$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa File: ec8e23bf-c8d6-4a69-9151-124b795d815a.roa (raw, json) Hash identifier: A+q05CpnW/qyjNjlpUJVwMfWBu1a9Q5NA0Mr4OqlXLE= Subject key identifier: 8B:E1:79:AF:7D:F4:CE:63:53:81:C4:94:92:B3:F6:DE:8A:43:AE:94 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0C1162BF6BDD80558A504B658658CC97E35B82F3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa Signing time: Tue 25 Mar 2025 00:41:14 +0000 ROA not before: Tue 25 Mar 2025 00:41:14 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:11:62:bf:6b:dd:80:55:8a:50:4b:65:86:58:cc:97:e3:5b:82:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:41:14 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=a75cfe71f066fb620bba32dfb2988ed091f9c536c0c3f40279ea456803f71770, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:39:b7:6c:b9:27:f2:34:f6:88:56:8e:83:8d: bb:75:1a:0f:4a:f0:34:0f:fa:f0:55:94:92:26:6b: 85:88:5c:bd:85:52:25:86:84:13:78:1a:c6:56:af: 90:ab:45:b8:6b:b6:c9:d4:2b:4b:05:8c:68:21:4f: e4:98:78:db:d0:af:cd:18:3e:a2:bc:bd:e4:f8:c4: 56:cb:44:7b:a9:70:f7:f5:5e:3c:60:d0:fd:e5:aa: d7:d6:a6:9f:ec:15:4e:e0:a6:9e:17:72:eb:48:e6: f8:b5:7b:e8:0a:ba:03:11:09:a3:96:4a:78:13:8f: 5f:55:d8:a7:40:af:0c:50:82:a3:2b:b6:e9:6a:a9: 8b:60:10:18:53:c2:ca:a8:a5:2f:a1:a9:7e:33:bb: 19:c3:59:bc:99:80:6a:23:a2:fc:81:ac:2f:a8:d2: 2e:07:4d:be:47:39:a2:f9:be:a7:7d:8a:10:be:aa: 18:ae:20:a9:0e:17:a2:4a:7f:1e:c7:ab:58:5f:e2: f2:3d:90:0a:3c:f5:f5:41:9e:76:d4:54:9a:af:6f: 28:d8:f5:66:74:93:da:d9:2a:f0:04:87:0c:54:5f: 2f:9e:5f:c4:17:f6:c6:07:0a:23:c7:16:47:a1:ec: 6b:f6:34:ae:94:18:e4:d0:8f:17:86:f3:f3:11:db: 39:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:E1:79:AF:7D:F4:CE:63:53:81:C4:94:92:B3:F6:DE:8A:43:AE:94 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6040::/48 Signature Algorithm: sha256WithRSAEncryption 84:dd:16:f7:e5:d7:7a:df:73:f4:ec:27:8a:f6:89:56:02:92: ab:bb:71:0c:eb:dc:f7:77:92:21:cb:12:ec:83:e4:25:99:6a: f1:3b:9b:ea:48:76:2b:be:e4:4d:ef:b6:76:86:a8:21:6d:71: d0:ce:8a:a2:a1:b7:08:10:31:e4:2d:ff:32:1c:1c:e1:8b:80: 95:85:c9:ae:71:60:94:80:96:c5:22:ef:6e:9f:28:b4:6e:68: f5:cf:6e:e6:3b:db:29:86:1a:49:42:e7:e9:f4:a0:c8:fa:bf: 5f:94:66:40:e7:ff:0d:96:1c:27:7b:d1:cd:b1:c9:af:9b:69: b1:cd:48:9f:e7:14:a1:29:0a:d7:19:3c:fc:04:65:31:a7:ee: 79:16:d4:d0:11:12:2e:c9:f0:95:9c:f2:a4:4d:d8:1c:15:b0: db:38:36:66:5e:af:ec:d4:80:9f:c4:e7:a0:9e:f7:ea:26:32: ce:3e:bf:c4:f7:23:dc:84:97:7f:4e:d8:25:ee:89:1c:2d:3d: 91:4f:0e:7e:aa:73:cf:8b:a7:d4:e6:43:ec:fb:5f:e7:2f:bb: 4c:b3:63:d4:6e:73:e1:28:e6:29:90:71:0f:66:f0:4e:79:68: a0:0a:f4:7e:1a:a1:7e:3d:90:ca:22:b6:08:5c:21:46:49:cd: 1a:45:63:57 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDBFiv2vdgFWKUEtlhljMl+NbgvMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNDExNFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYTc1Y2ZlNzFmMDY2ZmI2MjBiYmEz MmRmYjI5ODhlZDA5MWY5YzUzNmMwYzNmNDAyNzllYTQ1NjgwM2Y3MTc3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjm3bLkn8jT2iFaOg427dRoPSvA0 D/rwVZSSJmuFiFy9hVIlhoQTeBrGVq+Qq0W4a7bJ1CtLBYxoIU/kmHjb0K/NGD6i vL3k+MRWy0R7qXD39V48YND95arX1qaf7BVO4KaeF3LrSOb4tXvoCroDEQmjlkp4 E49fVdinQK8MUIKjK7bpaqmLYBAYU8LKqKUvoal+M7sZw1m8mYBqI6L8gawvqNIu B02+Rzmi+b6nfYoQvqoYriCpDheiSn8ex6tYX+LyPZAKPPX1QZ521FSar28o2PVm dJPa2SrwBIcMVF8vnl/EF/bGBwojxxZHoexr9jSulBjk0I8XhvPzEds5QQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIvhea999M5jU4HElJKz9t6KQ66UMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VjOGUyM2JmLWM4ZDYtNGE2OS05MTUxLTEyNGI3OTVkODE1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGBAMA0GCSqGSIb3DQEBCwUAA4IBAQCE3Rb35dd633P07CeK 9olWApKru3EM69z3d5IhyxLsg+QlmWrxO5vqSHYrvuRN77Z2hqghbXHQzoqiobcI EDHkLf8yHBzhi4CVhcmucWCUgJbFIu9unyi0bmj1z27mO9sphhpJQufp9KDI+r9f lGZA5/8Nlhwne9HNscmvm2mxzUif5xShKQrXGTz8BGUxp+55FtTQERIuyfCVnPKk TdgcFbDbODZmXq/s1ICfxOegnvfqJjLOPr/E9yPchJd/Ttgl7okcLT2RTw5+qnPP i6fU5kPs+1/nL7tMs2PUbnPhKOYpkHEPZvBOeWigCvR+GqF+PZDKIrYIXCFGSc0a RWNX -----END CERTIFICATE-----Generated at Thu Apr 17 17:34:05 2025 by rpki-client