$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa File: 13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa (raw, json) Hash identifier: GhfG9Ca7i4AzlgOaqkXm8O++TBC53ho8n5MlolfTG7s= Subject key identifier: 07:D2:EF:FC:DC:34:BA:2F:8F:52:77:D9:56:07:F0:15:C7:42:26:44 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 73833939E8976A00997EBADE599E1C6C35315A3E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa Signing time: Fri 16 May 2025 15:01:01 +0000 ROA not before: Fri 16 May 2025 15:01:01 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:83:39:39:e8:97:6a:00:99:7e:ba:de:59:9e:1c:6c:35:31:5a:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:01:01 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=992a5404d30663ffb4d1a9cb3975cf3f6587282bbd274f8bafba0f86212f19d9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f2:c0:63:0f:0f:60:16:02:c8:a3:8e:ba:3b: a7:7a:5e:cc:64:78:89:3a:42:d9:5c:cb:11:9a:c5: e2:85:86:28:2e:2f:eb:79:d3:a1:c8:4e:c8:43:4f: 87:2d:ae:71:c3:3d:ae:b0:05:7f:b1:06:10:ba:10: 72:92:e2:c3:85:cc:39:32:f9:e8:31:3e:a2:d1:1d: 74:38:05:a8:26:c8:56:e0:b0:70:1d:45:e7:6f:75: 86:d1:20:1b:22:18:85:ab:c5:e8:85:a1:e7:d3:40: 39:b3:2e:cf:37:fe:02:33:c4:8a:d3:f5:1b:db:29: c6:d3:84:3c:3b:d9:61:ca:08:3e:2c:dd:9b:4f:e9: c8:7a:8a:2b:14:4c:9f:a4:e8:94:f0:7f:41:09:49: e1:3a:89:5c:cd:f4:42:a8:e3:36:34:60:a1:65:8b: ac:ab:d6:4c:d8:9a:63:75:92:96:64:97:79:22:13: ac:9e:48:49:2d:e8:06:d2:7f:43:ea:26:1c:a5:20: d5:88:54:d2:96:bc:de:b9:e2:24:c1:20:53:36:be: ff:64:93:2f:bc:f5:68:76:65:1f:db:0a:94:62:56: 67:82:f3:aa:be:f4:af:4e:54:d7:de:94:ec:2a:dc: 4b:31:1a:7e:83:6b:26:07:9d:fa:c4:3d:16:36:90: cc:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:D2:EF:FC:DC:34:BA:2F:8F:52:77:D9:56:07:F0:15:C7:42:26:44 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:9000::/40 Signature Algorithm: sha256WithRSAEncryption 8d:a7:5a:06:e7:36:73:1a:63:26:bf:ab:82:76:3d:db:fc:61: e2:0d:89:4a:88:d8:24:28:02:6c:5e:b4:e3:00:81:b1:6e:40: 02:1d:ef:16:ad:21:4a:98:81:dd:a7:57:60:c6:5c:58:4f:6b: d2:96:68:92:dc:20:42:8f:a2:f1:c2:4d:1a:7a:fe:cc:9c:bc: 91:3e:50:1e:c9:1a:36:51:ff:48:43:78:3a:0d:e1:03:05:36: f8:b2:70:c3:47:6a:e0:41:7d:75:65:59:e2:11:d4:ab:e4:2b: dc:8f:20:db:b4:8b:b5:30:56:1a:da:17:c1:2b:6f:8e:65:b0: cc:ef:3a:50:ce:53:7d:bf:02:71:05:9d:0c:b4:44:ba:e6:1a: 71:8f:59:a5:4e:f9:a8:d9:05:55:3b:ed:13:bb:05:82:c6:33: a8:d7:3d:6d:da:ca:45:d1:1d:59:e0:67:08:03:78:3f:eb:db: d1:a5:b8:9c:5f:86:ee:0f:7d:95:29:7d:cf:08:03:d7:cd:74: 48:17:a1:fe:80:16:8f:09:36:cf:39:d6:11:64:b2:c1:b6:9d: 43:1b:71:d8:21:90:c2:8a:c2:3c:0f:15:75:37:f4:44:56:e6: 6a:e3:2d:e7:3e:1f:2c:a3:a8:e8:f4:bb:c3:f9:c3:de:9e:0e: 95:e5:26:5e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUc4M5OeiXagCZfrreWZ4cbDUxWj4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MDEwMVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAOTkyYTU0MDRkMzA2NjNmZmI0ZDFh OWNiMzk3NWNmM2Y2NTg3MjgyYmJkMjc0ZjhiYWZiYTBmODYyMTJmMTlkOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/LAYw8PYBYCyKOOujunel7MZHiJ OkLZXMsRmsXihYYoLi/redOhyE7IQ0+HLa5xwz2usAV/sQYQuhBykuLDhcw5Mvno MT6i0R10OAWoJshW4LBwHUXnb3WG0SAbIhiFq8XohaHn00A5sy7PN/4CM8SK0/Ub 2ynG04Q8O9lhygg+LN2bT+nIeoorFEyfpOiU8H9BCUnhOolczfRCqOM2NGChZYus q9ZM2JpjdZKWZJd5IhOsnkhJLegG0n9D6iYcpSDViFTSlrzeueIkwSBTNr7/ZJMv vPVodmUf2wqUYlZngvOqvvSvTlTX3pTsKtxLMRp+g2smB536xD0WNpDMTwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAfS7/zcNLovj1J32VYH8BXHQiZEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEzZjVmMDFhLWFiOGYtNDc4OC1iYTkxLTZiYzg2ZGU0NGUxOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/pAwDQYJKoZIhvcNAQELBQADggEBAI2nWgbnNnMaYya/q4J2 Pdv8YeINiUqI2CQoAmxetOMAgbFuQAId7xatIUqYgd2nV2DGXFhPa9KWaJLcIEKP ovHCTRp6/sycvJE+UB7JGjZR/0hDeDoN4QMFNviycMNHauBBfXVlWeIR1KvkK9yP INu0i7UwVhraF8Erb45lsMzvOlDOU32/AnEFnQy0RLrmGnGPWaVO+ajZBVU77RO7 BYLGM6jXPW3aykXRHVngZwgDeD/r29GluJxfhu4PfZUpfc8IA9fNdEgXof6AFo8J Ns851hFkssG2nUMbcdghkMKKwjwPFXU39ERW5mrjLec+HyyjqOj0u8P5w96eDpXl Jl4= -----END CERTIFICATE-----Generated at Tue Jun 3 23:28:58 2025 by rpki-client