$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa File: 3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa (raw, json) Hash identifier: DtquEYdQ3d0EAy8J1FB8uXNOSUi/2e1vlcCRwP/FuxI= Subject key identifier: 83:03:D4:F9:67:B8:89:37:AB:DB:D7:31:1B:72:1E:A0:38:9E:AE:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36E69AF49A357EEEA11DFBF7B834C9986B814924 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa Signing time: Tue 25 Mar 2025 16:21:49 +0000 ROA not before: Tue 25 Mar 2025 16:21:49 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:e6:9a:f4:9a:35:7e:ee:a1:1d:fb:f7:b8:34:c9:98:6b:81:49:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 25 16:21:49 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:0f:7a:b5:59:eb:4d:19:3c:8b:d5:39:e8:71: 81:10:b3:b5:37:aa:ee:1b:c2:7e:cc:f7:65:2e:ee: c2:9b:52:12:fe:c0:2e:11:df:bf:18:0b:9c:94:ff: 5d:3e:bf:32:aa:d0:9a:71:79:b1:21:60:4f:98:de: e9:41:dc:69:6c:83:04:8d:da:34:45:21:5f:60:42: d8:5a:13:cd:b7:1d:54:93:94:b7:65:51:f8:1d:8a: 77:ef:b2:fa:52:46:4f:09:d5:06:2b:b5:f5:2e:e3: 74:f9:77:56:07:63:a7:68:3c:9c:0b:79:ba:d7:91: 67:2a:f2:d8:ad:eb:4c:3b:63:c4:de:40:76:56:70: 83:04:50:d6:a0:1a:a1:a3:07:9a:5c:8a:35:a3:04: fd:61:82:68:64:6f:e1:1f:df:c1:92:a6:e7:2b:bc: 7b:19:43:cf:d4:6f:31:43:2a:0b:69:82:46:d6:21: ba:74:d2:db:05:ce:17:2c:95:b9:d8:6f:68:d9:fb: 8c:91:e3:d7:78:6e:57:d0:b8:1a:ab:0c:f2:89:d7: 05:88:b4:a7:80:f7:c8:73:08:d3:b5:e9:be:a4:75: e7:11:a8:98:22:e4:86:9c:9f:47:65:d1:ac:5d:ac: 4a:26:c1:9b:d5:1e:be:9b:96:ab:77:bb:17:82:72: e7:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:03:D4:F9:67:B8:89:37:AB:DB:D7:31:1B:72:1E:A0:38:9E:AE:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:4800::/40 Signature Algorithm: sha256WithRSAEncryption 1f:f6:72:eb:38:a9:3f:2f:57:93:3a:61:61:61:ae:ff:8a:e9: be:15:a0:8d:5b:21:61:d7:96:4e:34:8e:aa:50:bc:b1:0b:12: 13:50:d8:71:41:7a:d1:6e:64:ab:01:99:f3:3d:8c:69:7d:ff: cc:70:c5:31:47:f9:f5:55:7d:e5:e7:59:51:cd:ec:4b:49:9c: 07:6a:d5:d7:a9:6c:c4:c4:3c:6e:6d:87:02:67:7d:79:de:ff: 7b:3a:38:4a:0c:07:7e:39:67:87:40:a1:9a:b7:23:8f:a9:50: 28:68:f9:86:d9:b9:5f:27:c7:72:ef:b2:6a:6d:af:7d:80:14: 24:08:7f:af:d3:0c:37:a4:93:3a:ff:98:a8:50:1f:6a:b6:ff: 69:b0:76:5d:14:f6:d7:73:fb:7a:3e:14:cb:16:a1:bc:52:df: a0:04:ef:46:ac:42:bb:db:78:e8:09:88:c4:74:7a:ee:79:04: 51:2f:5c:74:2d:31:19:9d:0d:27:b1:bc:f8:81:4c:fd:aa:8a: ff:04:e0:2b:c7:15:d8:96:b5:3a:38:a9:ca:fb:d9:42:02:4c: 7b:19:1f:10:43:b7:de:03:95:c5:7f:a9:77:1f:1d:85:0e:fb: 15:80:86:2b:57:4a:a9:f9:80:62:0c:59:10:de:6b:f7:58:25: 69:c9:e1:e3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNuaa9Jo1fu6hHfv3uDTJmGuBSSQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MjE0OVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMDlmMzRiNWNkMWExY2RkMjgzYzQ0 MmRjMDljZWUwY2Y4OGUwMGEwYzYyZWQyODJjYTE0NjRmMWM5OTljYWE2ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1g96tVnrTRk8i9U56HGBELO1N6ru G8J+zPdlLu7Cm1IS/sAuEd+/GAuclP9dPr8yqtCacXmxIWBPmN7pQdxpbIMEjdo0 RSFfYELYWhPNtx1Uk5S3ZVH4HYp377L6UkZPCdUGK7X1LuN0+XdWB2OnaDycC3m6 15FnKvLYretMO2PE3kB2VnCDBFDWoBqhoweaXIo1owT9YYJoZG/hH9/BkqbnK7x7 GUPP1G8xQyoLaYJG1iG6dNLbBc4XLJW52G9o2fuMkePXeG5X0LgaqwzyidcFiLSn gPfIcwjTtem+pHXnEaiYIuSGnJ9HZdGsXaxKJsGb1R6+m5ard7sXgnLnjQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIMD1PlnuIk3q9vXMRtyHqA4nq7vMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlOWNjNmFmLWJjMmMtNGRjYS04OTE1LTBjZGRmMjVjYzhkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaEgwDQYJKoZIhvcNAQELBQADggEBAB/2cus4qT8vV5M6YWFh rv+K6b4VoI1bIWHXlk40jqpQvLELEhNQ2HFBetFuZKsBmfM9jGl9/8xwxTFH+fVV feXnWVHN7EtJnAdq1depbMTEPG5thwJnfXne/3s6OEoMB345Z4dAoZq3I4+pUCho +YbZuV8nx3Lvsmptr32AFCQIf6/TDDekkzr/mKhQH2q2/2mwdl0U9tdz+3o+FMsW obxS36AE70asQrvbeOgJiMR0eu55BFEvXHQtMRmdDSexvPiBTP2qiv8E4CvHFdiW tTo4qcr72UICTHsZHxBDt94DlcV/qXcfHYUO+xWAhitXSqn5gGIMWRDea/dYJWnJ 4eM= -----END CERTIFICATE-----Generated at Sat Apr 5 11:03:48 2025 by rpki-client