$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49e84179-b363-4bd7-a8a7-5203c6a98687.roa File: 49e84179-b363-4bd7-a8a7-5203c6a98687.roa (raw, json) Hash identifier: 8yGP7N+d98orlFgqxVKxKEVGB23VousTqsM/wmyW+PY= Subject key identifier: AC:AE:0F:47:72:0A:AB:FE:04:99:7A:94:3E:FD:BD:06:79:4A:6E:06 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6C33A4D6C0D31CF828083277680CED426E0F3768 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49e84179-b363-4bd7-a8a7-5203c6a98687.roa Signing time: Fri 16 May 2025 00:20:07 +0000 ROA not before: Fri 16 May 2025 00:20:07 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:33:a4:d6:c0:d3:1c:f8:28:08:32:77:68:0c:ed:42:6e:0f:37:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:20:07 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=524e6db4093f9d58674c9261865efafb840a0bae580ea6edc411f598911ef5e8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d0:33:41:66:e7:9b:5d:b0:a4:cb:e0:33:3c: fb:10:d8:f4:db:d3:b9:1d:54:9a:23:de:fb:f8:6d: ea:66:46:a7:1e:84:cd:07:d5:e4:63:8f:35:b4:d7: 86:05:90:a3:20:83:56:83:8d:90:d9:68:81:f9:a1: e8:f1:28:63:f6:89:ba:cb:a4:de:55:b5:b4:78:9f: 44:68:99:4b:1b:59:6a:02:ab:73:f6:6f:5f:64:6b: 6a:bb:c5:12:eb:0d:c8:f9:95:98:1a:d2:d4:07:c5: fe:d6:ad:d2:db:63:d9:69:53:3c:91:5a:50:5c:42: ce:3d:91:1f:51:d0:b7:4e:34:b9:c4:59:56:72:bb: 2b:6b:60:25:a6:6f:ed:55:82:5e:9d:78:3e:cf:09: 0d:80:fc:97:60:a4:5e:20:a9:5a:bd:7b:9f:7c:61: 4e:4c:0d:59:3a:31:da:4e:72:89:98:4a:1d:da:44: f4:2e:4b:79:33:83:3c:1b:a6:91:78:d9:ca:6f:1c: 76:f7:b8:4a:e9:69:e0:e6:77:4d:b5:94:0f:93:c9: 29:60:a1:be:32:6e:2b:db:cc:48:c4:fa:52:5a:bb: 48:52:d5:05:d8:2f:43:f7:0b:d3:9b:01:fc:e5:b2: b6:26:95:f5:b1:b8:bb:a6:c0:77:ea:cd:78:b6:d8: e0:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:AE:0F:47:72:0A:AB:FE:04:99:7A:94:3E:FD:BD:06:79:4A:6E:06 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49e84179-b363-4bd7-a8a7-5203c6a98687.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:e000::/40 Signature Algorithm: sha256WithRSAEncryption 82:67:a4:8f:c7:47:bb:83:aa:f4:47:25:52:03:80:93:df:4b: d7:ea:03:8f:35:ad:87:91:62:4b:3b:d8:e4:ba:80:ab:ce:43: 99:02:4e:17:9b:a4:a4:b1:00:f3:93:c6:b1:46:d6:be:a6:99: b9:de:c2:47:4e:4c:31:cd:c8:ed:83:08:b1:97:ba:23:11:32: 7c:6b:5f:ea:0d:50:7e:13:e2:94:07:b0:47:99:0c:5f:fc:8a: a1:32:64:85:fa:c3:ba:48:39:9c:f2:8e:3b:22:3d:cc:f9:63: 42:57:66:8a:57:58:d0:d5:66:37:a4:00:50:e5:e6:d9:58:1e: 64:d7:90:8e:a7:73:a5:06:b5:ce:46:9c:ad:b5:14:ff:1e:88: f1:dd:02:0e:13:50:b7:3f:1d:0e:09:5e:65:dc:23:8c:2d:62: 97:84:ac:e2:cd:6b:1f:92:a2:21:59:4a:aa:81:94:18:ef:fc: 79:18:c8:06:5d:ae:5c:3d:a2:a8:03:67:5f:f1:70:d8:06:0e: 91:d0:76:d9:33:37:9a:dd:48:ba:06:d5:c6:a9:4d:ca:2b:d1: 6b:6f:9b:64:d8:f7:36:87:36:3f:b5:13:f9:7e:b2:a8:41:12: 1e:d6:53:7c:81:ce:36:8e:c6:34:f6:53:04:23:7c:13:c6:4d: 5f:51:5e:0b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbDOk1sDTHPgoCDJ3aAztQm4PN2gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMjAwN1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANTI0ZTZkYjQwOTNmOWQ1ODY3NGM5 MjYxODY1ZWZhZmI4NDBhMGJhZTU4MGVhNmVkYzQxMWY1OTg5MTFlZjVlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtAzQWbnm12wpMvgMzz7ENj029O5 HVSaI977+G3qZkanHoTNB9XkY481tNeGBZCjIINWg42Q2WiB+aHo8Shj9om6y6Te VbW0eJ9EaJlLG1lqAqtz9m9fZGtqu8US6w3I+ZWYGtLUB8X+1q3S22PZaVM8kVpQ XELOPZEfUdC3TjS5xFlWcrsra2Alpm/tVYJenXg+zwkNgPyXYKReIKlavXuffGFO TA1ZOjHaTnKJmEod2kT0Lkt5M4M8G6aReNnKbxx297hK6Wng5ndNtZQPk8kpYKG+ Mm4r28xIxPpSWrtIUtUF2C9D9wvTmwH85bK2JpX1sbi7psB36s14ttjgqQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKyuD0dyCqv+BJl6lD79vQZ5Sm4GMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5ZTg0MTc5LWIzNjMtNGJkNy1hOGE3LTUyMDNjNmE5ODY4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAOAwDQYJKoZIhvcNAQELBQADggEBAIJnpI/HR7uDqvRHJVID gJPfS9fqA481rYeRYks72OS6gKvOQ5kCThebpKSxAPOTxrFG1r6mmbnewkdOTDHN yO2DCLGXuiMRMnxrX+oNUH4T4pQHsEeZDF/8iqEyZIX6w7pIOZzyjjsiPcz5Y0JX ZopXWNDVZjekAFDl5tlYHmTXkI6nc6UGtc5GnK21FP8eiPHdAg4TULc/HQ4JXmXc I4wtYpeErOLNax+SoiFZSqqBlBjv/HkYyAZdrlw9oqgDZ1/xcNgGDpHQdtkzN5rd SLoG1capTcor0Wtvm2TY9zaHNj+1E/l+sqhBEh7WU3yBzjaOxjT2UwQjfBPGTV9R Xgs= -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:31 2025 by rpki-client