB290 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa Signing time: Mon 14 Apr 2025 15:00:06 +0000 ROA not before: Mon 14 Apr 2025 15:00:06 +0000 ROA not after: Mon 19 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da20::/28 maxlen: 28 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:55:30:3b:30:c6:f5:be:b2:c1:35:ed:d6:e9:d8:c8:7c:db:b2:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 14 15:00:06 2025 GMT Not After : May 19 23:59:59 2025 GMT Subject: serialNumber=0771474d37691f4a2f2d9fe0ba9ee34def5d98bc08041c2d7f43beb56aa93e88, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:2c:06:83:86:9a:da:d5:45:76:5e:95:76:3e: 50:30:36:8e:64:40:ab:28:1e:d0:d8:f8:08:96:15: 70:6e:41:79:9b:2a:26:9e:0f:36:f1:82:f3:e2:bc: e0:c7:83:8f:75:4f:76:ab:9d:d0:82:b6:a8:08:bd: 7e:47:e0:3e:24:15:a0:aa:67:0c:25:b0:24:d7:0b: 83:b3:e7:4f:66:81:4d:8c:d2:ca:eb:cf:95:1f:a2: 8b:23:d6:16:e8:28:77:f7:c1:7b:0b:96:f6:c1:6a: 32:74:e3:90:73:f7:30:ae:a3:6e:84:aa:39:4e:cd: 71:22:85:bf:8b:0a:b4:3b:2f:58:b4:85:2b:de:3c: b3:25:e4:a7:e0:33:9e:d3:91:76:68:7a:49:0b:c8: 67:2b:a1:b5:42:f1:2a:4b:26:5c:57:cc:1d:12:0f: 3d:06:a8:42:5a:63:c0:00:89:26:81:a9:53:bf:95: f4:a0:f4:63:dc:e2:a0:03:7f:c2:67:27:c1:2a:ae: c3:a2:2e:fb:f3:52:e6:54:e6:56:28:65:68:c6:c2: e4:c7:5a:2a:19:3c:b1:1a:37:d5:09:a4:6f:c5:fc: c2:f7:a2:ab:3b:0d:1d:5d:94:c8:3c:84:0a:5d:2a: 93:64:63:79:0e:fd:16:bf:81:25:c0:c3:d0:8c:d1: 85:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:43:AA:9C:9E:37:13:D0:A4:5F:B2:D1:72:B4:06:96:56:92:E5:32 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da20::/28 Signature Algorithm: sha256WithRSAEncryption 51:95:a2:ed:d9:13:a7:2c:49:bc:cc:61:2e:ae:a1:d3:00:cd: 3b:5c:4b:b5:d4:6a:be:a2:4d:c7:8c:2a:7d:7a:52:b2:05:84: 1c:15:40:6c:fc:80:81:f0:ff:1e:d2:23:db:19:de:36:0e:11: 1e:82:82:54:fc:1f:b8:10:20:8a:24:14:ec:0e:1b:14:db:73: df:74:8e:d7:83:78:1f:53:eb:4c:d5:9a:74:83:b9:04:14:77: fc:20:f5:28:e6:de:2b:73:5a:d4:d6:73:e1:4c:30:db:10:b5: 38:cb:74:d8:11:e1:47:ab:42:6c:2d:d2:bf:9c:e0:60:4b:15: 11:f7:9a:4b:d2:9c:62:a5:d4:c4:08:d4:d2:75:cb:11:7b:49: 3d:ce:9e:9b:64:d5:9b:45:a5:bc:7d:40:ec:bb:f6:3c:6a:e9: 98:ce:52:6c:1f:6a:18:35:ba:6c:47:f8:17:36:eb:6e:39:77: 3e:1f:7a:cc:32:f8:88:b2:02:03:07:0f:95:83:3b:be:bd:91: 88:9a:38:d6:13:5c:0c:3b:7d:c6:1c:1e:dd:26:76:88:0b:99: fc:5d:29:60:4e:da:5b:10:9a:cd:08:2f:c3:e9:ca:44:73:bc: bc:49:fb:95:a0:a6:9a:47:68:26:32:70:48:33:4e:ae:0d:1b: 21:9f:2e:22 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUG1UwOzDG9b6ywTXt1unYyHzbspAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxNDE1MDAwNloX DTI1MDUxOTIzNTk1OVowejFJMEcGA1UEBRNAMDc3MTQ3NGQzNzY5MWY0YTJmMmQ5 ZmUwYmE5ZWUzNGRlZjVkOThiYzA4MDQxYzJkN2Y0M2JlYjU2YWE5M2U4ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiywGg4aa2tVFdl6Vdj5QMDaOZECr KB7Q2PgIlhVwbkF5myomng828YLz4rzgx4OPdU92q53QgraoCL1+R+A+JBWgqmcM JbAk1wuDs+dPZoFNjNLK68+VH6KLI9YW6Ch398F7C5b2wWoydOOQc/cwrqNuhKo5 Ts1xIoW/iwq0Oy9YtIUr3jyzJeSn4DOe05F2aHpJC8hnK6G1QvEqSyZcV8wdEg89 BqhCWmPAAIkmgalTv5X0oPRj3OKgA3/CZyfBKq7Doi7781LmVOZWKGVoxsLkx1oq GTyxGjfVCaRvxfzC96KrOw0dXZTIPIQKXSqTZGN5Dv0Wv4ElwMPQjNGFgQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFN1DqpyeNxPQpF+y0XK0BpZWkuUyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q3M2MwYTUxLWFiN2ItNDg3OC1iZGZmLWUwOGI2MTgxZWRiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUEJAbaIDANBgkqhkiG9w0BAQsFAAOCAQEAUZWi7dkTpyxJvMxhLq6h 0wDNO1xLtdRqvqJNx4wqfXpSsgWEHBVAbPyAgfD/HtIj2xneNg4RHoKCVPwfuBAg iiQU7A4bFNtz33SO14N4H1PrTNWadIO5BBR3/CD1KObeK3Na1NZz4Uww2xC1OMt0 2BHhR6tCbC3Sv5zgYEsVEfeaS9KcYqXUxAjU0nXLEXtJPc6em2TVm0WlvH1A7Lv2 PGrpmM5SbB9qGDW6bEf4Fzbrbjl3Ph96zDL4iLICAwcPlYM7vr2RiJo41hNcDDt9 xhwe3SZ2iAuZ/F0pYE7aWxCazQgvw+nKRHO8vEn7laCmmkdoJjJwSDNOrg0bIZ8u Ig== -----END CERTIFICATE-----Generated at Thu Apr 17 17:50:42 2025 by rpki-client