$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b37db1b-9168-4013-90fd-5f16557b73d7.roa File: 1b37db1b-9168-4013-90fd-5f16557b73d7.roa (raw, json) Hash identifier: eqGmSaWmzGrBZTJkVfqcz5LAm2QhwoJmEYOSrhZXvFc= Subject key identifier: 19:41:5E:A4:0B:F8:90:0F:21:2E:A4:C4:99:92:78:18:05:B1:FD:A4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 38BE98F6DA978F07223687178F9CC50047CA3FEF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b37db1b-9168-4013-90fd-5f16557b73d7.roa Signing time: Mon 17 Mar 2025 15:00:19 +0000 ROA not before: Mon 17 Mar 2025 15:00:19 +0000 ROA not after: Mon 21 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:be:98:f6:da:97:8f:07:22:36:87:17:8f:9c:c5:00:47:ca:3f:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 17 15:00:19 2025 GMT Not After : Apr 21 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c0:9f:4a:f7:83:56:73:c8:b6:46:95:a3:7b: e1:08:43:e3:5c:dc:35:b8:7d:7c:44:83:33:44:1d: 2f:bc:b4:5e:e5:08:d9:9d:dc:fe:ea:8f:ce:61:5e: a1:4b:e0:43:36:98:d3:70:02:54:06:fd:4c:b4:b3: 88:1d:27:59:7c:ef:c2:79:6a:f5:eb:5c:02:28:fb: 1c:7c:20:48:3a:40:60:bb:49:44:04:0c:a5:7f:a7: 8c:db:24:24:f6:ad:d6:bb:5b:79:13:6a:5a:65:fc: 8f:bc:5f:1b:e4:34:f6:13:95:d7:08:19:26:e7:49: ca:76:cf:79:58:21:46:0d:ed:6a:14:69:16:a8:37: e9:a7:26:a4:dc:07:5c:bc:0a:dc:31:87:3f:87:fe: f2:44:6e:4f:5f:13:af:d8:a0:81:3b:4c:28:84:44: b5:3b:56:52:82:bc:f0:4a:e8:a8:7a:a3:97:46:b7: dd:a6:d9:a3:06:5b:ce:e1:92:86:1b:e7:5d:4e:e6: 5d:97:1a:7a:22:3e:3f:06:e0:b8:ad:19:1e:86:51: 8d:68:7d:7b:5e:e1:7f:91:6d:a7:67:fb:a6:dd:5a: e2:07:d1:1c:d0:d3:df:d1:84:99:5c:d4:0a:9c:6b: d6:61:d2:93:14:af:6b:a7:32:4f:71:0e:91:31:0b: 71:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:41:5E:A4:0B:F8:90:0F:21:2E:A4:C4:99:92:78:18:05:B1:FD:A4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b37db1b-9168-4013-90fd-5f16557b73d7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:1000::/40 Signature Algorithm: sha256WithRSAEncryption ba:cc:e8:2e:7f:d9:d6:d0:33:a6:9b:6e:d2:38:3d:6f:7e:f1: 5a:48:ab:50:49:b6:6f:4c:fe:fb:df:e7:84:90:ab:1a:ed:fe: 83:8e:53:7a:0e:1b:a9:9d:14:e8:57:38:cb:50:91:a6:f2:57: fc:88:3a:0e:7d:14:d2:ea:9c:31:30:06:31:c2:dc:25:55:ff: 01:0a:af:ea:58:bc:07:1f:cf:54:2e:17:5e:e1:58:65:61:f6: ab:eb:74:3e:76:0a:6f:3c:24:31:cb:4f:80:a7:3c:00:3f:cc: 34:79:d9:5d:d5:77:a2:41:80:7b:f1:64:e1:0c:a6:53:68:ff: 21:34:8a:c4:35:8c:81:13:f7:63:16:2f:96:3c:47:e2:d0:5b: 56:17:c7:aa:7c:b0:3f:96:aa:55:67:3f:44:09:06:a3:df:05: e4:a9:84:98:23:fc:96:e1:b7:e1:8b:e5:7e:ba:f0:6a:74:ef: 3e:d4:29:f7:55:6a:52:f9:54:6d:ca:ab:95:11:1a:a7:86:bd: 64:de:fc:67:f5:c6:fa:60:6a:f2:e6:05:bb:c0:11:53:0f:25: 7c:5c:83:d3:e2:96:6c:52:7e:94:1d:14:ca:c0:45:a2:97:49: 3f:1c:61:9a:ad:44:f6:a2:df:36:d5:55:47:cc:98:23:4e:f1: d4:8d:eb:d9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOL6Y9tqXjwciNocXj5zFAEfKP+8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxNzE1MDAxOVoX DTI1MDQyMTIzNTk1OVowejFJMEcGA1UEBRNAZTQ3NTU5NmVjNjI4OGUzNmZmMmIw MmJmMDBkMjIwMGJlZDk2MmNjNTU0M2ZkNmIzZTE1YWE5YzVhM2E3NDlkMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMCfSveDVnPItkaVo3vhCEPjXNw1 uH18RIMzRB0vvLRe5QjZndz+6o/OYV6hS+BDNpjTcAJUBv1MtLOIHSdZfO/CeWr1 61wCKPscfCBIOkBgu0lEBAylf6eM2yQk9q3Wu1t5E2paZfyPvF8b5DT2E5XXCBkm 50nKds95WCFGDe1qFGkWqDfppyak3AdcvArcMYc/h/7yRG5PXxOv2KCBO0wohES1 O1ZSgrzwSuioeqOXRrfdptmjBlvO4ZKGG+ddTuZdlxp6Ij4/BuC4rRkehlGNaH17 XuF/kW2nZ/um3VriB9Ec0NPf0YSZXNQKnGvWYdKTFK9rpzJPcQ6RMQtxXQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBlBXqQL+JAPIS6kxJmSeBgFsf2kMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiMzdkYjFiLTkxNjgtNDAxMy05MGZkLTVmMTY1NTdiNzNkNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9RAwDQYJKoZIhvcNAQELBQADggEBALrM6C5/2dbQM6abbtI4 PW9+8VpIq1BJtm9M/vvf54SQqxrt/oOOU3oOG6mdFOhXOMtQkabyV/yIOg59FNLq nDEwBjHC3CVV/wEKr+pYvAcfz1QuF17hWGVh9qvrdD52Cm88JDHLT4CnPAA/zDR5 2V3Vd6JBgHvxZOEMplNo/yE0isQ1jIET92MWL5Y8R+LQW1YXx6p8sD+WqlVnP0QJ BqPfBeSphJgj/Jbht+GL5X668Gp07z7UKfdValL5VG3Kq5URGqeGvWTe/Gf1xvpg avLmBbvAEVMPJXxcg9PilmxSfpQdFMrARaKXST8cYZqtRPai3zbVVUfMmCNO8dSN 69k= -----END CERTIFICATE-----Generated at Sat Apr 5 11:08:35 2025 by rpki-client