$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed3d3a28-3c88-49ed-8b25-85cbf545c35e.roa File: ed3d3a28-3c88-49ed-8b25-85cbf545c35e.roa (raw, json) Hash identifier: xHxgNSosyD036jFX/+u2DDrts4SNqGArx2MiqwUSK7Y= Subject key identifier: 73:01:4F:7A:EA:44:64:F5:55:20:AE:ED:43:04:99:92:BC:AA:0B:68 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78E98725AEC17B8FB77AAA42F3FA008C29FACC01 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed3d3a28-3c88-49ed-8b25-85cbf545c35e.roa Signing time: Tue 25 Mar 2025 00:10:19 +0000 ROA not before: Tue 25 Mar 2025 00:10:19 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:7080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:e9:87:25:ae:c1:7b:8f:b7:7a:aa:42:f3:fa:00:8c:29:fa:cc:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 00:10:19 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=4bc5ecbcce902044b0b67aa471952a332eac45bb708f8f7d8a524d72da8d221d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3d:98:04:95:e5:64:64:b9:9f:72:13:4a:61: b7:5a:ea:f0:ad:f0:a2:1c:2d:f8:1b:f8:4a:65:40: ac:bd:83:90:14:8c:ba:6c:4e:a1:3e:08:48:47:3f: 48:fd:40:9e:aa:a5:2a:c8:64:d1:fa:a3:e8:44:1c: 4b:16:40:04:c6:2a:c4:3a:12:de:30:b3:9b:7b:45: dd:e3:84:e8:14:b5:c8:79:d6:4a:25:40:b2:61:85: 90:07:35:92:04:b6:5c:ad:8f:47:50:6f:7e:01:5a: bf:e6:2e:8b:cf:87:bb:ea:be:58:73:52:fd:ea:5f: 55:1f:62:bd:cf:b8:ee:84:30:64:44:97:de:3f:f0: b4:8e:27:c9:12:32:d3:dd:0d:36:bf:a0:2d:66:ff: a1:1f:9d:18:b2:94:56:45:81:43:de:12:fa:6c:e5: 9a:12:65:d7:76:f0:5b:a7:89:17:5f:7b:12:a6:c8: 18:e7:a1:d5:d2:57:b9:f2:15:70:db:da:19:2d:35: c7:9e:c5:f6:3d:c9:72:f0:9a:fd:b9:4c:34:6a:5a: 15:c8:cc:fc:23:10:50:e5:a8:0c:1f:98:3b:1e:48: 46:d6:00:f0:61:ff:e5:20:3c:7e:67:5b:98:c3:e5: ca:63:21:ca:ae:b7:62:33:bc:41:c2:06:33:69:51: f0:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:01:4F:7A:EA:44:64:F5:55:20:AE:ED:43:04:99:92:BC:AA:0B:68 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed3d3a28-3c88-49ed-8b25-85cbf545c35e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:7080::/48 Signature Algorithm: sha256WithRSAEncryption 83:4b:fe:91:96:19:c7:87:b4:72:df:19:3f:d1:a9:12:7c:0f: 28:18:e3:16:15:58:fe:8c:d6:71:f0:a0:f1:9d:26:bb:e4:87: 97:d5:a4:1f:e1:d4:db:53:62:ef:79:20:a7:45:b3:cf:84:e5: 08:06:46:1c:a7:6c:82:7e:cd:92:ec:e2:8a:f1:55:0a:72:b0: ca:8f:ee:92:f9:a1:6f:f0:2e:cb:06:76:dd:a4:00:20:2e:fe: 64:7d:68:9f:e6:49:73:38:fa:b4:f5:53:26:be:eb:78:85:93: 4e:92:82:af:f8:e0:e3:f5:a5:31:44:9e:f2:50:ef:25:4f:15: eb:a7:57:37:81:83:e9:83:f0:23:1b:1f:65:cf:8c:88:42:55: 15:d8:a7:a8:6b:4a:2a:59:4d:1d:e2:6d:fe:f7:5a:cd:45:d9: ee:fe:31:bd:ae:f0:b3:94:4a:69:c3:4f:49:4a:8f:3c:71:9e: 9a:7c:5c:10:d9:7e:78:6d:68:00:6f:cf:88:30:2a:60:67:46: 19:91:8a:2f:63:1b:2b:43:6a:39:f6:7a:2a:1d:7c:dd:f1:fe: 8a:6c:ea:62:eb:8e:58:16:95:68:2f:57:1d:9e:89:70:68:a2: 9d:7d:74:b2:01:50:16:11:00:4e:2a:00:22:70:20:6b:2e:f8: f8:5d:19:c9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUeOmHJa7Be4+3eqpC8/oAjCn6zAEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwMTAxOVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANGJjNWVjYmNjZTkwMjA0NGIwYjY3 YWE0NzE5NTJhMzMyZWFjNDViYjcwOGY4ZjdkOGE1MjRkNzJkYThkMjIxZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT2YBJXlZGS5n3ITSmG3WurwrfCi HC34G/hKZUCsvYOQFIy6bE6hPghIRz9I/UCeqqUqyGTR+qPoRBxLFkAExirEOhLe MLObe0Xd44ToFLXIedZKJUCyYYWQBzWSBLZcrY9HUG9+AVq/5i6Lz4e76r5Yc1L9 6l9VH2K9z7juhDBkRJfeP/C0jifJEjLT3Q02v6AtZv+hH50YspRWRYFD3hL6bOWa EmXXdvBbp4kXX3sSpsgY56HV0le58hVw29oZLTXHnsX2Pcly8Jr9uUw0aloVyMz8 IxBQ5agMH5g7HkhG1gDwYf/lIDx+Z1uYw+XKYyHKrrdiM7xBwgYzaVHwqQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHMBT3rqRGT1VSCu7UMEmZK8qgtoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VkM2QzYTI4LTNjODgtNDllZC04YjI1LTg1Y2JmNTQ1YzM1ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9HCAMA0GCSqGSIb3DQEBCwUAA4IBAQCDS/6RlhnHh7Ry3xk/ 0akSfA8oGOMWFVj+jNZx8KDxnSa75IeX1aQf4dTbU2LveSCnRbPPhOUIBkYcp2yC fs2S7OKK8VUKcrDKj+6S+aFv8C7LBnbdpAAgLv5kfWif5klzOPq09VMmvut4hZNO koKv+ODj9aUxRJ7yUO8lTxXrp1c3gYPpg/AjGx9lz4yIQlUV2Keoa0oqWU0d4m3+ 91rNRdnu/jG9rvCzlEppw09JSo88cZ6afFwQ2X54bWgAb8+IMCpgZ0YZkYovYxsr Q2o59noqHXzd8f6KbOpi645YFpVoL1cdnolwaKKdfXSyAVAWEQBOKgAicCBrLvj4 XRnJ -----END CERTIFICATE-----Generated at Thu Apr 17 18:00:08 2025 by rpki-client