$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/44d45390-c4cb-45b7-a2d0-183f37c05776.roa File: 44d45390-c4cb-45b7-a2d0-183f37c05776.roa (raw, json) Hash identifier: qf6ap64+tuA8Vf4K9hOhDAmschDViFtpev/w3e3+tIs= Subject key identifier: 71:96:B7:04:19:78:81:38:60:BE:92:28:A4:5E:EE:51:66:F7:10:B1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 346F2C0DF7DF996FC0AC31E36BE03DEEBE0B7321 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/44d45390-c4cb-45b7-a2d0-183f37c05776.roa Signing time: Fri 16 May 2025 00:11:24 +0000 ROA not before: Fri 16 May 2025 00:11:24 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:c840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:6f:2c:0d:f7:df:99:6f:c0:ac:31:e3:6b:e0:3d:ee:be:0b:73:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:11:24 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=9e6cb84606ef8ff3c02dff55dcd7bcd72a7557662f3e7b01b9133586dcce37d9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:0f:7d:7b:cd:7d:8b:15:8c:ad:f4:72:fb:15: 96:59:5b:a1:de:60:9d:8f:0b:1c:d9:7e:2f:22:cc: c8:1b:b4:2c:46:96:00:87:e4:a0:e5:10:6a:ad:14: 11:af:c9:26:56:20:5a:02:32:a6:b3:71:5b:e2:8c: 43:53:af:99:a7:9f:8f:20:3a:28:ba:d1:62:b1:5e: 52:6c:2a:0d:31:b0:eb:44:3d:24:12:5c:9c:72:57: d5:4c:2e:aa:c2:b3:5c:a0:bd:5e:44:1f:ec:77:36: 6b:dc:d1:27:dc:79:34:8f:99:e8:ac:fe:90:76:c2: e4:80:af:1a:e8:61:68:5b:a1:33:b9:c5:25:45:5b: 1e:2e:dd:db:c3:3a:36:b0:31:5e:92:c8:3b:a7:8f: 7b:c5:a2:c7:f8:f4:c1:f6:54:d9:44:19:02:9c:be: 45:34:e0:f1:da:7b:af:2b:48:bb:39:74:c7:34:82: 67:89:9f:71:b1:67:a1:88:25:8b:1e:b0:66:d4:2c: 89:65:99:b6:bd:28:a9:e1:87:db:2f:44:88:8f:c9: 73:d6:10:9d:67:fb:04:4f:df:f3:4c:97:27:13:57: 6b:d6:e9:15:89:95:cd:12:8a:03:cf:7a:99:95:6b: 53:8c:b9:28:10:6e:02:dc:df:0d:b4:29:cc:8a:bc: ad:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:96:B7:04:19:78:81:38:60:BE:92:28:A4:5E:EE:51:66:F7:10:B1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/44d45390-c4cb-45b7-a2d0-183f37c05776.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:c840::/46 Signature Algorithm: sha256WithRSAEncryption 3d:e5:23:46:c7:28:1e:49:90:69:a3:fb:54:3d:c5:e6:fe:38: 4a:14:1f:b4:48:86:60:12:8e:98:a9:44:a0:ef:39:8e:93:7e: 31:7a:e2:2f:e7:63:84:db:f9:66:1a:c1:0e:79:c7:3e:5d:c7: d2:1b:d7:5a:3d:e1:8c:03:91:42:3b:36:d5:97:d3:6c:4d:c5: c9:0f:13:0b:63:3f:35:a6:fb:e7:04:c7:23:13:6b:52:9f:51: 88:7c:e4:fb:6e:c6:c7:b7:92:8f:15:7b:0f:d4:90:f6:f3:01: e2:ed:b1:e4:0e:7d:67:2a:c4:44:29:d4:0a:07:c0:78:a9:1a: 5c:f9:73:13:0a:5a:05:af:db:1f:82:c9:72:f2:a5:dc:93:b4: 1d:86:38:f9:37:d8:12:7a:96:64:c9:4d:b1:c6:2f:2a:76:4a: a6:83:dc:21:3a:b8:3f:fc:ed:bc:2a:be:55:d4:ab:e5:79:4b: 31:79:49:6a:1b:c5:14:1b:a9:a5:12:4d:94:af:e4:21:4b:89: 56:e3:bd:6a:bb:e7:09:7c:52:5c:62:c7:f8:36:5c:1f:de:b2: 48:74:72:95:3f:54:6e:d6:44:64:8e:07:f8:41:ca:0e:7a:6d: 39:e6:5b:04:01:f0:84:d9:4b:2a:78:37:18:58:f2:31:b5:d3: 15:9f:14:56 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNG8sDfffmW/ArDHja+A97r4LcyEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMTEyNFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAOWU2Y2I4NDYwNmVmOGZmM2MwMmRm ZjU1ZGNkN2JjZDcyYTc1NTc2NjJmM2U3YjAxYjkxMzM1ODZkY2NlMzdkOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7A99e819ixWMrfRy+xWWWVuh3mCd jwsc2X4vIszIG7QsRpYAh+Sg5RBqrRQRr8kmViBaAjKms3Fb4oxDU6+Zp5+PIDoo utFisV5SbCoNMbDrRD0kElycclfVTC6qwrNcoL1eRB/sdzZr3NEn3Hk0j5norP6Q dsLkgK8a6GFoW6EzucUlRVseLt3bwzo2sDFeksg7p497xaLH+PTB9lTZRBkCnL5F NODx2nuvK0i7OXTHNIJniZ9xsWehiCWLHrBm1CyJZZm2vSip4YfbL0SIj8lz1hCd Z/sET9/zTJcnE1dr1ukViZXNEooDz3qZlWtTjLkoEG4C3N8NtCnMiryt7wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHGWtwQZeIE4YL6SKKRe7lFm9xCxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ0ZDQ1MzkwLWM0Y2ItNDViNy1hMmQwLTE4M2YzN2MwNTc3Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+8hAMA0GCSqGSIb3DQEBCwUAA4IBAQA95SNGxygeSZBpo/tU PcXm/jhKFB+0SIZgEo6YqUSg7zmOk34xeuIv52OE2/lmGsEOecc+XcfSG9daPeGM A5FCOzbVl9NsTcXJDxMLYz81pvvnBMcjE2tSn1GIfOT7bsbHt5KPFXsP1JD28wHi 7bHkDn1nKsREKdQKB8B4qRpc+XMTCloFr9sfgsly8qXck7Qdhjj5N9gSepZkyU2x xi8qdkqmg9whOrg//O28Kr5V1KvleUsxeUlqG8UUG6mlEk2Ur+QhS4lW471qu+cJ fFJcYsf4Nlwf3rJIdHKVP1Ru1kRkjgf4QcoOem055lsEAfCE2UsqeDcYWPIxtdMV nxRW -----END CERTIFICATE-----Generated at Tue Jun 3 23:16:03 2025 by rpki-client