$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/167733fe-6ab1-443d-bc7d-702a6bfa6dbc.roa File: 167733fe-6ab1-443d-bc7d-702a6bfa6dbc.roa (raw, json) Hash identifier: N+PM5B0W7nihUXDOSnm/svw//rZblGaXYLQmjHtvOMc= Subject key identifier: 7D:1A:C2:87:66:D7:A9:45:BF:CA:27:32:A8:10:B4:F8:4B:25:69:95 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 742566451B2D2845B73D0F05211BEB598E2AF46E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/167733fe-6ab1-443d-bc7d-702a6bfa6dbc.roa Signing time: Thu 22 May 2025 00:36:45 +0000 ROA not before: Thu 22 May 2025 00:36:45 +0000 ROA not after: Thu 26 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:25:66:45:1b:2d:28:45:b7:3d:0f:05:21:1b:eb:59:8e:2a:f4:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 00:36:45 2025 GMT Not After : Jun 26 23:59:59 2025 GMT Subject: serialNumber=fe6b3b3ed9df7b486296114b8b99342f8765ef1d1b7aa63adfd0c218b6ee6b9b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:48:91:4d:ad:2d:1c:54:7e:26:33:fa:ba:58: db:60:95:49:05:aa:df:bb:6b:34:58:d2:e8:a2:cb: bd:13:f9:aa:d4:25:48:d9:de:e1:e0:5e:c2:df:e3: 5d:f2:5e:55:ca:cb:0d:d9:35:14:40:e2:50:bb:be: f4:2c:c4:35:40:56:25:ab:68:0a:53:00:12:07:fc: d8:33:6e:79:50:b3:9a:30:a3:41:0d:9a:12:8a:00: 44:9f:84:a8:89:39:66:98:1d:6e:26:64:f8:02:f2: 1a:fd:8c:ab:38:7d:7e:5f:9f:c1:68:c9:1d:fc:e2: 2f:ea:9a:b1:7e:b6:21:07:b9:81:2f:56:07:7e:51: fd:59:65:31:cf:e2:a7:44:18:90:5d:df:69:b7:0c: 46:92:2a:a6:b0:b1:7e:5f:f1:0e:c6:59:51:a9:a5: 23:18:31:c8:11:18:f0:86:e9:2d:3d:02:07:c3:87: ab:ce:36:a0:a9:28:cc:0e:d3:4c:46:22:b4:1c:a5: c9:f2:ab:5b:cc:e6:98:06:b3:5d:73:e0:d8:0f:a8: f0:6e:19:6f:48:5c:d4:81:b1:20:79:53:1b:31:2e: b1:52:4a:4f:ff:b4:fd:22:48:62:24:01:3b:93:41: 27:cd:48:32:76:cc:b3:5b:24:ff:41:a1:64:9e:2f: 6b:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:1A:C2:87:66:D7:A9:45:BF:CA:27:32:A8:10:B4:F8:4B:25:69:95 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/167733fe-6ab1-443d-bc7d-702a6bfa6dbc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:4000::/40 Signature Algorithm: sha256WithRSAEncryption 72:e2:4d:43:d1:9f:2d:86:3f:cc:ff:8c:f8:e4:95:48:c9:36: 28:2f:5b:fa:43:e8:15:4e:9e:b1:23:f4:7e:65:10:3f:df:9f: 75:7d:17:c5:ab:2a:0e:e1:ac:ef:30:84:6d:77:5f:11:ec:b8: 5b:7c:3b:98:ac:a3:1a:ab:3f:18:d9:c0:21:b3:56:15:a5:9d: 22:12:ee:55:f4:94:bf:09:5b:53:3a:0c:29:cc:e7:f9:49:31: 47:e8:60:f4:a4:97:32:1a:8c:af:eb:78:9c:2e:3d:48:03:6e: 63:f9:4b:ac:74:8d:b4:ef:03:7e:46:ab:a1:d4:67:bd:52:f0: aa:e5:46:18:72:c1:46:6e:bc:4b:71:c7:02:57:43:e7:d3:02: fb:fa:79:bf:29:68:c0:74:39:b2:52:85:67:e4:04:83:f0:2d: e7:d6:59:be:65:5f:7b:cd:67:57:fc:77:87:99:85:8f:49:76: 05:88:33:7b:55:68:80:19:e4:22:a3:88:10:c2:76:05:a3:0d: 75:6c:54:3f:1b:fc:88:f0:79:d2:23:65:a7:41:31:7c:00:78: 10:38:f5:8d:09:6f:aa:08:b7:19:d3:b7:16:f0:0c:c0:e0:5a: 91:e4:c8:66:49:f5:1e:2a:1f:19:0d:c6:98:c1:04:ee:f7:84: bc:40:42:24 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdCVmRRstKEW3PQ8FIRvrWY4q9G4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMjAwMzY0NVoX DTI1MDYyNjIzNTk1OVowejFJMEcGA1UEBRNAZmU2YjNiM2VkOWRmN2I0ODYyOTYx MTRiOGI5OTM0MmY4NzY1ZWYxZDFiN2FhNjNhZGZkMGMyMThiNmVlNmI5YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUiRTa0tHFR+JjP6uljbYJVJBarf u2s0WNLoosu9E/mq1CVI2d7h4F7C3+Nd8l5VyssN2TUUQOJQu770LMQ1QFYlq2gK UwASB/zYM255ULOaMKNBDZoSigBEn4SoiTlmmB1uJmT4AvIa/YyrOH1+X5/BaMkd /OIv6pqxfrYhB7mBL1YHflH9WWUxz+KnRBiQXd9ptwxGkiqmsLF+X/EOxllRqaUj GDHIERjwhuktPQIHw4erzjagqSjMDtNMRiK0HKXJ8qtbzOaYBrNdc+DYD6jwbhlv SFzUgbEgeVMbMS6xUkpP/7T9IkhiJAE7k0EnzUgydsyzWyT/QaFkni9riQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH0awodm16lFv8onMqgQtPhLJWmVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE2NzczM2ZlLTZhYjEtNDQzZC1iYzdkLTcwMmE2YmZhNmRiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7UAwDQYJKoZIhvcNAQELBQADggEBAHLiTUPRny2GP8z/jPjk lUjJNigvW/pD6BVOnrEj9H5lED/fn3V9F8WrKg7hrO8whG13XxHsuFt8O5isoxqr PxjZwCGzVhWlnSIS7lX0lL8JW1M6DCnM5/lJMUfoYPSklzIajK/reJwuPUgDbmP5 S6x0jbTvA35Gq6HUZ71S8KrlRhhywUZuvEtxxwJXQ+fTAvv6eb8paMB0ObJShWfk BIPwLefWWb5lX3vNZ1f8d4eZhY9JdgWIM3tVaIAZ5CKjiBDCdgWjDXVsVD8b/Ijw edIjZadBMXwAeBA49Y0Jb6oItxnTtxbwDMDgWpHkyGZJ9R4qHxkNxpjBBO73hLxA QiQ= -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:09 2025 by rpki-client