$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa File: 00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa (raw, json) Hash identifier: XqKIgql8cXgZrTLumJRCx6NoAFPBxXHWq7yQz2AODb4= Subject key identifier: 08:7D:72:08:17:43:3E:A7:43:97:EC:0E:9D:47:5C:B2:70:A6:B6:93 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 63CE127E2B8C02D14835412D21C9B937646CA3A8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa Signing time: Wed 26 Mar 2025 00:01:12 +0000 ROA not before: Wed 26 Mar 2025 00:01:12 +0000 ROA not after: Wed 30 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:ce:12:7e:2b:8c:02:d1:48:35:41:2d:21:c9:b9:37:64:6c:a3:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 26 00:01:12 2025 GMT Not After : Apr 30 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d5:ba:05:88:df:24:bf:d6:8e:f2:8c:72:9a: d6:f1:1f:b5:21:53:6d:de:71:68:81:8c:98:3b:2b: ab:1f:e0:02:09:1e:38:b5:80:46:5b:27:65:3f:25: 04:49:da:12:35:80:ea:0c:d7:19:fa:81:77:80:cd: f1:22:77:ca:0b:c4:c0:a3:0c:d9:0a:bc:31:5e:0f: a6:90:e7:d4:cf:fc:12:0b:36:5e:49:d9:67:ca:4f: 21:3d:ed:fa:fd:db:c6:dd:cc:0a:6b:b5:65:b9:28: 7f:94:f0:27:23:75:b1:5a:0f:de:04:60:62:74:d8: c7:c3:c7:43:99:47:4a:d2:dd:49:52:aa:1a:ac:cb: 05:1c:80:5d:ef:80:60:2a:9b:53:98:8f:3d:b8:35: ef:43:50:a0:94:3a:3b:22:63:df:15:e7:dc:62:32: 5d:59:54:d6:26:3b:88:c6:d0:09:91:02:7c:cf:71: 79:f1:43:62:59:19:df:94:0c:f5:e2:63:0e:49:a2: 33:3b:8e:3f:af:61:b9:d6:b6:ce:b2:69:80:2f:74: e0:76:6e:fa:0a:70:93:b8:52:9d:67:4e:e4:04:64: 79:36:6f:f0:2f:b2:0c:2d:61:92:66:67:92:4f:57: 14:8b:0c:6d:4d:36:fc:5e:47:b3:e8:dc:f5:71:93: b4:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:7D:72:08:17:43:3E:A7:43:97:EC:0E:9D:47:5C:B2:70:A6:B6:93 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:7000::/40 Signature Algorithm: sha256WithRSAEncryption 1e:3d:8f:c1:b9:22:39:83:34:e3:d7:c3:4a:4c:cf:c0:5b:a3: 58:6c:e0:c0:36:5a:60:5b:11:dd:77:94:63:79:38:18:de:94: 31:15:a2:53:c7:7d:b5:9b:3a:91:5a:c5:79:df:7e:80:84:d3: 53:93:dc:73:3a:87:a7:97:cb:82:b4:7c:72:e0:5d:da:02:0d: e8:a1:aa:27:2c:15:0a:d7:7d:a5:3a:b1:24:28:26:bc:47:4b: a1:b6:23:32:0f:b7:ac:2b:2b:05:24:35:bf:00:ef:da:0f:20: 2f:5b:6b:7c:70:cd:ae:40:9d:ee:7a:5e:48:26:e8:ed:a3:e0: 2f:ac:a1:24:ae:1d:f1:a2:96:75:ce:d3:1c:10:ba:13:9f:6f: 7d:a0:d3:c8:3c:ce:a7:a3:74:11:48:4d:00:af:e3:1a:b4:fd: cc:16:75:06:60:ce:88:1c:7d:38:43:ff:78:d7:22:86:b2:15: 18:79:d0:99:40:21:63:74:3b:a2:a7:53:c4:fb:f2:65:ad:7e: 21:6c:6b:49:7b:28:66:ae:b9:f1:be:f4:91:8a:57:46:07:22: 7d:a5:97:2f:c6:fa:0c:df:c6:07:8d:53:d1:54:6e:4e:b8:89: 32:2d:88:02:07:64:73:ea:f4:0b:3a:5b:f8:de:dc:43:94:17: 8f:b6:4b:4d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUY84SfiuMAtFINUEtIcm5N2Rso6gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDExMloX DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAOWM2MTJhODNjZTEwZjE3OWFkNDYx NWYyMDEyODY3MTdmNTNjOTNmYWMzYjdmZWFjYjY5ODVkMDk4YWNhY2VjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudW6BYjfJL/WjvKMcprW8R+1IVNt 3nFogYyYOyurH+ACCR44tYBGWydlPyUESdoSNYDqDNcZ+oF3gM3xInfKC8TAowzZ CrwxXg+mkOfUz/wSCzZeSdlnyk8hPe36/dvG3cwKa7VluSh/lPAnI3WxWg/eBGBi dNjHw8dDmUdK0t1JUqoarMsFHIBd74BgKptTmI89uDXvQ1CglDo7ImPfFefcYjJd WVTWJjuIxtAJkQJ8z3F58UNiWRnflAz14mMOSaIzO44/r2G51rbOsmmAL3Tgdm76 CnCTuFKdZ07kBGR5Nm/wL7IMLWGSZmeST1cUiwxtTTb8Xkez6Nz1cZO0pQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAh9cggXQz6nQ5fsDp1HXLJwpraTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwYjJhMmI0LTk5ZGUtNDVhMi1iNWY0LWEwMTYwOWM5OTdmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOHAwDQYJKoZIhvcNAQELBQADggEBAB49j8G5IjmDNOPXw0pM z8Bbo1hs4MA2WmBbEd13lGN5OBjelDEVolPHfbWbOpFaxXnffoCE01OT3HM6h6eX y4K0fHLgXdoCDeihqicsFQrXfaU6sSQoJrxHS6G2IzIPt6wrKwUkNb8A79oPIC9b a3xwza5Ane56Xkgm6O2j4C+soSSuHfGilnXO0xwQuhOfb32g08g8zqejdBFITQCv 4xq0/cwWdQZgzogcfThD/3jXIoayFRh50JlAIWN0O6KnU8T78mWtfiFsa0l7KGau ufG+9JGKV0YHIn2lly/G+gzfxgeNU9FUbk64iTItiAIHZHPq9As6W/je3EOUF4+2 S00= -----END CERTIFICATE-----Generated at Sat Apr 5 10:52:39 2025 by rpki-client