$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa File: 1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa (raw, json) Hash identifier: 4xFdCkCMgQ1h34mlvsHr81HeJoWAPzMplk4nQEGC2D4= Subject key identifier: 3E:4C:20:82:4E:9A:14:87:92:BC:0D:0A:DC:22:10:D0:A9:96:3C:71 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 33B73B9926FBAAC79D3D92225A2E9F7F7BF47BA3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa Signing time: Wed 14 May 2025 00:10:21 +0000 ROA not before: Wed 14 May 2025 00:10:21 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:b7:3b:99:26:fb:aa:c7:9d:3d:92:22:5a:2e:9f:7f:7b:f4:7b:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:10:21 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=f66028d67df37e69162ecbdfb945d516ced50fa8650452cafe66d4285d047592, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c0:28:c5:36:27:4f:c5:80:d6:6a:d4:88:c9: f3:5d:45:97:64:27:4c:65:c9:da:54:99:73:13:88: 8d:6a:32:fc:58:72:8c:d2:24:a4:6a:a6:b4:5e:01: b3:ce:cf:08:b7:51:aa:ba:53:9c:81:15:12:15:d9: 6b:20:ab:ca:d7:f9:53:75:29:2b:25:ca:51:0b:a2: 77:40:b0:23:16:83:fb:fd:b3:a8:6b:1d:30:3d:2a: 79:f4:52:32:12:e8:ec:cf:68:bf:eb:8d:ec:80:95: 31:cd:56:3c:2d:4a:7c:c2:a4:eb:b3:30:5d:94:39: f1:55:9a:c7:b1:ba:83:a9:2d:a9:ed:6d:8a:32:8e: bc:58:75:4e:50:c9:3e:f0:4c:20:a5:fe:9b:6d:da: 39:bb:22:2c:a4:51:a1:fd:05:98:ed:ac:29:a0:3d: 13:76:df:90:48:25:30:a0:dc:31:7e:c1:5a:e5:52: 0e:4a:32:17:fb:2a:20:bb:ec:05:fc:00:df:38:9c: fb:9b:73:03:64:be:0d:8f:2f:cc:50:07:9d:70:c2: 45:1e:b9:7a:ff:88:6a:35:f1:15:54:1f:f4:56:60: 70:fd:d7:fb:d4:14:fb:67:d8:01:43:d1:20:6a:bd: f7:29:34:3a:cd:85:f1:26:2e:13:c4:47:db:d3:ff: 5c:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:4C:20:82:4E:9A:14:87:92:BC:0D:0A:DC:22:10:D0:A9:96:3C:71 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:4020::/48 Signature Algorithm: sha256WithRSAEncryption 0a:c0:7f:d4:3c:38:43:17:4e:f0:81:a6:13:07:4b:db:03:e7: 4d:4e:9e:9f:78:ea:68:06:d0:e4:a4:d9:80:83:2d:56:d5:9e: ef:0a:51:24:8a:b4:cf:c4:b6:72:f0:ec:9d:35:f7:c7:ed:9d: fd:a7:dd:30:06:dc:b6:05:a5:7b:eb:ed:83:90:bc:4e:1e:30: 81:b9:9d:14:4e:be:51:24:f1:a6:cf:ed:92:1c:5f:be:cd:5d: 1f:18:be:ee:fa:c0:48:15:7f:80:da:e6:f0:35:59:c2:f5:ec: 52:a2:99:70:97:1b:09:a3:4e:e1:5b:73:68:5c:49:18:50:f8: 16:96:33:9a:63:0b:f6:f1:8a:ae:3d:e8:c6:41:2a:24:f4:c8: aa:ac:f5:4e:0c:cc:96:2c:a9:e8:8c:c1:a5:42:a6:07:30:3e: d9:4e:99:6e:9d:03:44:4d:6c:9d:56:bd:c9:e8:d5:bb:01:97: 4c:d4:71:11:d4:67:5e:6b:5d:33:d4:4c:aa:4c:33:a1:b9:9f: 63:31:18:da:13:48:51:43:25:ae:31:9f:52:65:d9:f7:ea:22: 2e:65:60:a8:0c:fe:aa:df:00:d3:ab:2a:95:a7:aa:17:8a:48: 74:e4:c2:af:2e:e1:f3:26:cb:b0:11:0d:5b:56:cc:e1:98:68: 4a:29:b4:a9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUM7c7mSb7qsedPZIiWi6ff3v0e6MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMTAyMVoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAZjY2MDI4ZDY3ZGYzN2U2OTE2MmVj YmRmYjk0NWQ1MTZjZWQ1MGZhODY1MDQ1MmNhZmU2NmQ0Mjg1ZDA0NzU5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsAoxTYnT8WA1mrUiMnzXUWXZCdM ZcnaVJlzE4iNajL8WHKM0iSkaqa0XgGzzs8It1GqulOcgRUSFdlrIKvK1/lTdSkr JcpRC6J3QLAjFoP7/bOoax0wPSp59FIyEujsz2i/643sgJUxzVY8LUp8wqTrszBd lDnxVZrHsbqDqS2p7W2KMo68WHVOUMk+8Ewgpf6bbdo5uyIspFGh/QWY7awpoD0T dt+QSCUwoNwxfsFa5VIOSjIX+yogu+wF/ADfOJz7m3MDZL4Njy/MUAedcMJFHrl6 /4hqNfEVVB/0VmBw/df71BT7Z9gBQ9Egar33KTQ6zYXxJi4TxEfb0/9cJwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFD5MIIJOmhSHkrwNCtwiENCpljxxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE1ODJlZTBkLTExZWEtNDQ5NS05N2U1LTBlZDgyNWJhOGVlMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8kAgMA0GCSqGSIb3DQEBCwUAA4IBAQAKwH/UPDhDF07wgaYT B0vbA+dNTp6feOpoBtDkpNmAgy1W1Z7vClEkirTPxLZy8OydNffH7Z39p90wBty2 BaV76+2DkLxOHjCBuZ0UTr5RJPGmz+2SHF++zV0fGL7u+sBIFX+A2ubwNVnC9exS oplwlxsJo07hW3NoXEkYUPgWljOaYwv28YquPejGQSok9MiqrPVODMyWLKnojMGl QqYHMD7ZTplunQNETWydVr3J6NW7AZdM1HER1Gdea10z1EyqTDOhuZ9jMRjaE0hR QyWuMZ9SZdn36iIuZWCoDP6q3wDTqyqVp6oXikh05MKvLuHzJsuwEQ1bVszhmGhK KbSp -----END CERTIFICATE-----Generated at Mon Jun 2 06:26:10 2025 by rpki-client