$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02d4e2a1-b855-4dc9-b76f-9f661a0dff14.roa File: 02d4e2a1-b855-4dc9-b76f-9f661a0dff14.roa (raw, json) Hash identifier: Zo6gKvYg1c0MR9fA+jxgaWfeIahSSPktaNEW2VAyiRc= Subject key identifier: EB:22:A1:7D:BD:27:CF:7E:A0:9C:38:49:E8:C5:E1:D5:74:05:15:57 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7C4C08C267AAA2C4F91A04F4BFC35A3FEAE66878 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02d4e2a1-b855-4dc9-b76f-9f661a0dff14.roa Signing time: Fri 16 May 2025 00:30:21 +0000 ROA not before: Fri 16 May 2025 00:30:21 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:4c:08:c2:67:aa:a2:c4:f9:1a:04:f4:bf:c3:5a:3f:ea:e6:68:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:30:21 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=e839fbf6eadeb79fe26fb070c568104262a9a779d9595d1055733ed5e652cbae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:71:a4:aa:c0:94:bd:95:5e:03:d3:46:d5:b0: 78:bb:4e:38:6f:13:71:68:30:be:5b:c1:ba:49:f5: 01:d3:26:21:22:81:28:3f:23:87:d9:18:e0:20:60: 16:9e:3c:91:4c:1d:22:ba:e4:3e:3a:1c:ea:c5:eb: d7:dd:69:e9:15:ed:72:46:a6:52:50:93:fd:f3:1c: f9:34:63:f3:57:09:67:da:50:df:c7:b5:ce:ba:35: 69:15:b4:d9:12:52:29:51:00:99:d6:bb:08:4a:69: 0d:06:54:a5:88:61:4d:61:4d:3b:9f:5a:71:8d:f2: 2f:83:d2:88:9f:b3:a1:77:d4:40:30:82:25:4b:dc: 2a:26:b7:d8:bc:b4:c8:3a:ed:9f:23:74:7a:89:49: b6:e0:a1:5f:9a:46:f0:b3:b2:12:80:c5:e9:c6:e1: e6:e6:ec:92:e8:9f:b6:37:69:ee:99:23:70:bc:0d: cd:1a:fa:99:e8:ca:4f:08:36:db:76:fd:6c:29:e5: 2b:cd:d3:0d:76:aa:e9:4d:72:f4:f2:8e:1a:83:18: c6:57:be:20:68:6e:8a:bc:fd:e4:f2:6b:90:28:d0: 75:65:1a:f8:cc:f9:90:67:4b:65:e4:af:63:f6:1c: 58:fb:85:bc:77:ee:73:49:08:03:c5:70:ae:b0:5a: 01:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:22:A1:7D:BD:27:CF:7E:A0:9C:38:49:E8:C5:E1:D5:74:05:15:57 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02d4e2a1-b855-4dc9-b76f-9f661a0dff14.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:9000::/40 Signature Algorithm: sha256WithRSAEncryption a4:4b:79:1c:81:1c:6b:1e:d9:27:b6:a3:25:ae:12:09:43:23: 51:39:19:ee:cb:9c:9c:14:54:f0:04:65:2d:8f:06:aa:77:31: fd:19:b4:5f:e3:4f:b3:33:c5:c8:b9:c6:ea:2a:35:91:ad:8a: 22:36:d8:82:ac:45:fd:fc:09:34:cf:75:0f:1b:3c:8b:10:d8: 80:0b:f8:4a:46:4d:19:f8:7a:2b:f1:f5:c9:a6:52:f2:93:98: f9:1e:6a:9e:82:0e:e9:ac:1b:3c:ce:24:92:39:07:c2:e8:ec: fd:aa:8a:2e:62:4c:21:5e:e8:34:9c:00:2e:02:04:2a:e5:f2: 22:b5:56:ca:2f:28:5d:99:df:97:bd:1a:03:54:24:a0:4a:c6: 00:ab:05:8c:f2:46:32:09:aa:5a:48:83:66:e7:69:77:c5:96: e7:72:8f:9d:8b:43:5d:da:34:22:d8:0d:24:f6:d0:db:8e:2a: 0b:c6:72:0c:7c:83:b3:8e:32:53:95:fb:03:83:95:01:dd:6d: bd:4f:36:b4:53:4a:29:17:e5:2f:67:fc:4c:c4:d5:b5:cd:2d: c4:d2:f8:75:c7:86:44:5e:b8:6a:bf:aa:18:16:15:9a:ac:2c: 2f:b2:7d:89:51:8e:9c:bc:ed:46:9c:c0:9e:37:26:df:f8:8d: f7:ca:9b:57 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfEwIwmeqosT5GgT0v8NaP+rmaHgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMzAyMVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZTgzOWZiZjZlYWRlYjc5ZmUyNmZi MDcwYzU2ODEwNDI2MmE5YTc3OWQ5NTk1ZDEwNTU3MzNlZDVlNjUyY2JhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXGkqsCUvZVeA9NG1bB4u044bxNx aDC+W8G6SfUB0yYhIoEoPyOH2RjgIGAWnjyRTB0iuuQ+OhzqxevX3WnpFe1yRqZS UJP98xz5NGPzVwln2lDfx7XOujVpFbTZElIpUQCZ1rsISmkNBlSliGFNYU07n1px jfIvg9KIn7Ohd9RAMIIlS9wqJrfYvLTIOu2fI3R6iUm24KFfmkbws7ISgMXpxuHm 5uyS6J+2N2numSNwvA3NGvqZ6MpPCDbbdv1sKeUrzdMNdqrpTXL08o4agxjGV74g aG6KvP3k8muQKNB1ZRr4zPmQZ0tl5K9j9hxY+4W8d+5zSQgDxXCusFoBpwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOsioX29J89+oJw4SejF4dV0BRVXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyZDRlMmExLWI4NTUtNGRjOS1iNzZmLTlmNjYxYTBkZmYxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYZAwDQYJKoZIhvcNAQELBQADggEBAKRLeRyBHGse2Se2oyWu EglDI1E5Ge7LnJwUVPAEZS2PBqp3Mf0ZtF/jT7Mzxci5xuoqNZGtiiI22IKsRf38 CTTPdQ8bPIsQ2IAL+EpGTRn4eivx9cmmUvKTmPkeap6CDumsGzzOJJI5B8Lo7P2q ii5iTCFe6DScAC4CBCrl8iK1VsovKF2Z35e9GgNUJKBKxgCrBYzyRjIJqlpIg2bn aXfFludyj52LQ13aNCLYDST20NuOKgvGcgx8g7OOMlOV+wODlQHdbb1PNrRTSikX 5S9n/EzE1bXNLcTS+HXHhkReuGq/qhgWFZqsLC+yfYlRjpy87UacwJ43Jt/4jffK m1c= -----END CERTIFICATE-----Generated at Tue Jun 3 23:13:00 2025 by rpki-client