$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa File: fb33c78e-80e8-48d7-8941-7ac54859b50c.roa (raw, json) Hash identifier: JOoIx3F6G2kOdS6GJQfOhNIkF4zLUraqsNPDmYjcmmw= Subject key identifier: 3D:EA:81:B6:18:A9:20:70:4E:AE:36:D5:01:B0:13:0A:52:5E:38:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 184FDADF98581B559E16DA55468A21E0F8D622A4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa Signing time: Tue 25 Mar 2025 15:31:37 +0000 ROA not before: Tue 25 Mar 2025 15:31:37 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:4080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:4f:da:df:98:58:1b:55:9e:16:da:55:46:8a:21:e0:f8:d6:22:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 15:31:37 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=0437317383dc3505c5351c5761ac280527b072cabca259e24aab282a8cafcc1d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a6:8a:09:f1:be:c6:74:a7:dd:d9:74:91:a5: 50:41:a7:be:63:36:7a:d2:cc:1a:0d:5b:0e:f7:d9: c8:ba:59:b6:29:20:9f:18:19:ba:50:bf:e8:46:7a: 0e:07:18:7e:9c:24:08:9c:ef:9a:c7:18:56:74:2f: 2b:66:53:ed:2c:ee:59:93:e5:8e:47:8e:3c:f1:92: 24:51:6f:2d:16:5d:37:71:a6:34:80:ca:bc:fd:17: 03:63:3a:93:00:2f:4f:11:d4:0d:86:08:7a:6a:68: d4:2c:83:c5:36:2d:95:73:62:8a:d5:22:b6:02:15: fc:60:76:fe:4c:0b:f4:32:09:46:3b:15:ec:81:24: 9e:4f:6b:40:b4:f4:af:b2:f3:86:39:94:22:23:10: e4:25:aa:0b:f1:8b:47:0d:e7:30:5e:11:b0:59:ec: 86:48:f4:6f:20:ed:a1:c1:83:b3:97:b7:50:ca:4c: 8e:23:0a:dd:cf:86:d9:b6:08:36:17:03:b4:20:2d: 3e:d9:3c:2e:34:78:5c:6f:0c:9a:f7:d4:e0:c7:5c: 41:4a:22:d5:63:e0:bc:7b:2a:da:d2:53:1b:2f:d4: 86:0c:90:e2:44:fd:90:eb:b2:fe:c9:56:ee:e7:09: 4f:a9:11:6c:68:09:e1:b7:5f:12:39:57:1a:85:7e: cd:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:EA:81:B6:18:A9:20:70:4E:AE:36:D5:01:B0:13:0A:52:5E:38:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:4080::/46 Signature Algorithm: sha256WithRSAEncryption 5a:a5:ac:3d:c7:81:aa:e9:bb:ab:25:fd:e9:85:45:70:f7:25: 65:b9:91:42:ca:b9:92:91:2c:44:5d:23:02:21:c5:ef:53:ec: df:82:4e:fe:82:7d:1c:99:2a:50:c1:73:78:3e:ee:db:9f:d4: fa:fe:19:7c:37:87:3c:44:6e:5d:f8:71:ba:88:c9:5a:e0:e3: 6b:54:9f:96:93:d5:27:ec:30:dc:8e:8a:7d:f8:3d:89:0b:4b: 9c:6c:53:fd:77:28:dc:25:bf:41:70:bb:63:b3:dd:b4:3b:32: 44:2c:b2:08:3a:eb:fa:71:cb:9a:3b:7d:08:ce:93:35:f6:1e: a0:c7:0f:7f:c6:4a:b7:23:0a:bb:08:52:b1:db:ee:49:70:a7: d9:79:a8:64:9e:e9:d4:96:69:6f:78:b8:a4:d5:a0:0c:b9:e5: f5:9a:d8:8b:e1:0a:b3:22:9e:10:3c:97:41:59:72:3d:fc:26: b4:45:76:01:95:94:27:be:1d:7d:44:60:32:44:ec:e2:e0:96: 9b:cb:52:3c:3e:a6:44:5d:b4:21:98:96:3c:a7:ba:c7:80:c8: 70:a2:e8:60:c2:44:20:23:2a:14:13:d2:ca:18:94:3a:fc:38: 7a:aa:1e:2d:c2:c9:f6:45:fb:a0:ca:56:41:89:fb:f6:78:08: 12:55:a7:51 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGE/a35hYG1WeFtpVRooh4PjWIqQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MzEzN1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMDQzNzMxNzM4M2RjMzUwNWM1MzUx YzU3NjFhYzI4MDUyN2IwNzJjYWJjYTI1OWUyNGFhYjI4MmE4Y2FmY2MxZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqaKCfG+xnSn3dl0kaVQQae+YzZ6 0swaDVsO99nIulm2KSCfGBm6UL/oRnoOBxh+nCQInO+axxhWdC8rZlPtLO5Zk+WO R4488ZIkUW8tFl03caY0gMq8/RcDYzqTAC9PEdQNhgh6amjULIPFNi2Vc2KK1SK2 AhX8YHb+TAv0MglGOxXsgSSeT2tAtPSvsvOGOZQiIxDkJaoL8YtHDecwXhGwWeyG SPRvIO2hwYOzl7dQykyOIwrdz4bZtgg2FwO0IC0+2TwuNHhcbwya99Tgx1xBSiLV Y+C8eyra0lMbL9SGDJDiRP2Q67L+yVbu5wlPqRFsaAnht18SOVcahX7NZQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFD3qgbYYqSBwTq421QGwEwpSXjjVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiMzNjNzhlLTgwZTgtNDhkNy04OTQxLTdhYzU0ODU5YjUwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+0CAMA0GCSqGSIb3DQEBCwUAA4IBAQBapaw9x4Gq6burJf3p hUVw9yVluZFCyrmSkSxEXSMCIcXvU+zfgk7+gn0cmSpQwXN4Pu7bn9T6/hl8N4c8 RG5d+HG6iMla4ONrVJ+Wk9Un7DDcjop9+D2JC0ucbFP9dyjcJb9BcLtjs920OzJE LLIIOuv6ccuaO30IzpM19h6gxw9/xkq3Iwq7CFKx2+5JcKfZeahknunUlmlveLik 1aAMueX1mtiL4QqzIp4QPJdBWXI9/Ca0RXYBlZQnvh19RGAyROzi4Jaby1I8PqZE XbQhmJY8p7rHgMhwouhgwkQgIyoUE9LKGJQ6/Dh6qh4twsn2RfugylZBifv2eAgS VadR -----END CERTIFICATE-----Generated at Thu Apr 17 17:31:38 2025 by rpki-client