$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa File: 02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa (raw, json) Hash identifier: oRCBFwY1wWQ2HfwoKjdy/hIczEd9xmUM0gxex+lgnHI= Subject key identifier: C8:D7:B4:8E:C5:19:A0:FF:D0:DD:BF:98:68:F2:8F:48:6E:80:73:67 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27DE0ED182747396343C9B85D3B25DC574B4807B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa Signing time: Fri 16 May 2025 15:10:48 +0000 ROA not before: Fri 16 May 2025 15:10:48 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:de:0e:d1:82:74:73:96:34:3c:9b:85:d3:b2:5d:c5:74:b4:80:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:10:48 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=7dbc0ad87d8504ef5946352fa02216f67a7499fed1d4b86bd6bce4ba1cef1f33, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:b1:83:b8:59:7c:ff:f7:69:bb:7e:d1:af:f8: 3b:c7:c9:c7:31:0c:f4:a7:58:59:b0:06:8a:bb:0f: 81:3a:24:3a:df:2c:76:6f:f4:71:2b:20:d5:27:89: 4e:4e:24:b2:7a:33:d0:62:c0:04:eb:7a:6d:22:d3: 68:09:b5:e0:00:bc:5c:73:32:03:0d:3e:46:be:e6: fe:d3:36:ef:d9:01:aa:e5:92:8f:9f:b6:22:54:89: 93:03:1d:d0:0f:0c:d9:c6:60:fd:6c:ac:19:aa:c8: 67:b3:80:91:db:ff:1c:56:b6:2e:15:9d:47:e3:26: df:be:cc:dc:14:cf:cd:b6:83:fd:d8:26:b5:d7:b3: 0e:e1:34:ca:61:a7:49:25:63:0f:e7:a1:7f:c1:ee: 33:f3:41:04:09:d8:6d:e3:f4:7c:74:71:78:7a:14: 43:0b:13:71:83:d2:39:ef:a9:01:34:e4:0d:0e:87: 62:1a:ba:17:dc:14:d1:b3:d7:80:26:e2:68:80:7a: c9:d5:f3:6a:f8:64:11:2e:6f:bc:5b:7d:22:ea:91: af:16:46:83:69:f6:34:19:34:b4:4f:67:b5:ac:fc: ea:f4:f3:9f:bb:a9:3d:36:83:9b:f6:2b:06:16:3e: 85:f1:de:e9:67:02:58:58:60:58:5b:9e:92:93:b6: f3:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:D7:B4:8E:C5:19:A0:FF:D0:DD:BF:98:68:F2:8F:48:6E:80:73:67 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:2000::/40 Signature Algorithm: sha256WithRSAEncryption 0c:68:94:d8:74:41:b5:84:8b:2d:0c:21:99:bd:d9:1c:95:b7: e1:cd:c9:14:87:c7:eb:e5:b5:37:22:4f:89:8e:ec:75:5b:d1: b0:31:60:dc:fb:d4:6a:19:5f:e8:9c:a5:d3:7d:4c:05:a2:1c: 74:ed:c1:2c:c3:5e:f0:ea:c8:2e:96:b6:89:61:08:2b:05:07: f5:8c:92:30:50:2c:46:5b:09:5b:3d:58:8b:69:d4:25:69:fd: 07:78:f8:df:1a:f5:41:61:43:5d:e9:bd:6d:45:3c:49:0a:49: 19:7a:c0:e9:f1:e3:43:7d:72:6a:92:4f:04:cf:fb:fe:27:64: 78:b1:6c:2e:3d:b8:6b:2e:04:fa:8c:c6:37:49:b9:3d:65:46: cd:3c:a3:d9:61:60:94:25:2d:95:af:42:73:d9:54:c5:30:ee: a9:98:7a:d4:45:34:b2:6b:bf:a7:51:2a:6a:89:a5:5c:12:5c: e5:ba:04:84:6e:7c:fb:62:8e:33:eb:32:e2:d4:d9:48:9f:d9: 9a:57:85:d7:43:9a:42:61:d2:30:5d:91:93:95:6e:47:f0:87: 02:fa:e6:b8:f3:9f:90:62:71:c3:da:30:4c:63:7f:f4:d9:a8: ae:37:fe:db:87:ef:9e:fc:2d:b3:b9:b4:e3:98:c9:da:f1:c8: ab:4f:c8:05 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ94O0YJ0c5Y0PJuF07JdxXS0gHswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MTA0OFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAN2RiYzBhZDg3ZDg1MDRlZjU5NDYz NTJmYTAyMjE2ZjY3YTc0OTlmZWQxZDRiODZiZDZiY2U0YmExY2VmMWYzMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbGDuFl8//dpu37Rr/g7x8nHMQz0 p1hZsAaKuw+BOiQ63yx2b/RxKyDVJ4lOTiSyejPQYsAE63ptItNoCbXgALxcczID DT5Gvub+0zbv2QGq5ZKPn7YiVImTAx3QDwzZxmD9bKwZqshns4CR2/8cVrYuFZ1H 4ybfvszcFM/NtoP92Ca117MO4TTKYadJJWMP56F/we4z80EECdht4/R8dHF4ehRD CxNxg9I576kBNOQNDodiGroX3BTRs9eAJuJogHrJ1fNq+GQRLm+8W30i6pGvFkaD afY0GTS0T2e1rPzq9POfu6k9NoOb9isGFj6F8d7pZwJYWGBYW56Sk7bzgQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMjXtI7FGaD/0N2/mGjyj0hugHNnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyYTUxZTU0LTZiYjUtNDNlNy05NGQwLWE4ZTk1NzcxZjJhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8SAwDQYJKoZIhvcNAQELBQADggEBAAxolNh0QbWEiy0MIZm9 2RyVt+HNyRSHx+vltTciT4mO7HVb0bAxYNz71GoZX+icpdN9TAWiHHTtwSzDXvDq yC6WtolhCCsFB/WMkjBQLEZbCVs9WItp1CVp/Qd4+N8a9UFhQ13pvW1FPEkKSRl6 wOnx40N9cmqSTwTP+/4nZHixbC49uGsuBPqMxjdJuT1lRs08o9lhYJQlLZWvQnPZ VMUw7qmYetRFNLJrv6dRKmqJpVwSXOW6BIRufPtijjPrMuLU2Uif2ZpXhddDmkJh 0jBdkZOVbkfwhwL65rjzn5BiccPaMExjf/TZqK43/tuH7578LbO5tOOYydrxyKtP yAU= -----END CERTIFICATE-----Generated at Tue Jun 3 23:11:21 2025 by rpki-client