$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa File: 3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa (raw, json) Hash identifier: NDiAphvU94OQKJFu/vC/dnyEY+kIgE3168kZYAuinmM= Subject key identifier: B2:AA:EF:C4:8B:E3:22:FE:7F:BF:9D:C0:68:E8:B0:ED:E2:24:D3:41 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 187A91795C45512C61B8720AE069E18A1ED30FCC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa Signing time: Wed 14 May 2025 00:50:16 +0000 ROA not before: Wed 14 May 2025 00:50:16 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:7a:91:79:5c:45:51:2c:61:b8:72:0a:e0:69:e1:8a:1e:d3:0f:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:50:16 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=5163b9a5733d522d31bd944e82b050d89aa8e908b5cd13ec844fe977d699a455, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d7:92:ef:ff:bd:38:63:7e:00:30:10:69:33: 6d:4d:77:50:ab:3f:55:07:af:67:7c:6d:8d:90:0c: 4e:e6:ff:24:87:2b:57:0a:e0:43:95:7d:f2:bf:e5: 39:ef:96:13:5e:d5:13:35:42:c7:ac:e1:6b:ad:81: d6:79:a7:09:c6:37:c5:0e:49:4f:dd:fd:7a:0b:28: 5f:9d:52:52:22:51:62:02:05:e2:4c:50:62:1e:a6: 64:56:ec:df:24:9b:cc:46:88:3d:b7:d4:ce:47:2f: 3a:5b:bb:a9:58:e5:ac:d4:80:82:5e:b9:0c:67:9f: ba:3a:fd:2a:30:ff:f9:6d:d9:00:03:25:db:90:db: c7:51:8b:3a:cb:d1:b2:d7:3f:95:25:8d:88:d8:92: c9:05:6a:62:05:a5:07:06:56:da:79:d3:e0:aa:65: 2d:a6:59:87:1e:eb:ae:e3:20:8e:5f:c8:97:c1:b6: 26:21:44:51:c9:e0:be:2c:6a:18:ce:2b:18:e6:8c: e3:14:bd:a8:5d:0a:fa:d0:87:ff:ec:e9:1f:76:29: 1c:72:1a:5a:b8:5f:3b:4a:3d:1c:0d:dd:e6:e7:d0: 3f:6b:7d:da:9e:9b:5b:e2:82:fc:6c:e1:6f:b9:92: 31:dd:61:48:76:e7:80:a9:f1:b4:3d:d2:74:fe:13: f1:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:AA:EF:C4:8B:E3:22:FE:7F:BF:9D:C0:68:E8:B0:ED:E2:24:D3:41 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c880::/48 Signature Algorithm: sha256WithRSAEncryption 1f:2d:ef:79:8f:4b:6a:b4:6f:c6:ac:a7:61:80:2a:f4:ea:9a: 08:e1:5b:97:23:b5:2a:3c:7f:03:ab:43:3c:51:b1:47:84:6b: b5:73:d6:3c:64:00:fa:7b:c0:99:b2:bf:00:72:75:f8:7f:e5: 2d:54:88:b3:6f:c4:6e:20:3c:fd:a0:40:51:ca:fd:21:0f:44: 14:1b:a0:03:77:12:4c:80:8c:48:f4:c6:df:1d:49:8d:bf:04: 7d:ac:b9:74:47:6b:4d:8b:fc:c1:b9:c9:72:91:ef:38:50:00: 76:a5:cd:3a:29:1e:21:58:f6:7f:16:f8:15:24:5e:cb:84:dd: a4:10:b4:d8:7f:d8:8d:49:cf:f1:96:97:e3:63:52:3d:c1:28: d9:b1:72:e6:0a:33:70:97:71:4b:a4:ff:ce:2a:a2:ee:5a:94: 56:ed:81:3f:cc:a3:ea:9e:c9:af:70:bb:c5:aa:1e:12:f0:2d: a4:b2:e9:f1:0c:66:92:d4:c5:08:6c:fc:b9:22:10:db:9c:f2: c4:91:df:0b:91:ce:07:23:f4:e3:23:4e:a8:7e:df:d9:6a:8e: f2:1d:a4:2e:ce:8f:6f:38:03:82:8d:96:ce:0e:52:c1:85:aa: d7:39:43:61:13:af:a3:b6:6c:9c:f3:e5:2d:ef:ff:84:cb:e7: f3:dd:c9:f5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGHqReVxFUSxhuHIK4Gnhih7TD8wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwNTAxNloX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNANTE2M2I5YTU3MzNkNTIyZDMxYmQ5 NDRlODJiMDUwZDg5YWE4ZTkwOGI1Y2QxM2VjODQ0ZmU5NzdkNjk5YTQ1NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdeS7/+9OGN+ADAQaTNtTXdQqz9V B69nfG2NkAxO5v8khytXCuBDlX3yv+U575YTXtUTNULHrOFrrYHWeacJxjfFDklP 3f16CyhfnVJSIlFiAgXiTFBiHqZkVuzfJJvMRog9t9TORy86W7upWOWs1ICCXrkM Z5+6Ov0qMP/5bdkAAyXbkNvHUYs6y9Gy1z+VJY2I2JLJBWpiBaUHBlbaedPgqmUt plmHHuuu4yCOX8iXwbYmIURRyeC+LGoYzisY5ozjFL2oXQr60If/7Okfdikcchpa uF87Sj0cDd3m59A/a33anptb4oL8bOFvuZIx3WFIdueAqfG0PdJ0/hPxtQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLKq78SL4yL+f7+dwGjosO3iJNNBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhNmYwMWYxLWJjNWItNDczZC1hMTJmLTdmMGZmZWQ1ZjRmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8siAMA0GCSqGSIb3DQEBCwUAA4IBAQAfLe95j0tqtG/GrKdh gCr06poI4VuXI7UqPH8Dq0M8UbFHhGu1c9Y8ZAD6e8CZsr8AcnX4f+UtVIizb8Ru IDz9oEBRyv0hD0QUG6ADdxJMgIxI9MbfHUmNvwR9rLl0R2tNi/zBuclyke84UAB2 pc06KR4hWPZ/FvgVJF7LhN2kELTYf9iNSc/xlpfjY1I9wSjZsXLmCjNwl3FLpP/O KqLuWpRW7YE/zKPqnsmvcLvFqh4S8C2ksunxDGaS1MUIbPy5IhDbnPLEkd8Lkc4H I/TjI06oft/Zao7yHaQuzo9vOAOCjZbODlLBharXOUNhE6+jtmyc8+Ut7/+Ey+fz 3cn1 -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:13 2025 by rpki-client