$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa File: 49a679dd-b6ba-4b54-beeb-b3e83302b998.roa (raw, json) Hash identifier: 19FwDdwEOUk3MOMIghygjlWONRgbOLpnS73tmRJjIqs= Subject key identifier: 45:7B:94:BD:7B:CC:C5:30:EB:67:5C:85:E1:2F:96:37:2A:2F:A0:E1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1686B941EC4F583B0138842CC1653FDC8EC6B61F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa Signing time: Sat 29 Mar 2025 00:01:17 +0000 ROA not before: Sat 29 Mar 2025 00:01:17 +0000 ROA not after: Sat 03 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:86:b9:41:ec:4f:58:3b:01:38:84:2c:c1:65:3f:dc:8e:c6:b6:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 29 00:01:17 2025 GMT Not After : May 3 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:12:69:50:d9:c4:47:55:8f:0a:1a:31:41:07: ab:42:32:8e:8e:db:9a:2d:61:81:14:e7:93:9d:bd: 51:87:8e:48:74:d0:35:b3:39:45:3b:59:ac:36:d5: a1:67:e6:b1:91:00:25:db:2d:10:b3:62:5c:2f:b8: 34:c1:dc:49:f5:72:9b:1a:ed:71:60:30:d5:7d:18: 53:c6:2b:8f:55:ca:cd:dc:5d:20:a2:3d:29:35:af: 61:dd:de:cc:bc:aa:39:24:4d:49:f6:23:f3:be:7f: d8:f1:ff:df:f5:9c:70:83:f6:27:19:fe:52:c2:58: fc:69:d0:66:28:6d:a5:12:9c:22:fe:c5:df:5e:82: e6:04:e0:9d:fa:48:23:1a:1f:8f:7b:0b:39:5c:e6: e3:23:a4:36:28:bc:b0:2d:9a:b7:be:b9:ec:4e:67: 42:46:4c:45:7b:98:c9:a0:0d:7a:5d:87:1d:d7:cb: 53:32:8a:ba:f8:2c:b9:f6:01:17:aa:a6:3f:6e:c8: 77:59:b8:23:02:70:46:ec:40:c8:80:58:82:5f:97: 96:cd:93:06:c2:45:90:79:21:6e:5e:2f:79:a0:57: a7:63:b7:1c:3f:3b:c5:df:99:10:46:5f:58:58:d2: 63:cd:3d:a5:5f:8f:7d:01:21:be:19:01:51:91:3b: c5:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:7B:94:BD:7B:CC:C5:30:EB:67:5C:85:E1:2F:96:37:2A:2F:A0:E1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:800::/40 Signature Algorithm: sha256WithRSAEncryption 84:be:dd:2e:2a:4b:ea:f5:87:16:61:e5:7f:4b:2a:ae:13:02: 09:0c:bc:2c:f8:14:78:a1:f8:6b:07:df:ac:46:53:e9:9b:ac: 8e:51:95:01:fd:35:1a:f1:e1:41:de:7c:da:58:a8:8a:f8:43: f6:90:46:ee:08:9c:0a:29:a4:1c:d6:63:a6:32:ff:a2:a4:c6: df:0f:8d:cf:e8:de:d9:c2:21:c8:49:96:27:18:2d:0a:f1:77: 19:01:5f:8b:da:fe:20:5f:ad:fa:94:da:c8:bc:eb:11:67:d2: e1:a4:05:bb:11:bf:7e:72:b5:d5:8d:53:90:6a:56:2d:3e:ce: 4c:0c:21:85:57:d8:3f:31:62:23:00:9c:0d:1d:50:ec:22:ed: 92:8e:69:78:f1:2e:9f:15:6c:e1:fc:ab:f1:a4:e2:ce:17:78: 12:41:90:c4:b6:d2:c0:d9:f2:40:a0:7d:f3:ed:7a:8d:d9:2a: 9e:c9:d5:66:67:f8:ad:64:d0:e0:61:b5:9d:f1:10:2d:f6:e5: d6:c3:eb:00:d9:aa:f2:48:90:73:ec:82:7c:1d:ae:e9:a9:40: d9:0f:cf:dd:e6:21:76:2e:02:8d:41:94:37:c2:36:b0:f8:4e: ab:b5:48:d4:e9:5f:0a:d3:46:3e:42:72:53:c7:3b:02:bf:d2: 82:5b:67:8e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFoa5QexPWDsBOIQswWU/3I7Gth8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyOTAwMDExN1oX DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNANjc5ZTBiM2YzNzNjNThkNDQwN2M5 NjU1ZDg3MzkwODYxMjFkZjBmZTc4MGY4NzZlMmU5NzI2MDY2Y2U2NWFjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hJpUNnER1WPChoxQQerQjKOjtua LWGBFOeTnb1Rh45IdNA1szlFO1msNtWhZ+axkQAl2y0Qs2JcL7g0wdxJ9XKbGu1x YDDVfRhTxiuPVcrN3F0goj0pNa9h3d7MvKo5JE1J9iPzvn/Y8f/f9Zxwg/YnGf5S wlj8adBmKG2lEpwi/sXfXoLmBOCd+kgjGh+Pews5XObjI6Q2KLywLZq3vrnsTmdC RkxFe5jJoA16XYcd18tTMoq6+Cy59gEXqqY/bsh3WbgjAnBG7EDIgFiCX5eWzZMG wkWQeSFuXi95oFenY7ccPzvF35kQRl9YWNJjzT2lX499ASG+GQFRkTvFAQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEV7lL17zMUw62dcheEvljcqL6DhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YTY3OWRkLWI2YmEtNGI1NC1iZWViLWIzZTgzMzAyYjk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8QgwDQYJKoZIhvcNAQELBQADggEBAIS+3S4qS+r1hxZh5X9L Kq4TAgkMvCz4FHih+GsH36xGU+mbrI5RlQH9NRrx4UHefNpYqIr4Q/aQRu4InAop pBzWY6Yy/6Kkxt8Pjc/o3tnCIchJlicYLQrxdxkBX4va/iBfrfqU2si86xFn0uGk BbsRv35ytdWNU5BqVi0+zkwMIYVX2D8xYiMAnA0dUOwi7ZKOaXjxLp8VbOH8q/Gk 4s4XeBJBkMS20sDZ8kCgffPteo3ZKp7J1WZn+K1k0OBhtZ3xEC325dbD6wDZqvJI kHPsgnwdrumpQNkPz93mIXYuAo1BlDfCNrD4Tqu1SNTpXwrTRj5CclPHOwK/0oJb Z44= -----END CERTIFICATE-----Generated at Sat Apr 5 10:55:58 2025 by rpki-client