$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3132158f-89b9-4064-adce-f249f4489521.roa File: 3132158f-89b9-4064-adce-f249f4489521.roa (raw, json) Hash identifier: cQnDpPzvfhqQX7Dc7l16Wi/+89gZFSU02qeY+3iArDc= Subject key identifier: C5:F0:F0:93:FE:A2:91:4F:3E:13:7A:EC:CC:57:FC:B0:64:5B:EE:CB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 33BD2A57D8B94AD5971BC529FC77957715E9C126 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3132158f-89b9-4064-adce-f249f4489521.roa Signing time: Sat 10 May 2025 00:01:42 +0000 ROA not before: Sat 10 May 2025 00:01:42 +0000 ROA not after: Sat 14 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:bd:2a:57:d8:b9:4a:d5:97:1b:c5:29:fc:77:95:77:15:e9:c1:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 10 00:01:42 2025 GMT Not After : Jun 14 23:59:59 2025 GMT Subject: serialNumber=4abd1d651f5a9bbfc621bbad9c254a064f1fb55be70b2a84800803ca9111286d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:fd:37:6e:c1:da:b6:26:b6:b6:da:de:ec:5c: cd:0e:cd:c4:8e:57:ec:a2:d6:5e:a2:7d:37:aa:2d: f4:d9:5b:0d:d7:25:d7:90:78:05:ed:9c:e9:7a:8d: 7a:79:94:a4:86:77:b8:46:88:a8:98:42:0e:7e:6f: 00:08:41:ac:0a:dc:4d:cc:9d:ca:45:dc:88:a8:ad: 17:b7:cd:68:ee:94:6f:53:68:4b:5a:16:ee:57:22: f1:33:0d:28:a4:d9:a6:de:91:ad:29:79:73:92:86: 2b:99:b9:f0:df:73:b1:ed:a4:d1:1a:95:5a:d3:96: 8d:07:ee:04:ec:74:c0:ae:69:e8:b5:a8:83:6b:18: a4:bc:dd:fa:17:c7:2f:e6:32:f1:4b:ce:e7:35:4e: 2b:45:6d:d5:ac:8e:51:04:50:73:86:a3:b9:3b:b1: f3:6a:99:2b:73:90:e1:46:19:f2:96:fb:62:e6:cf: ca:12:ac:d9:a4:57:c2:65:e1:5c:11:b1:48:d6:ba: f1:24:a9:df:8f:8d:1f:09:71:14:9f:61:b5:22:f3: e8:ef:f8:fb:2b:e9:b2:c5:6f:a4:31:47:ec:86:a3: f9:bb:24:f1:43:aa:1b:d4:b6:dc:a1:34:c4:7c:e7: 99:7b:f9:15:f6:d9:8c:e1:33:27:eb:b5:cd:66:fa: 49:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F0:F0:93:FE:A2:91:4F:3E:13:7A:EC:CC:57:FC:B0:64:5B:EE:CB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3132158f-89b9-4064-adce-f249f4489521.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:2800::/40 Signature Algorithm: sha256WithRSAEncryption 6a:db:15:71:c7:84:be:b8:83:a1:1f:4e:3c:1c:c5:4d:34:18: 35:f5:c7:6d:5b:80:47:7a:1e:e7:59:59:7e:29:ad:52:c9:3a: 6e:bb:a8:a7:3e:ed:f6:25:01:e2:06:62:54:4f:e2:b4:b1:03: 55:7e:23:3e:bb:9a:ac:c0:2d:39:22:71:79:9c:9c:61:03:03: b2:e6:eb:f7:c8:ee:74:90:9b:a2:6b:94:33:ff:e8:2f:b7:cc: 38:42:06:18:f0:a2:52:53:f2:80:8f:4f:18:d5:a6:fa:94:7e: 24:d2:b9:2c:62:77:0b:18:32:33:9e:79:f7:46:05:96:0c:d3: 36:31:04:47:29:61:d4:e8:d1:60:73:81:24:da:24:03:2d:2b: 66:c3:82:21:35:60:8a:05:f7:23:5d:b8:b3:93:98:57:55:0f: ac:85:84:d7:af:c1:23:df:1a:b5:c3:2d:66:59:f4:13:dc:02: 52:08:79:4e:d8:2f:76:4f:0b:72:d4:59:fa:98:d3:60:ae:88: 28:a9:82:7b:af:15:db:4c:c0:be:4e:c1:e2:6e:e2:2a:05:56: b6:fa:bb:5b:e3:2c:12:be:f0:52:a5:2f:4d:3d:98:fe:92:61: 19:9d:4e:5c:00:ea:45:56:b6:a0:59:b5:0d:fb:e7:7b:c2:62: 62:c4:48:5d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM70qV9i5StWXG8Up/HeVdxXpwSYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMDAwMDE0MloX DTI1MDYxNDIzNTk1OVowejFJMEcGA1UEBRNANGFiZDFkNjUxZjVhOWJiZmM2MjFi YmFkOWMyNTRhMDY0ZjFmYjU1YmU3MGIyYTg0ODAwODAzY2E5MTExMjg2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1f03bsHatia2ttre7FzNDs3Ejlfs otZeon03qi302VsN1yXXkHgF7Zzpeo16eZSkhne4RoiomEIOfm8ACEGsCtxNzJ3K RdyIqK0Xt81o7pRvU2hLWhbuVyLxMw0opNmm3pGtKXlzkoYrmbnw33Ox7aTRGpVa 05aNB+4E7HTArmnotaiDaxikvN36F8cv5jLxS87nNU4rRW3VrI5RBFBzhqO5O7Hz apkrc5DhRhnylvti5s/KEqzZpFfCZeFcEbFI1rrxJKnfj40fCXEUn2G1IvPo7/j7 K+myxW+kMUfshqP5uyTxQ6ob1LbcoTTEfOeZe/kV9tmM4TMn67XNZvpJtQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMXw8JP+opFPPhN67MxX/LBkW+7LMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMxMzIxNThmLTg5YjktNDA2NC1hZGNlLWYyNDlmNDQ4OTUyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYCgwDQYJKoZIhvcNAQELBQADggEBAGrbFXHHhL64g6EfTjwc xU00GDX1x21bgEd6HudZWX4prVLJOm67qKc+7fYlAeIGYlRP4rSxA1V+Iz67mqzA LTkicXmcnGEDA7Lm6/fI7nSQm6JrlDP/6C+3zDhCBhjwolJT8oCPTxjVpvqUfiTS uSxidwsYMjOeefdGBZYM0zYxBEcpYdTo0WBzgSTaJAMtK2bDgiE1YIoF9yNduLOT mFdVD6yFhNevwSPfGrXDLWZZ9BPcAlIIeU7YL3ZPC3LUWfqY02CuiCipgnuvFdtM wL5OweJu4ioFVrb6u1vjLBK+8FKlL009mP6SYRmdTlwA6kVWtqBZtQ3753vCYmLE SF0= -----END CERTIFICATE-----Generated at Mon Jun 2 06:28:45 2025 by rpki-client