$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa File: f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa (raw, json) Hash identifier: Nfo5gKFlHueZMAH9ymcogSF/Ywh1Wmk9dERLBTZtxIs= Subject key identifier: AE:82:F6:C5:86:D6:80:38:21:F3:78:2D:E9:0C:56:94:4A:5A:14:01 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 14DB50478F2A66005781CE448BD8E8854949A8C9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa Signing time: Mon 24 Mar 2025 15:21:02 +0000 ROA not before: Mon 24 Mar 2025 15:21:02 +0000 ROA not after: Mon 28 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:db:50:47:8f:2a:66:00:57:81:ce:44:8b:d8:e8:85:49:49:a8:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 24 15:21:02 2025 GMT Not After : Apr 28 23:59:59 2025 GMT Subject: serialNumber=9910a29e518b53af3490a0e2216e880ccabedf798fd42fd0f2fb0f7137341fea, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:27:0c:43:43:5d:2e:24:28:ce:57:a4:1b:72: 46:af:cf:17:e7:ed:b0:2f:e3:37:ce:68:04:b6:40: b2:8b:f3:08:47:27:00:1a:5d:f2:35:99:c0:c1:02: fc:38:5d:52:1d:75:c3:9a:c7:1e:cd:dc:1a:54:7d: 17:e8:c0:7a:6c:84:36:7c:40:71:2b:44:19:9b:1b: c4:3c:c0:50:33:f0:f8:24:64:31:fb:91:1a:b3:90: 12:67:6a:a3:42:dc:fe:4d:33:c2:d9:fb:ca:0e:60: 88:8e:93:8a:f6:ef:3a:ee:9b:d4:9f:1d:b3:f5:2a: 7a:03:3d:2e:4d:20:30:ac:70:9f:f8:d5:6c:ff:77: ee:5c:88:85:bf:37:c0:24:52:c8:cf:09:ee:51:ed: 1a:a5:3c:f2:07:8e:9c:d1:0a:e0:e1:e9:8b:b7:b8: 7f:a2:ac:e0:07:33:e4:6b:fa:41:cc:ff:d4:dc:e9: e3:a8:f6:a5:bf:64:d0:4e:73:dd:7b:32:8d:cc:fb: b0:a1:2d:eb:65:ad:1d:d6:75:9b:96:f3:17:a6:b6: 3a:19:45:f2:47:c5:dd:6f:7f:db:ec:e1:3f:1d:51: c4:f1:5f:47:17:bd:3a:e4:71:b4:f6:40:b2:f1:90: 6c:e9:b9:d4:0b:b5:a6:78:dc:41:6d:44:c2:72:96: 29:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:82:F6:C5:86:D6:80:38:21:F3:78:2D:E9:0C:56:94:4A:5A:14:01 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4020::/48 Signature Algorithm: sha256WithRSAEncryption 95:b1:f8:da:f1:0e:38:51:8b:ec:de:fc:11:0e:28:5b:8c:06: 2a:36:33:02:38:90:aa:f0:63:43:a4:ff:94:23:ad:36:17:de: d4:0d:b5:b2:de:2c:2d:db:e6:49:c3:f4:fa:35:eb:16:f0:f9: 2f:f9:fc:1f:79:2c:7a:61:6d:d7:15:9f:fe:27:02:41:20:aa: c0:04:d4:3e:1a:d6:b4:d5:39:d0:8d:c1:19:57:54:70:a4:8f: fc:f5:7c:99:84:e2:88:b0:b3:c1:5d:95:69:28:69:a3:05:24: f9:67:61:06:1f:1c:ad:a5:ef:5d:54:5e:bc:0e:07:ad:2e:c0: 33:64:d6:56:7c:d2:97:67:e0:60:73:5d:ed:00:49:5b:52:3a: f3:b3:e0:06:f6:6c:5f:26:a2:8b:a7:d4:be:28:2d:59:c4:35: 1a:f6:c0:64:42:07:af:f4:40:04:2e:21:73:86:17:17:1e:05: f5:77:c5:22:66:1d:99:79:ff:90:3c:c9:04:51:57:54:21:4a: a2:04:1a:2b:f2:79:fa:97:80:dd:4b:49:b4:ec:72:3a:fa:7d: ce:f3:e0:33:0e:e0:4b:de:b4:7a:12:fd:7f:5a:8d:6a:c6:ca: 6a:8c:a0:2e:39:76:eb:b9:c0:43:48:11:6b:16:03:12:7d:cd: 8f:58:ac:0e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFNtQR48qZgBXgc5Ei9johUlJqMkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNDE1MjEwMloX DTI1MDQyODIzNTk1OVowejFJMEcGA1UEBRNAOTkxMGEyOWU1MThiNTNhZjM0OTBh MGUyMjE2ZTg4MGNjYWJlZGY3OThmZDQyZmQwZjJmYjBmNzEzNzM0MWZlYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0icMQ0NdLiQozlekG3JGr88X5+2w L+M3zmgEtkCyi/MIRycAGl3yNZnAwQL8OF1SHXXDmscezdwaVH0X6MB6bIQ2fEBx K0QZmxvEPMBQM/D4JGQx+5Eas5ASZ2qjQtz+TTPC2fvKDmCIjpOK9u867pvUnx2z 9Sp6Az0uTSAwrHCf+NVs/3fuXIiFvzfAJFLIzwnuUe0apTzyB46c0Qrg4emLt7h/ oqzgBzPka/pBzP/U3OnjqPalv2TQTnPdezKNzPuwoS3rZa0d1nWblvMXprY6GUXy R8Xdb3/b7OE/HVHE8V9HF7065HG09kCy8ZBs6bnUC7WmeNxBbUTCcpYptQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFK6C9sWG1oA4IfN4LekMVpRKWhQBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y3ZWM4NTUyLTdkZGItNDk3OC1iYjhjLWZjOTdkMDYyNWI0Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOEAgMA0GCSqGSIb3DQEBCwUAA4IBAQCVsfja8Q44UYvs3vwR DihbjAYqNjMCOJCq8GNDpP+UI602F97UDbWy3iwt2+ZJw/T6NesW8Pkv+fwfeSx6 YW3XFZ/+JwJBIKrABNQ+Gta01TnQjcEZV1RwpI/89XyZhOKIsLPBXZVpKGmjBST5 Z2EGHxytpe9dVF68DgetLsAzZNZWfNKXZ+Bgc13tAElbUjrzs+AG9mxfJqKLp9S+ KC1ZxDUa9sBkQgev9EAELiFzhhcXHgX1d8UiZh2Zef+QPMkEUVdUIUqiBBor8nn6 l4DdS0m07HI6+n3O8+AzDuBL3rR6Ev1/Wo1qxspqjKAuOXbrucBDSBFrFgMSfc2P WKwO -----END CERTIFICATE-----Generated at Thu Apr 17 17:41:14 2025 by rpki-client