$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05618a3-4233-4053-bd34-b1b7961f286c.roa File: e05618a3-4233-4053-bd34-b1b7961f286c.roa (raw, json) Hash identifier: nwCehPE8zVOxncjTzn/6VSVRvjYbu6WbZHzOOdnsKvo= Subject key identifier: 0C:D3:F9:44:DF:F8:D8:90:78:B2:33:49:9D:17:74:F9:18:BB:26:D8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3B4DB42FDEE51B71B63E5378DC9B7B9B122A0D73 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05618a3-4233-4053-bd34-b1b7961f286c.roa Signing time: Tue 25 Mar 2025 16:01:45 +0000 ROA not before: Tue 25 Mar 2025 16:01:45 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:28c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:4d:b4:2f:de:e5:1b:71:b6:3e:53:78:dc:9b:7b:9b:12:2a:0d:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:01:45 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=edbacab9096e1420ff60ddfb1ee2168490cae6a3347bccb2aa2d30e89f51d173, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:82:77:3d:10:e0:07:2b:1d:d4:c5:e2:87:49:cd: 48:cf:0a:03:f1:c7:8a:12:e0:5a:30:78:9d:93:07: c2:2f:ff:8e:2e:23:9b:a7:26:32:d1:22:71:db:db: aa:5d:d8:cb:af:c2:9a:0b:50:2d:08:aa:7d:3a:2e: 46:e9:d6:6b:af:ae:9f:cc:9d:8d:ef:ac:34:d5:de: 19:7b:a8:ed:d1:14:e2:e6:fa:6a:cc:43:ac:b8:99: db:99:31:aa:06:86:37:9e:90:49:fd:7a:89:dc:0c: a6:3d:c5:93:ed:58:c9:57:60:81:3d:80:bd:df:cd: 19:df:da:58:fd:72:64:ed:b3:0c:d4:82:de:0c:26: 87:ef:9b:6d:87:e1:39:3e:2d:3d:14:79:88:f0:f5: 38:c5:49:47:34:b7:4b:e6:41:8c:b4:8d:a0:64:1e: 7b:cc:77:1b:eb:2f:9d:9f:92:2b:e4:4c:15:7a:80: 21:88:98:de:8e:c0:36:e2:07:1a:30:c9:ee:02:fd: 6c:b3:01:eb:4e:c0:cd:53:23:9c:c0:92:8d:be:3d: 84:f7:13:23:a7:dc:b5:c0:85:f1:82:88:02:ca:32: 16:5c:a0:ef:f3:dc:59:b5:12:2b:9f:b3:f7:b2:63: 2e:0a:97:cd:ea:75:d6:7f:bb:67:54:83:10:5f:39: e8:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:D3:F9:44:DF:F8:D8:90:78:B2:33:49:9D:17:74:F9:18:BB:26:D8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05618a3-4233-4053-bd34-b1b7961f286c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:28c0::/46 Signature Algorithm: sha256WithRSAEncryption 2e:98:a3:88:58:34:70:a8:e4:85:a7:3c:34:e9:f2:b7:66:9d: 2b:08:c8:89:92:ae:99:50:03:77:cc:ba:5b:68:13:06:ff:13: 26:0f:25:b0:e3:a0:a8:5e:ba:bf:75:b3:35:4d:62:9f:5a:eb: 37:fc:f8:1b:66:6f:3e:82:fa:12:2d:e1:96:3d:7c:5d:9c:38: 22:01:a4:7c:68:01:3e:4b:cf:eb:46:4d:c2:a6:b6:70:13:b4: e1:e7:1d:65:ee:eb:6b:35:fc:d1:e8:3e:c4:f3:d6:b4:d8:db: 11:47:30:41:61:e9:36:f5:bc:8c:a5:ce:62:44:4f:82:3b:ed: c2:74:97:8e:44:8c:85:66:d6:30:9a:f4:12:8a:d9:da:94:b5: 19:da:05:f4:6e:94:b3:18:34:23:5a:32:09:c7:55:60:53:05: e4:e7:31:89:a0:a8:fb:27:a0:d1:52:4e:5f:05:93:0b:a3:a6: 01:a6:0d:b0:dd:d8:13:69:fb:17:77:40:d6:d3:0f:3b:25:4c: dd:df:7d:57:1f:a3:2a:c5:80:61:8b:c6:9d:9d:7c:59:53:d5: d0:39:13:e2:c7:86:a4:d5:80:6d:52:04:bf:5b:1c:64:0f:b4: 53:b6:37:7b:12:5d:f8:98:d4:4a:a8:74:cd:5d:c7:99:d5:50: d9:cf:ef:1c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUO020L97lG3G2PlN43Jt7mxIqDXMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MDE0NVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZWRiYWNhYjkwOTZlMTQyMGZmNjBk ZGZiMWVlMjE2ODQ5MGNhZTZhMzM0N2JjY2IyYWEyZDMwZTg5ZjUxZDE3MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnc9EOAHKx3UxeKHSc1IzwoD8ceK EuBaMHidkwfCL/+OLiObpyYy0SJx29uqXdjLr8KaC1AtCKp9Oi5G6dZrr66fzJ2N 76w01d4Ze6jt0RTi5vpqzEOsuJnbmTGqBoY3npBJ/XqJ3AymPcWT7VjJV2CBPYC9 380Z39pY/XJk7bMM1ILeDCaH75tth+E5Pi09FHmI8PU4xUlHNLdL5kGMtI2gZB57 zHcb6y+dn5Ir5EwVeoAhiJjejsA24gcaMMnuAv1sswHrTsDNUyOcwJKNvj2E9xMj p9y1wIXxgogCyjIWXKDv89xZtRIrn7P3smMuCpfN6nXWf7tnVIMQXzno1QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAzT+UTf+NiQeLIzSZ0XdPkYuybYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwNTYxOGEzLTQyMzMtNDA1My1iZDM0LWIxYjc5NjFmMjg2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaSjAMA0GCSqGSIb3DQEBCwUAA4IBAQAumKOIWDRwqOSFpzw0 6fK3Zp0rCMiJkq6ZUAN3zLpbaBMG/xMmDyWw46CoXrq/dbM1TWKfWus3/PgbZm8+ gvoSLeGWPXxdnDgiAaR8aAE+S8/rRk3CprZwE7Th5x1l7utrNfzR6D7E89a02NsR RzBBYek29byMpc5iRE+CO+3CdJeORIyFZtYwmvQSitnalLUZ2gX0bpSzGDQjWjIJ x1VgUwXk5zGJoKj7J6DRUk5fBZMLo6YBpg2w3dgTafsXd0DW0w87JUzd331XH6Mq xYBhi8adnXxZU9XQORPix4ak1YBtUgS/WxxkD7RTtjd7El34mNRKqHTNXceZ1VDZ z+8c -----END CERTIFICATE-----Generated at Thu Apr 17 17:46:00 2025 by rpki-client