$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa File: f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa (raw, json) Hash identifier: P9k9RJS1hjj/lPeRvrKTO1lk4F/Qa3hVzNnsATR+iBQ= Subject key identifier: BF:69:91:27:38:E4:8A:73:FA:EF:AD:D9:6E:A4:B8:EA:AE:66:A6:9E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 086449C851EE84B2D6398B013461FA3108F3DB2C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa Signing time: Tue 25 Mar 2025 16:50:22 +0000 ROA not before: Tue 25 Mar 2025 16:50:22 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:64:49:c8:51:ee:84:b2:d6:39:8b:01:34:61:fa:31:08:f3:db:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:50:22 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=d646c964885acffdec617bd6a9d0dc79b61799748e5412b1a76e30a4f7af203b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:3b:f8:ce:17:6d:fa:76:a0:08:b5:01:00:9b: 91:05:79:d5:fa:a5:20:43:4e:77:db:fc:4d:7e:e1: 06:2d:30:46:33:e9:b9:c6:4a:44:1e:98:0f:2f:60: 66:74:bb:6b:8f:81:ad:0e:95:58:d6:41:ab:7d:c7: 41:02:bc:5a:4e:9f:19:85:09:51:d6:26:44:97:2a: 9c:e5:03:99:b8:32:60:5e:0c:8a:a4:36:7d:8a:5c: 00:5c:ef:f3:74:ce:8b:4d:48:11:fd:d9:c8:e8:c7: e8:00:13:76:a7:2b:4a:e3:a9:e2:53:d6:bb:47:f5: 4a:a6:ff:bd:38:ec:20:38:4f:27:15:94:0c:48:6f: eb:ef:8a:18:30:18:d3:8a:f8:77:cd:fd:de:03:7e: 8c:75:10:58:5e:5c:43:9b:6a:27:c6:cb:61:46:46: a5:f5:ba:50:b1:2b:ec:45:da:61:8c:b0:06:e4:4c: 2a:6b:8a:c3:66:f3:eb:3d:1b:9a:5e:63:45:ed:e8: 79:71:a5:8b:31:e9:5d:36:13:76:b5:f6:2b:06:51: 13:a3:61:5e:00:44:a1:c4:bf:a1:0c:a4:16:84:4e: 1e:8b:11:2e:52:a5:6d:d0:2e:43:0b:85:50:53:f3: 5a:15:da:49:66:24:98:79:da:9d:56:6c:3e:ab:93: 26:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:69:91:27:38:E4:8A:73:FA:EF:AD:D9:6E:A4:B8:EA:AE:66:A6:9E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc::/32 Signature Algorithm: sha256WithRSAEncryption 55:ef:b6:0d:fc:7d:69:12:ae:e7:3e:83:4e:44:dc:0e:8b:6b: e8:6e:e5:6a:b5:19:e7:10:4b:3e:f1:8a:62:0b:5b:6b:84:65: 2d:a9:a3:8e:81:52:dc:4a:72:83:53:1c:54:19:95:ab:5c:55: 31:4b:14:8a:22:9e:09:5f:51:fe:4f:10:a0:45:2a:fd:fc:d4: d4:ea:84:41:27:42:45:da:e2:c6:b3:9a:a2:44:78:45:f2:f5: e7:9f:f3:55:03:31:41:97:8b:3c:4d:9e:48:a7:ef:32:f8:9a: cf:ec:ca:bc:bb:80:b2:2d:af:d7:3d:16:75:02:47:4e:e9:63: 71:22:e9:00:ea:25:ee:81:20:c9:69:56:cf:ab:ed:a8:67:ce: 71:98:d4:5a:53:6f:3d:34:4d:c6:11:4c:e8:e5:af:57:7e:bc: 96:6c:88:66:60:76:e3:11:99:ea:29:9f:28:9f:91:b4:64:41: 18:88:26:6e:2e:f7:73:59:a1:44:0b:48:b8:b4:e1:83:d0:4a: 26:29:6f:75:7c:8c:92:b6:b4:bb:3d:5a:74:18:73:8e:4e:b6: 38:c8:61:95:e7:63:de:60:7c:c6:2a:9d:35:3a:c1:de:b3:3d: 78:0c:0a:52:d9:2b:1a:33:d0:18:82:90:d0:25:ac:24:e6:c5: 66:da:43:c0 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUCGRJyFHuhLLWOYsBNGH6MQjz2ywwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NTAyMloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZDY0NmM5NjQ4ODVhY2ZmZGVjNjE3 YmQ2YTlkMGRjNzliNjE3OTk3NDhlNTQxMmIxYTc2ZTMwYTRmN2FmMjAzYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDv4zhdt+nagCLUBAJuRBXnV+qUg Q0532/xNfuEGLTBGM+m5xkpEHpgPL2BmdLtrj4GtDpVY1kGrfcdBArxaTp8ZhQlR 1iZElyqc5QOZuDJgXgyKpDZ9ilwAXO/zdM6LTUgR/dnI6MfoABN2pytK46niU9a7 R/VKpv+9OOwgOE8nFZQMSG/r74oYMBjTivh3zf3eA36MdRBYXlxDm2onxsthRkal 9bpQsSvsRdphjLAG5Ewqa4rDZvPrPRuaXmNF7eh5caWLMeldNhN2tfYrBlETo2Fe AEShxL+hDKQWhE4eixEuUqVt0C5DC4VQU/NaFdpJZiSYedqdVmw+q5MmAwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFL9pkSc45Ipz+u+t2W6kuOquZqaeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2ODEyOWFjLWIyOWQtNDJjYS04YTA3LTMxZTRmNDcwZTFlNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba/DANBgkqhkiG9w0BAQsFAAOCAQEAVe+2Dfx9aRKu5z6DTkTc Dotr6G7larUZ5xBLPvGKYgtba4RlLamjjoFS3Epyg1McVBmVq1xVMUsUiiKeCV9R /k8QoEUq/fzU1OqEQSdCRdrixrOaokR4RfL155/zVQMxQZeLPE2eSKfvMviaz+zK vLuAsi2v1z0WdQJHTuljcSLpAOol7oEgyWlWz6vtqGfOcZjUWlNvPTRNxhFM6OWv V368lmyIZmB24xGZ6imfKJ+RtGRBGIgmbi73c1mhRAtIuLThg9BKJilvdXyMkra0 uz1adBhzjk62OMhhledj3mB8xiqdNTrB3rM9eAwKUtkrGjPQGIKQ0CWsJObFZtpD wA== -----END CERTIFICATE-----Generated at Thu Apr 17 18:00:08 2025 by rpki-client