$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa File: 49c96710-1e67-4b08-aeed-9db02b3e6469.roa (raw, json) Hash identifier: 43wlwHofnrDVKbk6BPaCRd9odS0n436JqfQ31CEWDCc= Subject key identifier: 06:E4:74:E4:56:B5:85:51:1E:2A:5E:FA:4D:B5:20:02:31:15:9E:61 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1D697E21E391D770BC670C45F2298BAE0124219A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa Signing time: Tue 18 Mar 2025 00:00:49 +0000 ROA not before: Tue 18 Mar 2025 00:00:49 +0000 ROA not after: Tue 22 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:69:7e:21:e3:91:d7:70:bc:67:0c:45:f2:29:8b:ae:01:24:21:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 18 00:00:49 2025 GMT Not After : Apr 22 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:ac:b3:6f:a6:4a:0b:8c:0a:ae:cb:71:6f:c4: 32:1b:e5:4e:ff:22:d3:ef:73:db:2c:e4:4e:96:cc: 21:db:cf:68:dd:2b:12:8b:73:50:1a:1b:24:61:38: 45:e3:dd:a1:5d:87:3e:32:70:03:f4:21:b2:6f:39: 0d:b4:70:06:09:d9:aa:47:26:01:e6:46:63:b5:00: a7:20:25:a2:f3:a7:b1:7c:dd:3e:1d:aa:97:ba:62: 27:76:0e:99:6c:e6:40:99:d5:eb:6e:38:37:b6:d2: 03:62:e0:27:90:50:68:0f:6f:d6:bc:08:30:e5:cf: dc:32:29:32:54:22:0b:22:cd:f1:86:a0:fe:1b:3f: 53:a2:89:b8:3d:9b:b0:47:af:15:e9:5e:38:cd:b8: e6:67:93:b3:dd:b1:31:96:f5:d2:0e:43:b9:35:71: 50:ef:45:60:6c:72:2f:80:b8:95:b2:91:ba:9d:1c: 98:3b:3c:28:18:19:db:db:46:a3:1a:f8:af:c0:e0: 59:1a:54:a2:85:87:61:48:e0:62:bb:0c:8f:6a:1d: a5:bb:99:11:82:46:5a:24:dc:de:5a:68:ae:25:3f: 36:9d:dd:ba:8b:e5:c0:7b:89:dd:7f:6b:3d:a0:bc: 08:97:bf:65:f9:b3:50:7b:57:dd:30:3b:67:b5:c7: ef:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:E4:74:E4:56:B5:85:51:1E:2A:5E:FA:4D:B5:20:02:31:15:9E:61 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:e000::/40 Signature Algorithm: sha256WithRSAEncryption 6c:72:a3:7e:4a:a9:dc:07:e6:2d:ee:4e:ba:4e:ca:d3:08:26: c4:be:9a:52:ec:ae:ef:f4:31:2c:88:42:d1:2c:ff:49:cf:88: 8f:e7:46:c8:47:7a:0a:bd:b8:01:85:b6:dc:3f:db:fa:3f:b8: 54:e6:b7:a6:9f:b2:60:e5:42:3f:15:0a:7e:cb:d1:7d:78:d7: ea:d8:8c:1d:60:ee:c8:b2:07:15:ff:5c:fd:f5:d4:28:d5:24: 4d:53:a1:8f:e2:ca:1c:59:34:77:4c:e7:1b:c6:d3:92:ab:bc: d6:e3:91:4d:03:cd:11:9a:a4:e5:75:eb:94:67:8c:21:ea:ca: 09:1a:8f:06:3c:b1:d7:5b:28:fe:97:88:84:d2:95:3e:ed:42: 49:b7:e9:fb:d0:fe:da:c9:90:66:4e:72:f8:8f:0d:6c:de:2a: bf:41:08:37:30:62:53:20:70:a7:8a:a2:32:9f:69:c3:7b:e8: 54:ae:84:03:b0:2d:ef:73:9e:75:af:2b:22:c4:c0:d9:98:0e: 3f:98:b0:0e:c6:af:fb:f9:07:37:f2:61:26:89:41:35:5c:8f: 75:c7:0d:d9:36:fb:46:90:2e:80:59:ac:8c:2c:27:66:b9:16: fc:e0:f3:ad:55:62:2a:80:2e:13:d2:c7:e5:9e:9a:f5:6c:31: e9:88:ce:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHWl+IeOR13C8ZwxF8imLrgEkIZowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxODAwMDA0OVoX DTI1MDQyMjIzNTk1OVowejFJMEcGA1UEBRNANmVmNzk5MjRkYWViOGM2MjhhODQw NGM0YjNlZTJjZjRmY2UxNWVhYjM3OTBmZWRjNmZjNGU5YWYwMWRmZWRiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKyzb6ZKC4wKrstxb8QyG+VO/yLT 73PbLOROlswh289o3SsSi3NQGhskYThF492hXYc+MnAD9CGybzkNtHAGCdmqRyYB 5kZjtQCnICWi86exfN0+HaqXumIndg6ZbOZAmdXrbjg3ttIDYuAnkFBoD2/WvAgw 5c/cMikyVCILIs3xhqD+Gz9Toom4PZuwR68V6V44zbjmZ5Oz3bExlvXSDkO5NXFQ 70VgbHIvgLiVspG6nRyYOzwoGBnb20ajGvivwOBZGlSihYdhSOBiuwyPah2lu5kR gkZaJNzeWmiuJT82nd26i+XAe4ndf2s9oLwIl79l+bNQe1fdMDtntcfvNwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAbkdORWtYVRHipe+k21IAIxFZ5hMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5Yzk2NzEwLTFlNjctNGIwOC1hZWVkLTlkYjAyYjNlNjQ2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9eAwDQYJKoZIhvcNAQELBQADggEBAGxyo35KqdwH5i3uTrpO ytMIJsS+mlLsru/0MSyIQtEs/0nPiI/nRshHegq9uAGFttw/2/o/uFTmt6afsmDl Qj8VCn7L0X141+rYjB1g7siyBxX/XP311CjVJE1ToY/iyhxZNHdM5xvG05KrvNbj kU0DzRGapOV165RnjCHqygkajwY8sddbKP6XiITSlT7tQkm36fvQ/trJkGZOcviP DWzeKr9BCDcwYlMgcKeKojKfacN76FSuhAOwLe9znnWvKyLEwNmYDj+YsA7Gr/v5 BzfyYSaJQTVcj3XHDdk2+0aQLoBZrIwsJ2a5Fvzg861VYiqALhPSx+WemvVsMemI zpI= -----END CERTIFICATE-----Generated at Sat Apr 5 10:51:09 2025 by rpki-client