$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dcd175c-d836-48eb-86d0-63d1c2f1c6d3.roa File: 2dcd175c-d836-48eb-86d0-63d1c2f1c6d3.roa (raw, json) Hash identifier: XFw5eRPBic597+uEUehS8j78KSst5WUWzJIwg7uVUz8= Subject key identifier: ED:B9:1C:45:FC:64:E7:8E:DD:D2:B5:D8:62:DA:4F:35:1D:4D:0C:01 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 287C3406B9DDF49DAE798357D0BE66F836C37883 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dcd175c-d836-48eb-86d0-63d1c2f1c6d3.roa Signing time: Fri 16 May 2025 00:11:17 +0000 ROA not before: Fri 16 May 2025 00:11:17 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:48c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:7c:34:06:b9:dd:f4:9d:ae:79:83:57:d0:be:66:f8:36:c3:78:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:11:17 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=da47029be5f18f27f722b3d8ad7a302f4f5d9e96ad6eb2157e8ad6b4e5b9b50e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5c:14:a6:37:55:00:be:1c:31:a1:22:57:1e: c8:77:0a:87:aa:cb:ca:a7:00:fb:c1:f9:a2:ad:48: aa:5e:6f:48:e2:66:90:48:3d:51:a1:15:02:a5:dc: 6e:ad:a4:59:7e:c0:d5:f3:ca:52:30:31:da:5d:c0: 3f:80:fa:95:46:bf:aa:63:51:94:62:a8:02:71:02: d7:93:f0:63:6e:4b:22:66:92:2b:a8:d1:2f:3c:13: ea:3f:34:25:c6:c8:82:52:4a:5e:29:0c:ba:b9:b4: 15:fd:1e:a0:01:9c:8c:ac:47:bc:56:f5:46:fd:3c: fe:42:49:b2:6e:71:19:f8:4c:0f:16:2e:6e:2f:6c: 07:64:bf:c6:96:09:aa:d7:9c:50:2e:d0:04:bf:f3: 24:f1:35:47:78:cb:54:67:14:a2:0d:dd:88:58:b1: d4:01:16:e5:f8:46:ac:1e:6e:1a:1b:4a:3f:95:cd: c1:0a:28:7a:e6:ef:07:da:ca:7e:26:03:6e:4f:3f: fc:f7:1d:e6:6f:02:67:06:80:2f:50:47:b4:59:9d: 07:66:c7:f7:ab:2f:09:94:2b:75:0b:f4:86:35:dd: 7c:85:51:93:8e:34:95:06:f3:a6:f8:48:67:4f:6e: 69:f6:4b:d2:a2:d4:5b:94:a3:47:67:d7:74:88:5f: 60:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:B9:1C:45:FC:64:E7:8E:DD:D2:B5:D8:62:DA:4F:35:1D:4D:0C:01 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dcd175c-d836-48eb-86d0-63d1c2f1c6d3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:48c0::/46 Signature Algorithm: sha256WithRSAEncryption 80:e7:11:d2:ba:8e:77:89:68:e6:a1:93:f8:a8:40:19:60:19: 7a:ec:00:36:c7:21:0f:08:6e:71:97:fa:27:42:0e:01:5e:71: 8e:df:d5:12:36:65:57:b8:d2:0c:cf:ea:80:ce:d4:7f:25:a2: 0c:cf:b1:d2:cd:9c:b9:8f:60:c8:0f:ff:a5:25:37:69:71:5d: 77:cc:8b:86:16:2b:12:64:8a:14:b7:f0:97:95:0e:c2:6b:79: 30:c1:9f:54:b4:53:3b:ce:b1:3e:e7:a8:26:50:a6:ec:37:a5: dc:26:8e:e1:50:7f:c5:2d:14:1c:bc:99:4b:74:a7:1f:58:43: b9:14:c9:82:fa:b5:29:b0:b5:20:74:53:88:59:a2:c7:04:4e: 89:43:ed:05:3e:68:81:0a:4d:30:c7:4e:e8:d0:7c:54:f2:82: da:01:91:22:93:4a:5b:77:f0:be:d4:12:b2:b5:30:df:ab:57: 3e:c4:6a:90:1c:19:93:51:2e:24:02:55:7a:88:52:25:81:ec: bd:b9:75:8b:2c:40:87:f7:73:91:f3:47:b4:68:eb:ac:6e:b7: e6:ae:a6:c9:ac:82:29:55:89:c2:b0:84:9d:6e:93:9d:7a:f2: 4b:07:a8:2c:9b:11:cb:64:24:24:5b:a4:ae:e2:d2:c7:31:16: 4a:4f:5f:2d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKHw0Brnd9J2ueYNX0L5m+DbDeIMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMTExN1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZGE0NzAyOWJlNWYxOGYyN2Y3MjJi M2Q4YWQ3YTMwMmY0ZjVkOWU5NmFkNmViMjE1N2U4YWQ2YjRlNWI5YjUwZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1wUpjdVAL4cMaEiVx7IdwqHqsvK pwD7wfmirUiqXm9I4maQSD1RoRUCpdxuraRZfsDV88pSMDHaXcA/gPqVRr+qY1GU YqgCcQLXk/BjbksiZpIrqNEvPBPqPzQlxsiCUkpeKQy6ubQV/R6gAZyMrEe8VvVG /Tz+QkmybnEZ+EwPFi5uL2wHZL/Glgmq15xQLtAEv/Mk8TVHeMtUZxSiDd2IWLHU ARbl+EasHm4aG0o/lc3BCih65u8H2sp+JgNuTz/89x3mbwJnBoAvUEe0WZ0HZsf3 qy8JlCt1C/SGNd18hVGTjjSVBvOm+EhnT25p9kvSotRblKNHZ9d0iF9gxQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFO25HEX8ZOeO3dK12GLaTzUdTQwBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkY2QxNzVjLWQ4MzYtNDhlYi04NmQwLTYzZDFjMmYxYzZkMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+0jAMA0GCSqGSIb3DQEBCwUAA4IBAQCA5xHSuo53iWjmoZP4 qEAZYBl67AA2xyEPCG5xl/onQg4BXnGO39USNmVXuNIMz+qAztR/JaIMz7HSzZy5 j2DID/+lJTdpcV13zIuGFisSZIoUt/CXlQ7Ca3kwwZ9UtFM7zrE+56gmUKbsN6Xc Jo7hUH/FLRQcvJlLdKcfWEO5FMmC+rUpsLUgdFOIWaLHBE6JQ+0FPmiBCk0wx07o 0HxU8oLaAZEik0pbd/C+1BKytTDfq1c+xGqQHBmTUS4kAlV6iFIlgey9uXWLLECH 93OR80e0aOusbrfmrqbJrIIpVYnCsISdbpOdevJLB6gsmxHLZCQkW6Su4tLHMRZK T18t -----END CERTIFICATE-----Generated at Tue Jun 3 23:14:44 2025 by rpki-client