$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e15e0f8b-7883-42c9-bc67-a15e702594e3.roa File: e15e0f8b-7883-42c9-bc67-a15e702594e3.roa (raw, json) Hash identifier: dYesAxqXRfNZOVP1Q8YJSpNApb18czJ4zLQIP7oiJhw= Subject key identifier: FF:55:9A:E3:FB:1D:44:83:E6:54:36:81:C2:3F:9F:81:E3:AA:93:EB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 65F8E1B02240B6873BB898715393369CB5256ECD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e15e0f8b-7883-42c9-bc67-a15e702594e3.roa Signing time: Tue 25 Mar 2025 15:11:37 +0000 ROA not before: Tue 25 Mar 2025 15:11:37 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:f8:e1:b0:22:40:b6:87:3b:b8:98:71:53:93:36:9c:b5:25:6e:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:11:37 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=c8f98365aa4d7a6c5dedec36d7d8c508f020aa60edbf91ac52413d9efe7f7c20, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ec:00:73:7b:a3:75:05:03:07:8e:fa:23:76: 41:46:39:03:94:94:38:bc:2e:a2:c6:26:cf:5f:74: bc:c7:c9:fa:ad:68:8e:7f:50:63:08:7c:bb:17:05: 50:7b:5e:01:b3:f0:2e:be:07:a1:b3:8e:99:cf:92: 2c:fc:fd:be:0e:a0:36:73:2c:7e:3e:bc:1e:af:3a: f2:4c:cf:37:9e:a2:f7:48:7b:25:b7:5c:ad:eb:24: 14:4e:51:4b:b3:37:ad:0b:7c:93:91:b0:5a:ee:b7: c8:c9:82:11:2c:e9:f1:4b:51:70:f8:7e:d8:c7:3f: 8a:75:e5:25:34:ac:f8:d0:28:38:17:35:9f:14:71: 3e:b5:3a:6d:72:41:c4:c5:f7:4d:9b:11:b1:52:ff: a4:73:57:f1:d6:0a:fb:08:11:ff:c2:3b:bb:7f:7e: 6e:6d:c4:fe:15:ad:57:6b:af:c8:e3:92:c0:d7:c5: 6c:4a:ba:ea:ab:64:73:a3:a0:e1:a3:77:89:34:cc: 96:da:93:83:32:9d:fb:45:a7:3b:01:8d:6e:ab:4c: d1:ab:75:95:80:be:98:d7:25:9a:16:35:77:de:25: 37:3f:96:d8:d2:7b:c6:76:8c:f3:cc:d3:00:58:c3: 1f:ac:e3:69:4f:91:df:61:c5:e8:28:14:72:f4:c4: 2a:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:55:9A:E3:FB:1D:44:83:E6:54:36:81:C2:3F:9F:81:E3:AA:93:EB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e15e0f8b-7883-42c9-bc67-a15e702594e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:8080::/48 Signature Algorithm: sha256WithRSAEncryption 13:e7:78:95:7e:ba:7c:7d:7d:69:25:77:29:11:de:4b:e7:ea: 36:a9:9a:41:a5:de:41:6d:19:a6:e0:6a:ee:b8:a6:da:a4:03: aa:d1:03:ed:89:a6:09:11:9d:7f:aa:c4:ae:bb:50:4a:60:b6: 4f:c4:b8:db:84:1f:7e:09:0a:ab:03:f4:55:6d:4c:b4:9d:12: ac:eb:9c:a7:de:f5:93:42:ae:bc:22:4b:e1:f4:6d:ff:cf:be: 71:a3:02:80:2e:17:66:f0:4a:85:6e:fd:9a:af:73:4b:22:e7: 76:64:94:95:f9:b1:ae:9c:55:40:c9:16:8f:9f:41:37:6f:04: 6a:ff:f0:f0:0c:23:09:6d:00:38:55:f4:9d:3b:35:21:1b:47: 0e:32:d5:d7:2f:6a:ea:c1:0a:d1:f5:2d:27:d1:87:92:09:8b: b9:63:33:d6:b6:c1:40:c6:1f:52:52:eb:13:48:12:83:92:a7: b3:7f:09:98:10:c3:26:a7:fe:f2:48:42:c1:2c:0c:aa:a8:a4: e8:e3:2b:fe:c3:ec:73:56:f1:51:cb:14:02:bd:4c:70:c4:4a: 9f:6c:a8:c2:69:a2:75:2b:b2:00:73:03:8b:58:87:42:e5:03: 79:d4:39:3b:e8:31:f5:49:d9:8d:ac:c8:bf:7c:72:c3:d8:cb: 79:88:bf:81 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZfjhsCJAtoc7uJhxU5M2nLUlbs0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MTEzN1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYzhmOTgzNjVhYTRkN2E2YzVkZWRl YzM2ZDdkOGM1MDhmMDIwYWE2MGVkYmY5MWFjNTI0MTNkOWVmZTdmN2MyMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsewAc3ujdQUDB476I3ZBRjkDlJQ4 vC6ixibPX3S8x8n6rWiOf1BjCHy7FwVQe14Bs/Auvgehs46Zz5Is/P2+DqA2cyx+ PrwerzryTM83nqL3SHslt1yt6yQUTlFLszetC3yTkbBa7rfIyYIRLOnxS1Fw+H7Y xz+KdeUlNKz40Cg4FzWfFHE+tTptckHExfdNmxGxUv+kc1fx1gr7CBH/wju7f35u bcT+Fa1Xa6/I45LA18VsSrrqq2Rzo6Dho3eJNMyW2pODMp37Rac7AY1uq0zRq3WV gL6Y1yWaFjV33iU3P5bY0nvGdozzzNMAWMMfrONpT5HfYcXoKBRy9MQquQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP9VmuP7HUSD5lQ2gcI/n4HjqpPrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UxNWUwZjhiLTc4ODMtNDJjOS1iYzY3LWExNWU3MDI1OTRlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOICAMA0GCSqGSIb3DQEBCwUAA4IBAQAT53iVfrp8fX1pJXcp Ed5L5+o2qZpBpd5BbRmm4GruuKbapAOq0QPtiaYJEZ1/qsSuu1BKYLZPxLjbhB9+ CQqrA/RVbUy0nRKs65yn3vWTQq68Ikvh9G3/z75xowKALhdm8EqFbv2ar3NLIud2 ZJSV+bGunFVAyRaPn0E3bwRq//DwDCMJbQA4VfSdOzUhG0cOMtXXL2rqwQrR9S0n 0YeSCYu5YzPWtsFAxh9SUusTSBKDkqezfwmYEMMmp/7ySELBLAyqqKTo4yv+w+xz VvFRyxQCvUxwxEqfbKjCaaJ1K7IAcwOLWIdC5QN51Dk76DH1SdmNrMi/fHLD2Mt5 iL+B -----END CERTIFICATE-----Generated at Thu Apr 17 17:24:37 2025 by rpki-client