$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46a9243f-83f1-42ec-bf8b-cbcd0e65fe25.roa File: 46a9243f-83f1-42ec-bf8b-cbcd0e65fe25.roa (raw, json) Hash identifier: ldkDw4Li+kujJesUnULQHnh0g+dUMmCSt6sLAj3YTzM= Subject key identifier: 08:B6:3A:DC:CB:11:9C:23:32:5B:19:C1:1E:71:44:97:24:CD:93:DB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 515DF49118D0A6F3A9E77899906236915E9F7A7F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46a9243f-83f1-42ec-bf8b-cbcd0e65fe25.roa Signing time: Fri 16 May 2025 00:21:36 +0000 ROA not before: Fri 16 May 2025 00:21:36 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:8c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:5d:f4:91:18:d0:a6:f3:a9:e7:78:99:90:62:36:91:5e:9f:7a:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:21:36 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=6be0be1745e13ce15a7bc5818e2e6b454986fd64eed03f68aed6fa6013e8a9c3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:af:88:c3:37:78:ae:2b:50:ce:06:f1:42:a9: 24:87:b2:45:0f:06:44:90:c4:a0:2a:54:5e:b2:73: d9:d7:cc:19:ad:fe:6f:e3:79:6b:16:ad:25:cf:d5: 53:4b:13:16:c9:b2:e9:cf:52:dd:cd:d7:59:b8:4e: 49:ed:7f:27:03:48:38:c9:68:86:c8:44:30:82:7f: 3a:3a:fd:9d:b1:67:b8:84:b3:d1:82:85:42:5f:c3: 3d:44:e7:3b:5c:ae:be:f2:f4:08:7f:aa:21:47:c7: 50:dd:ae:30:9a:5c:93:ee:8e:3b:19:c3:fe:6b:d2: 32:91:30:f2:2f:65:82:cb:4e:12:92:c4:e7:79:11: 0b:ea:c9:39:5d:e5:30:8f:5f:08:89:89:a0:ca:90: 35:cd:7b:be:9e:5b:42:d7:01:28:9a:64:e2:b9:3a: 08:d5:1c:34:c3:a1:79:dc:c2:7d:11:79:8b:98:e9: 34:93:ce:34:c7:5d:a5:03:45:d7:6b:40:1c:f2:52: c4:f2:eb:b6:d0:e6:53:9d:21:4b:83:26:3d:7e:e2: f9:f3:04:b9:d8:1f:91:76:38:3e:9c:4c:d2:30:a5: 20:88:98:89:3e:7a:ce:bb:bb:7b:03:73:ff:c2:d2: bb:9f:53:dc:e8:8b:59:43:5b:ce:76:18:f6:e7:45: a5:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:B6:3A:DC:CB:11:9C:23:32:5B:19:C1:1E:71:44:97:24:CD:93:DB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46a9243f-83f1-42ec-bf8b-cbcd0e65fe25.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:8c0::/46 Signature Algorithm: sha256WithRSAEncryption 53:61:95:b0:17:b5:66:30:f6:ad:93:85:58:75:b6:c0:a2:1a: 9a:6b:33:87:27:8f:8a:00:a9:a8:96:34:65:f7:d9:89:8f:a7: 3b:7f:82:ce:82:8a:e3:8e:48:f0:b9:15:8c:f7:ff:c1:3b:b2: a6:d5:8d:04:39:94:4c:5f:da:bc:22:78:6e:0a:a4:69:d8:84: e2:be:07:12:2a:df:3f:42:d6:ea:64:11:69:f7:78:f3:2a:6d: 7e:23:9b:d2:50:14:cd:e7:28:55:f7:86:b0:92:43:36:a2:f6: 13:1f:8a:e6:07:02:10:e8:6e:9b:f4:e9:aa:41:f4:fd:ca:b5: 4a:0c:66:f6:e3:35:58:2b:45:f9:1a:aa:6b:09:ac:99:9f:9a: 7f:5f:53:96:ae:83:f3:bc:3a:7d:0f:39:f8:95:c9:55:2f:5f: 68:7e:ee:c1:5f:b3:17:43:e8:2c:ec:ac:c0:a8:92:0d:81:17: 58:f3:ef:05:b5:91:1e:2e:46:75:e3:b5:ab:fe:49:49:7b:fb: f3:95:39:22:22:61:8c:16:53:a8:05:8b:94:62:e1:37:c1:cd: 7c:f3:53:b6:40:f0:cc:7c:21:4d:9c:f9:56:df:d0:32:e3:2e: 2a:44:e9:34:9a:c5:d4:56:d7:4b:ab:e6:d0:9b:e7:39:75:89: 53:96:4f:17 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUV30kRjQpvOp53iZkGI2kV6fen8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMjEzNloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANmJlMGJlMTc0NWUxM2NlMTVhN2Jj NTgxOGUyZTZiNDU0OTg2ZmQ2NGVlZDAzZjY4YWVkNmZhNjAxM2U4YTljMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua+Iwzd4ritQzgbxQqkkh7JFDwZE kMSgKlResnPZ18wZrf5v43lrFq0lz9VTSxMWybLpz1LdzddZuE5J7X8nA0g4yWiG yEQwgn86Ov2dsWe4hLPRgoVCX8M9ROc7XK6+8vQIf6ohR8dQ3a4wmlyT7o47GcP+ a9IykTDyL2WCy04SksTneREL6sk5XeUwj18IiYmgypA1zXu+nltC1wEommTiuToI 1Rw0w6F53MJ9EXmLmOk0k840x12lA0XXa0Ac8lLE8uu20OZTnSFLgyY9fuL58wS5 2B+Rdjg+nEzSMKUgiJiJPnrOu7t7A3P/wtK7n1Pc6ItZQ1vOdhj250Wl/wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAi2OtzLEZwjMlsZwR5xRJckzZPbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ2YTkyNDNmLTgzZjEtNDJlYy1iZjhiLWNiY2QwZTY1ZmUyNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+wjAMA0GCSqGSIb3DQEBCwUAA4IBAQBTYZWwF7VmMPatk4VY dbbAohqaazOHJ4+KAKmoljRl99mJj6c7f4LOgorjjkjwuRWM9//BO7Km1Y0EOZRM X9q8InhuCqRp2ITivgcSKt8/QtbqZBFp93jzKm1+I5vSUBTN5yhV94awkkM2ovYT H4rmBwIQ6G6b9OmqQfT9yrVKDGb24zVYK0X5GqprCayZn5p/X1OWroPzvDp9Dzn4 lclVL19ofu7BX7MXQ+gs7KzAqJINgRdY8+8FtZEeLkZ147Wr/klJe/vzlTkiImGM FlOoBYuUYuE3wc1881O2QPDMfCFNnPlW39Ay4y4qROk0msXUVtdLq+bQm+c5dYlT lk8X -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:39 2025 by rpki-client