$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa File: 19c2d4e6-f756-4329-8ef7-563420636cfb.roa (raw, json) Hash identifier: PCcZy/Pyp5vKN8q21fht/UR6oyb62B+m8iPzLsdwNDo= Subject key identifier: 4B:3A:85:4E:62:DF:DA:9D:35:5E:ED:E9:78:71:73:CE:5A:60:FB:63 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1C8AB07B670DA6DFCFFA5ABEE863CD26573E0975 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa Signing time: Sat 22 Mar 2025 00:01:03 +0000 ROA not before: Sat 22 Mar 2025 00:01:03 +0000 ROA not after: Sat 26 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:8a:b0:7b:67:0d:a6:df:cf:fa:5a:be:e8:63:cd:26:57:3e:09:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 22 00:01:03 2025 GMT Not After : Apr 26 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a6:df:57:0c:9a:61:6c:84:33:29:e3:7c:00: 98:fd:af:ed:df:72:46:4d:91:64:db:fa:10:fa:d0: c5:57:20:69:b4:04:3b:e4:eb:0c:48:d0:1d:7e:04: 3b:b1:36:30:cf:77:2b:8b:da:46:e9:7b:ed:db:e4: 2e:93:94:b9:ce:36:d8:f0:6f:98:17:af:3f:eb:7a: fd:3e:97:62:16:78:4b:72:68:ac:d1:93:44:df:f5: 49:31:1d:a1:a0:38:92:d5:a1:6a:41:09:9f:60:29: d8:7d:d8:ce:15:f7:25:6d:f2:cf:7b:2b:42:63:54: 2a:5b:33:48:b1:fe:1e:23:f6:81:a1:13:77:7d:45: 0e:22:9d:a8:28:84:b6:aa:65:75:d4:a3:7f:e7:0e: aa:84:fe:ce:f6:3c:d7:e9:94:ef:7c:ae:0f:b0:e4: d8:ef:26:82:d5:a1:ed:6f:19:95:4f:da:94:f5:ef: 93:2a:0a:ce:e4:64:98:d1:55:6e:75:57:01:28:7d: ed:9e:68:c2:3b:c8:7a:e0:95:e9:03:ba:4f:68:5c: 1a:b9:15:ba:25:cd:9e:5e:25:5d:e0:fc:ee:5d:77: 3d:9f:aa:b4:74:1e:d3:57:87:a8:40:ba:00:28:d7: b3:f5:48:91:25:06:62:ae:b9:4a:a3:55:f3:14:12: e9:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:3A:85:4E:62:DF:DA:9D:35:5E:ED:E9:78:71:73:CE:5A:60:FB:63 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:4000::/48 Signature Algorithm: sha256WithRSAEncryption 05:78:93:2f:92:21:6d:dc:95:7b:a3:98:f0:a9:e3:23:2f:87: 20:5a:7d:1a:3d:ba:ce:18:ac:0d:62:14:b3:ac:5e:42:50:4c: 33:f2:ae:9b:f8:88:04:84:24:47:56:d0:69:32:96:49:09:84: b6:71:d2:96:be:8b:ee:9c:ca:ce:ac:51:f2:b4:aa:2e:44:95: 9d:07:55:64:93:9b:43:ad:52:4c:97:82:da:e7:ed:91:f6:70: d5:9a:4c:b9:a0:98:a4:bd:74:0a:68:43:da:99:9f:75:56:69: 7a:ae:c1:ff:1d:ec:e5:cd:d6:3e:b0:c4:2c:3c:6b:1c:6a:67: 87:76:1f:fb:69:18:0f:3c:dc:d5:07:61:bc:ba:b9:8a:04:24: 2a:43:d1:5f:61:25:9d:d8:b1:73:44:d3:28:2d:ed:16:db:7c: 83:6c:c2:e8:fc:70:12:8a:66:9b:d1:50:78:5d:e6:b5:b7:29: 2f:b1:66:6b:41:be:67:8f:2d:69:44:26:59:71:4a:4a:d9:47: 2e:0b:e1:d7:99:6a:95:c3:4d:1a:30:74:a8:f8:ad:4d:37:77: d3:30:ce:78:bd:7e:ca:ad:df:a7:de:fa:e8:97:55:7b:fb:1f: 34:ce:a7:4a:d8:16:0c:85:17:d0:c3:ab:f5:49:bc:7b:22:da: 84:91:d5:9e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHIqwe2cNpt/P+lq+6GPNJlc+CXUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMjAwMDEwM1oX DTI1MDQyNjIzNTk1OVowejFJMEcGA1UEBRNAYTczZDZjM2YwZDJjYTFiOTA3ZWRh NmJhODRhZGExYWZlMTA5M2EyOTRhNDMxOTFkMzJhNjQ5ZGMxZjMwNWVkNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqbfVwyaYWyEMynjfACY/a/t33JG TZFk2/oQ+tDFVyBptAQ75OsMSNAdfgQ7sTYwz3cri9pG6Xvt2+Quk5S5zjbY8G+Y F68/63r9PpdiFnhLcmis0ZNE3/VJMR2hoDiS1aFqQQmfYCnYfdjOFfclbfLPeytC Y1QqWzNIsf4eI/aBoRN3fUUOIp2oKIS2qmV11KN/5w6qhP7O9jzX6ZTvfK4PsOTY 7yaC1aHtbxmVT9qU9e+TKgrO5GSY0VVudVcBKH3tnmjCO8h64JXpA7pPaFwauRW6 Jc2eXiVd4PzuXXc9n6q0dB7TV4eoQLoAKNez9UiRJQZirrlKo1XzFBLpzwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEs6hU5i39qdNV7t6Xhxc85aYPtjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE5YzJkNGU2LWY3NTYtNDMyOS04ZWY3LTU2MzQyMDYzNmNmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9kAAMA0GCSqGSIb3DQEBCwUAA4IBAQAFeJMvkiFt3JV7o5jw qeMjL4cgWn0aPbrOGKwNYhSzrF5CUEwz8q6b+IgEhCRHVtBpMpZJCYS2cdKWvovu nMrOrFHytKouRJWdB1Vkk5tDrVJMl4La5+2R9nDVmky5oJikvXQKaEPamZ91Vml6 rsH/HezlzdY+sMQsPGscameHdh/7aRgPPNzVB2G8urmKBCQqQ9FfYSWd2LFzRNMo Le0W23yDbMLo/HASimab0VB4Xea1tykvsWZrQb5njy1pRCZZcUpK2UcuC+HXmWqV w00aMHSo+K1NN3fTMM54vX7Krd+n3vrol1V7+x80zqdK2BYMhRfQw6v1Sbx7ItqE kdWe -----END CERTIFICATE-----Generated at Sat Apr 5 13:17:34 2025 by rpki-client