$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa File: 21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa (raw, json) Hash identifier: Lx+pGorCksz351617EY0liUML1pXW70wmJsOGJmNZY0= Subject key identifier: 80:3F:29:89:A0:C5:53:1D:BF:13:14:89:8C:91:7F:CA:AD:D3:BD:70 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5B44F2A6B440E5F62A9D3212BF97BE734273873E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa Signing time: Fri 16 May 2025 00:40:06 +0000 ROA not before: Fri 16 May 2025 00:40:06 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:f0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:44:f2:a6:b4:40:e5:f6:2a:9d:32:12:bf:97:be:73:42:73:87:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:40:06 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=58100e6e593ab361c8c5402963a0a0b81c04089c04d4bdd23b0ec1a0fcf248da, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:56:89:4b:8d:4e:8d:66:23:d4:7f:9e:0f:c6: be:63:5a:48:86:0a:f0:3e:9d:26:7a:75:1d:29:01: 54:2d:9e:ee:00:f8:63:9c:64:d1:1a:64:ef:f1:fc: b7:94:6e:a7:14:f4:eb:a2:f4:7a:85:85:4e:06:5c: 53:e5:dc:82:6c:10:ba:b1:70:d8:3f:bb:c4:d7:84: f4:76:3b:c5:e6:61:a7:d2:0f:2c:c4:fa:d2:62:63: c7:ce:ee:d0:ea:f3:fa:60:60:75:43:80:4e:a5:19: 91:fa:8b:29:14:ce:29:2d:14:ca:6f:ac:f7:aa:e2: 03:62:74:b7:f0:67:da:aa:96:e6:8f:4d:4a:f4:66: 8c:fd:36:52:98:63:59:c4:e1:c6:8a:54:75:db:8d: 7b:f0:df:41:21:5c:7f:39:00:f3:ec:bf:11:3e:a1: 10:30:e6:73:e9:2b:e6:bc:c2:ff:88:e8:7c:95:a0: 24:a9:76:ad:b3:c3:13:72:bc:1c:ce:6c:f5:92:1a: 58:41:99:3d:a0:1f:ec:66:89:e9:46:60:42:57:bb: 5a:82:86:21:a8:b6:5a:07:ec:47:49:5f:70:e5:0c: 8e:82:99:3a:b7:5d:4e:f2:ee:8f:0e:18:3a:e7:b6: da:49:f2:9b:c0:ed:0a:7c:77:57:a2:d9:9e:09:86: e7:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:3F:29:89:A0:C5:53:1D:BF:13:14:89:8C:91:7F:CA:AD:D3:BD:70 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:f0c0::/46 Signature Algorithm: sha256WithRSAEncryption 03:c9:0a:8f:11:c5:41:c1:fe:d5:a8:64:8f:fe:8a:96:34:1e: b9:4d:54:ec:cb:a7:07:43:35:9e:b1:09:63:4c:3d:18:62:3d: 3c:f6:1b:af:dd:0a:5d:74:10:6a:fc:b9:79:2e:59:3c:95:bd: 38:63:03:24:d2:7f:e9:da:7b:ed:2e:34:fc:ce:fe:0e:03:9e: 05:1f:d3:26:b2:e5:3d:2d:51:2b:ad:e5:d2:3c:ff:69:30:4f: db:ac:68:b9:b4:cc:77:5f:ef:00:5e:0b:0b:38:8e:bd:8e:c2: 19:f0:35:c3:5f:35:67:c0:97:aa:88:96:9c:8f:0a:9d:2f:c3: bd:97:f1:2c:31:15:f4:92:54:d4:b8:0c:ae:b9:10:54:71:f1: 28:fb:9e:27:4d:3f:08:0e:37:a4:8a:d8:9f:bb:27:a6:e9:81: c2:47:57:6d:80:55:16:57:4d:ac:e8:b0:f5:e0:b1:9b:9f:dd: 6d:77:45:5b:f4:27:31:4d:35:ff:44:64:a6:c9:47:0a:19:ed: 1e:86:77:96:23:2e:2c:dc:9b:a8:00:f3:5c:cf:8a:fc:2e:64: bd:88:3b:53:69:e2:cd:c2:78:7b:63:58:52:54:b0:de:56:b5: 8f:dd:ec:6e:e3:94:71:ab:fe:a7:ba:cd:eb:9e:8f:47:ae:a6: eb:ce:15:2c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUW0TyprRA5fYqnTISv5e+c0Jzhz4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNDAwNloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANTgxMDBlNmU1OTNhYjM2MWM4YzU0 MDI5NjNhMGEwYjgxYzA0MDg5YzA0ZDRiZGQyM2IwZWMxYTBmY2YyNDhkYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1aJS41OjWYj1H+eD8a+Y1pIhgrw Pp0menUdKQFULZ7uAPhjnGTRGmTv8fy3lG6nFPTrovR6hYVOBlxT5dyCbBC6sXDY P7vE14T0djvF5mGn0g8sxPrSYmPHzu7Q6vP6YGB1Q4BOpRmR+ospFM4pLRTKb6z3 quIDYnS38Gfaqpbmj01K9GaM/TZSmGNZxOHGilR124178N9BIVx/OQDz7L8RPqEQ MOZz6SvmvML/iOh8laAkqXats8MTcrwczmz1khpYQZk9oB/sZonpRmBCV7tagoYh qLZaB+xHSV9w5QyOgpk6t11O8u6PDhg657baSfKbwO0KfHdXotmeCYbnDQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIA/KYmgxVMdvxMUiYyRf8qt071wMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIxYzA4YzVkLTBlZjYtNGFhZS1iNDEwLWJmZjJiN2RjNGQ5NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba9/DAMA0GCSqGSIb3DQEBCwUAA4IBAQADyQqPEcVBwf7VqGSP /oqWNB65TVTsy6cHQzWesQljTD0YYj089huv3QpddBBq/Ll5Llk8lb04YwMk0n/p 2nvtLjT8zv4OA54FH9MmsuU9LVErreXSPP9pME/brGi5tMx3X+8AXgsLOI69jsIZ 8DXDXzVnwJeqiJacjwqdL8O9l/EsMRX0klTUuAyuuRBUcfEo+54nTT8IDjekitif uyem6YHCR1dtgFUWV02s6LD14LGbn91td0Vb9CcxTTX/RGSmyUcKGe0ehneWIy4s 3JuoAPNcz4r8LmS9iDtTaeLNwnh7Y1hSVLDeVrWP3exu45Rxq/6nus3rno9Hrqbr zhUs -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:20 2025 by rpki-client