$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa File: 24d9e029-97cb-43ac-a07a-cb219c1b416c.roa (raw, json) Hash identifier: EjYC/kMbnrCnwGppkxE1LMyu5yZwqbTV1IxC/wlxcQY= Subject key identifier: 7F:F9:09:59:6E:D7:DD:26:3E:2F:3A:3B:B4:D3:AF:AE:BA:F9:59:E0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0CA1EEA3AB69B93E5DD087C986523C1B87B57434 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa Signing time: Wed 14 May 2025 00:21:44 +0000 ROA not before: Wed 14 May 2025 00:21:44 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:a1:ee:a3:ab:69:b9:3e:5d:d0:87:c9:86:52:3c:1b:87:b5:74:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:21:44 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=2fe82674bdb6cba9ed14439384e5ead2fa7560af78c0fcb642e3b60db88e508c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ff:8d:eb:48:3f:a9:08:a3:f1:7e:04:08:a4: 5f:38:c5:84:e0:34:7f:41:53:ce:76:e4:b9:96:9f: 2e:89:94:c7:91:75:b2:6b:a4:9f:0c:d9:66:c9:d7: 68:dc:cf:04:c9:29:b0:c0:96:31:9b:8d:42:d4:59: 5e:cb:f4:23:7b:55:83:b9:be:93:f8:18:5e:c5:13: 59:a6:aa:a5:39:bc:14:d5:66:5b:ee:e0:18:1f:da: 5d:0a:61:6a:c3:b7:2f:44:20:2d:76:48:7f:d7:9a: 79:e8:15:85:93:7a:aa:39:ac:63:d6:49:c0:b6:55: 40:cc:58:2c:f9:70:aa:3a:03:e7:c5:ed:b2:21:0e: 34:64:55:63:6f:32:1e:88:57:ca:01:54:9e:ca:34: 6f:84:dd:46:8b:5c:7c:89:f6:7e:39:5f:36:c1:73: e8:98:a9:01:de:04:13:02:0f:e5:b5:6d:46:6b:56: cf:69:d5:a0:a7:89:bd:64:0b:8b:89:73:3a:6a:d6: 62:f1:21:36:8d:da:54:62:67:dc:15:29:de:b6:34: 04:8d:de:53:e2:38:00:5d:20:fc:5a:c0:77:51:57: 0b:f4:03:25:f2:10:99:1a:54:41:13:84:40:89:eb: dd:bf:65:7d:1d:55:42:16:8f:38:9d:9b:fe:86:a4: ab:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:F9:09:59:6E:D7:DD:26:3E:2F:3A:3B:B4:D3:AF:AE:BA:F9:59:E0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:e000::/40 Signature Algorithm: sha256WithRSAEncryption 4a:ed:0f:43:8b:bc:b1:9e:a5:62:ac:05:71:16:e3:4e:90:13: 29:9c:99:93:b1:6f:22:29:31:6d:0d:23:8e:c1:a3:12:12:ec: 68:52:06:b3:f5:60:61:8a:af:03:b5:9a:7a:97:a7:e8:e9:f8: 08:68:d3:0e:13:9c:a1:78:0a:73:82:5e:90:b1:da:f2:e8:4b: b4:fe:f1:b3:f2:67:8e:b6:3b:27:74:21:8f:88:40:76:71:bf: ee:26:33:bb:0e:c8:bb:c0:69:f4:99:02:a2:b3:0b:62:4d:01: 64:a0:f2:85:47:ac:b1:a8:ff:98:c2:23:83:52:4c:5f:f0:4b: fa:7f:dd:01:fa:f4:43:f9:dc:ad:a6:17:dd:ae:b2:3a:58:61: d3:50:e9:fc:33:a9:58:86:b1:8c:a4:bd:99:a2:7c:a9:99:ed: ed:bd:4d:47:f4:bd:c0:cd:f2:22:17:c5:8b:3b:61:17:8a:71: 97:9f:e5:ed:93:3a:e5:6d:c2:46:1c:a9:eb:0c:b1:99:b2:fa: 2f:19:ce:2f:23:cd:f9:8e:10:76:06:10:54:8c:b6:ff:55:ba: 3c:7c:5d:f4:fd:c2:b1:fc:81:4f:05:37:39:c2:7d:6e:09:bc: c6:2c:6a:e2:a9:5d:5d:76:d2:da:0c:27:b7:01:88:3c:d2:38: cf:b3:cf:2b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDKHuo6tpuT5d0IfJhlI8G4e1dDQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMjE0NFoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAMmZlODI2NzRiZGI2Y2JhOWVkMTQ0 MzkzODRlNWVhZDJmYTc1NjBhZjc4YzBmY2I2NDJlM2I2MGRiODhlNTA4YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxP+N60g/qQij8X4ECKRfOMWE4DR/ QVPOduS5lp8uiZTHkXWya6SfDNlmyddo3M8EySmwwJYxm41C1Fley/Qje1WDub6T +BhexRNZpqqlObwU1WZb7uAYH9pdCmFqw7cvRCAtdkh/15p56BWFk3qqOaxj1knA tlVAzFgs+XCqOgPnxe2yIQ40ZFVjbzIeiFfKAVSeyjRvhN1Gi1x8ifZ+OV82wXPo mKkB3gQTAg/ltW1Ga1bPadWgp4m9ZAuLiXM6atZi8SE2jdpUYmfcFSnetjQEjd5T 4jgAXSD8WsB3UVcL9AMl8hCZGlRBE4RAievdv2V9HVVCFo84nZv+hqSrFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH/5CVlu190mPi86O7TTr666+VngMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0ZDllMDI5LTk3Y2ItNDNhYy1hMDdhLWNiMjE5YzFiNDE2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYeAwDQYJKoZIhvcNAQELBQADggEBAErtD0OLvLGepWKsBXEW 406QEymcmZOxbyIpMW0NI47BoxIS7GhSBrP1YGGKrwO1mnqXp+jp+Aho0w4TnKF4 CnOCXpCx2vLoS7T+8bPyZ462Oyd0IY+IQHZxv+4mM7sOyLvAafSZAqKzC2JNAWSg 8oVHrLGo/5jCI4NSTF/wS/p/3QH69EP53K2mF92usjpYYdNQ6fwzqViGsYykvZmi fKmZ7e29TUf0vcDN8iIXxYs7YReKcZef5e2TOuVtwkYcqesMsZmy+i8Zzi8jzfmO EHYGEFSMtv9Vujx8XfT9wrH8gU8FNznCfW4JvMYsauKpXV120toMJ7cBiDzSOM+z zys= -----END CERTIFICATE-----Generated at Tue Jun 3 23:38:54 2025 by rpki-client