$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa File: 3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa (raw, json) Hash identifier: i7D8y4NJCNHW8axf1nPjWEtaf1mdu9YxqHgNWfT+VLc= Subject key identifier: CC:DC:57:70:B2:04:16:41:F7:B3:00:2C:F0:38:93:B6:24:F7:18:92 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3C1573C86916FD91AE8F13E48AC31E91850817A2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa Signing time: Mon 12 May 2025 15:00:16 +0000 ROA not before: Mon 12 May 2025 15:00:16 +0000 ROA not after: Mon 16 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:15:73:c8:69:16:fd:91:ae:8f:13:e4:8a:c3:1e:91:85:08:17:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 15:00:16 2025 GMT Not After : Jun 16 23:59:59 2025 GMT Subject: serialNumber=01730f6fab60669ed0cf5133880a923e24fea1fbae75175f03bc8ed5815d01be, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:20:1c:17:9e:e4:0b:82:63:53:d3:c4:46:af: 59:7b:f7:0c:8a:9a:b2:c9:69:56:ed:ad:78:53:ab: 90:c4:8f:fd:fb:ca:ed:ab:36:9b:fa:6d:9b:17:5b: ea:65:d2:c0:20:5f:67:01:b3:92:fd:81:0d:bd:8d: 3f:ac:ea:29:40:69:aa:91:da:f4:f0:15:fc:c6:51: 0b:e9:54:db:a9:53:74:43:6c:82:a3:92:7e:1e:dd: 52:2f:80:c5:0a:c0:88:87:3f:09:54:66:e6:50:e8: d3:64:cf:b6:4f:1d:3e:2a:91:63:af:4b:f8:d1:1c: 35:8e:0d:2a:47:d6:b3:73:88:b3:31:ca:53:37:4b: e7:85:2a:e7:02:e1:87:b0:60:f5:a5:31:c3:dc:00: 26:0a:50:3d:c7:79:7f:2b:cd:d2:9d:81:4d:f0:6f: c4:8d:b6:7d:ce:cb:b8:02:b4:6f:c6:25:12:6a:5e: 7d:11:2f:79:b1:c9:c4:de:a7:e8:d8:7e:cd:15:9d: f7:16:0c:fb:bf:01:d3:6d:73:70:0e:57:4f:4d:a4: 2b:95:db:04:72:f4:ee:be:e6:51:11:57:8b:c9:9b: e2:32:ff:b3:c6:90:38:e0:7b:b3:44:e3:1b:b8:53: e4:ff:fa:73:9f:6b:65:ac:54:a2:43:1d:f8:b0:4a: e9:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:DC:57:70:B2:04:16:41:F7:B3:00:2C:F0:38:93:B6:24:F7:18:92 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:4000::/40 Signature Algorithm: sha256WithRSAEncryption af:40:39:63:90:ad:49:9d:5f:3c:5d:de:f0:a4:d9:f6:cd:f1: c2:92:60:c3:b9:c9:db:7a:de:1f:8f:2c:7a:3f:fb:c6:fa:e6: c1:cf:48:f7:a1:ab:1d:86:b5:1d:48:b8:33:b6:b1:3e:17:b9: 01:01:02:0c:c2:4c:31:0f:95:fa:2f:58:15:89:c6:21:1a:5f: ae:a3:dc:f4:5b:38:f6:0b:8f:c8:3e:8f:c0:99:c0:f8:d1:a0: 4c:bb:6c:fa:70:48:46:14:ff:cd:0e:58:32:31:f7:b0:96:54: 85:ef:db:62:97:57:fc:d8:f5:1e:9e:71:df:d7:93:5d:6d:bf: f1:ca:d7:2e:b8:b0:e7:f5:01:91:fa:5d:60:6a:15:f2:1f:9a: b7:f1:8a:c7:21:b3:77:84:06:4b:18:ae:77:a2:59:52:f6:8f: 76:6f:51:e9:f7:6f:b2:8f:30:50:b1:db:2c:e4:08:3b:35:c7: 86:3d:63:52:e5:4d:a9:65:57:a7:e9:24:2d:a7:56:87:58:c1: d5:ed:c1:dd:9e:20:a4:4f:1d:22:f5:8b:92:9f:13:5c:12:ed: ae:c4:15:51:7a:29:b1:04:f4:a1:de:1f:37:4a:02:51:b2:1d: c4:6b:8e:1f:63:8d:17:26:ec:a9:e2:3a:c4:04:00:6e:e0:39: 5e:f4:61:a3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPBVzyGkW/ZGujxPkisMekYUIF6IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MDAxNloX DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAMDE3MzBmNmZhYjYwNjY5ZWQwY2Y1 MTMzODgwYTkyM2UyNGZlYTFmYmFlNzUxNzVmMDNiYzhlZDU4MTVkMDFiZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyAcF57kC4JjU9PERq9Ze/cMipqy yWlW7a14U6uQxI/9+8rtqzab+m2bF1vqZdLAIF9nAbOS/YENvY0/rOopQGmqkdr0 8BX8xlEL6VTbqVN0Q2yCo5J+Ht1SL4DFCsCIhz8JVGbmUOjTZM+2Tx0+KpFjr0v4 0Rw1jg0qR9azc4izMcpTN0vnhSrnAuGHsGD1pTHD3AAmClA9x3l/K83SnYFN8G/E jbZ9zsu4ArRvxiUSal59ES95scnE3qfo2H7NFZ33Fgz7vwHTbXNwDldPTaQrldsE cvTuvuZREVeLyZviMv+zxpA44HuzROMbuFPk//pzn2tlrFSiQx34sErppQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMzcV3CyBBZB97MALPA4k7Yk9xiSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNkNGU3MmM0LTY2ZDAtNDMwYS1hNmJjLWQzZTI5MTZhODQ4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9EAwDQYJKoZIhvcNAQELBQADggEBAK9AOWOQrUmdXzxd3vCk 2fbN8cKSYMO5ydt63h+PLHo/+8b65sHPSPehqx2GtR1IuDO2sT4XuQEBAgzCTDEP lfovWBWJxiEaX66j3PRbOPYLj8g+j8CZwPjRoEy7bPpwSEYU/80OWDIx97CWVIXv 22KXV/zY9R6ecd/Xk11tv/HK1y64sOf1AZH6XWBqFfIfmrfxischs3eEBksYrnei WVL2j3ZvUen3b7KPMFCx2yzkCDs1x4Y9Y1LlTallV6fpJC2nVodYwdXtwd2eIKRP HSL1i5KfE1wS7a7EFVF6KbEE9KHeHzdKAlGyHcRrjh9jjRcm7KniOsQEAG7gOV70 YaM= -----END CERTIFICATE-----Generated at Tue Jun 3 23:14:21 2025 by rpki-client