$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b96f1b3-5c7a-41a6-ac5b-116289fe143d.roa File: 1b96f1b3-5c7a-41a6-ac5b-116289fe143d.roa (raw, json) Hash identifier: 0mYI+eICAH27HEOiUsh8EdN61iWyUX90xHr5HxvszDs= Subject key identifier: C9:D8:BB:4B:CD:8C:CB:53:D8:CE:8C:DC:F3:EE:97:EB:0C:C8:13:0B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1130CBD079B765BC9B42E0A6B89FFB00B46B2C5A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b96f1b3-5c7a-41a6-ac5b-116289fe143d.roa Signing time: Fri 16 May 2025 00:50:02 +0000 ROA not before: Fri 16 May 2025 00:50:02 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:b080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:30:cb:d0:79:b7:65:bc:9b:42:e0:a6:b8:9f:fb:00:b4:6b:2c:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:50:02 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=1be18f0a5fdf73fcc98bd306ec8f3d238338111743695e2bc9fb8c136a81ad0c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:c0:d2:3a:f4:5f:75:04:04:8f:3b:47:85:4b: c7:c6:18:7d:5a:86:aa:55:f8:2a:c8:a7:ca:b5:e7: 1b:86:d9:2b:cf:c4:5c:76:52:47:8e:6e:f1:99:52: 88:21:ad:08:79:15:0e:b7:52:40:9b:3d:24:67:f8: 8f:d3:bf:06:b2:a1:1f:09:46:da:ab:ff:a6:ab:83: df:87:ba:d0:84:dd:ef:43:86:7c:b6:dd:ab:df:37: 17:f8:11:61:da:eb:03:40:df:4a:88:95:ea:cf:6d: 34:0f:ec:08:f5:d3:16:1a:d1:9a:5e:10:be:05:3e: 3c:a2:5f:85:27:1d:2c:34:81:1a:45:43:16:91:74: 3c:df:16:f6:d8:21:60:22:31:11:e2:23:8c:6f:a2: ce:d8:34:7f:6e:09:37:7e:50:d7:c8:06:7e:2c:df: 75:07:af:03:8a:87:b6:53:4e:d7:63:ad:11:22:85: 0b:73:01:44:63:d4:83:14:2c:cc:b0:05:ec:bd:16: 37:cd:df:e6:fe:4c:86:24:b3:44:66:20:cb:12:2d: ba:b4:1c:a7:8e:93:36:bc:78:19:38:44:5c:54:3f: f1:43:cb:4a:4d:01:87:bf:0b:19:e6:1d:12:14:14: 2c:d7:73:5e:f9:2e:52:a2:15:d9:fd:8e:ad:70:ea: 96:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:D8:BB:4B:CD:8C:CB:53:D8:CE:8C:DC:F3:EE:97:EB:0C:C8:13:0B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b96f1b3-5c7a-41a6-ac5b-116289fe143d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:b080::/46 Signature Algorithm: sha256WithRSAEncryption 6b:4d:13:c5:bc:2d:73:27:ad:99:17:04:e9:9a:71:6b:43:87: 72:9d:85:dc:bd:2e:d2:ac:33:99:8c:02:85:e6:11:4f:8d:08: 03:b2:58:c4:5e:fa:bf:97:dc:cb:16:0e:1e:4e:2d:a8:18:2f: d4:a7:ce:85:ee:44:2d:ca:b7:64:79:a0:63:e0:58:6e:28:16: 70:2c:85:5c:8f:27:0d:a2:a0:26:73:71:63:f8:9e:2a:62:db: 55:3a:3b:14:bf:a1:de:40:86:34:f4:bc:3c:c2:90:38:eb:ec: 2b:71:d3:5e:11:f5:90:3e:55:2b:92:5a:58:5b:96:fd:fa:1d: 86:70:84:b8:e4:24:d3:9b:c8:69:02:ea:e8:a7:31:cd:ae:cd: e1:b2:cc:e9:fd:a8:a2:35:89:97:ca:51:cf:92:89:86:e4:a9: 74:04:91:71:52:ff:c0:67:54:95:25:c5:e2:92:09:7b:17:f1: 14:e4:7c:25:3b:14:ec:f4:67:c1:da:e5:b9:2f:13:3b:56:a6: 5d:32:21:20:cc:cc:cd:76:94:15:27:0e:58:61:50:de:91:2f: 3d:90:40:7d:64:24:1d:16:1b:86:49:9a:8f:d2:9b:0c:5b:ca: cd:44:0e:92:51:03:14:6d:af:f9:07:9c:77:aa:e4:3a:6f:05: 74:39:7b:29 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUETDL0Hm3ZbybQuCmuJ/7ALRrLFowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNTAwMloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMWJlMThmMGE1ZmRmNzNmY2M5OGJk MzA2ZWM4ZjNkMjM4MzM4MTExNzQzNjk1ZTJiYzlmYjhjMTM2YTgxYWQwYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMDSOvRfdQQEjztHhUvHxhh9Woaq VfgqyKfKtecbhtkrz8RcdlJHjm7xmVKIIa0IeRUOt1JAmz0kZ/iP078GsqEfCUba q/+mq4Pfh7rQhN3vQ4Z8tt2r3zcX+BFh2usDQN9KiJXqz200D+wI9dMWGtGaXhC+ BT48ol+FJx0sNIEaRUMWkXQ83xb22CFgIjER4iOMb6LO2DR/bgk3flDXyAZ+LN91 B68Dioe2U07XY60RIoULcwFEY9SDFCzMsAXsvRY3zd/m/kyGJLNEZiDLEi26tByn jpM2vHgZOERcVD/xQ8tKTQGHvwsZ5h0SFBQs13Ne+S5SohXZ/Y6tcOqWNQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMnYu0vNjMtT2M6M3PPul+sMyBMLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiOTZmMWIzLTVjN2EtNDFhNi1hYzViLTExNjI4OWZlMTQzZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+7CAMA0GCSqGSIb3DQEBCwUAA4IBAQBrTRPFvC1zJ62ZFwTp mnFrQ4dynYXcvS7SrDOZjAKF5hFPjQgDsljEXvq/l9zLFg4eTi2oGC/Up86F7kQt yrdkeaBj4FhuKBZwLIVcjycNoqAmc3Fj+J4qYttVOjsUv6HeQIY09Lw8wpA46+wr cdNeEfWQPlUrklpYW5b9+h2GcIS45CTTm8hpAuropzHNrs3hsszp/aiiNYmXylHP komG5Kl0BJFxUv/AZ1SVJcXikgl7F/EU5HwlOxTs9GfB2uW5LxM7VqZdMiEgzMzN dpQVJw5YYVDekS89kEB9ZCQdFhuGSZqP0psMW8rNRA6SUQMUba/5B5x3quQ6bwV0 OXsp -----END CERTIFICATE-----Generated at Tue Jun 3 23:41:06 2025 by rpki-client