$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa File: 4a75b2a7-15e5-4501-aaaf-4737a678d996.roa (raw, json) Hash identifier: RiFmQLiaKfIF9kfBat217IS8bNtxssdyNXekcOJGU58= Subject key identifier: 37:31:89:B8:8F:F2:0C:02:11:97:86:02:3B:36:5F:F7:C3:FC:85:D2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 10D391CFA06A806C639F10C2CB4DAA8371DE9861 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa Signing time: Mon 19 May 2025 15:00:20 +0000 ROA not before: Mon 19 May 2025 15:00:20 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:d3:91:cf:a0:6a:80:6c:63:9f:10:c2:cb:4d:aa:83:71:de:98:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 19 15:00:20 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=173cba59b0aec3144c69afbaf4c2ff90e088e9ccf013040db2fc7c1166f88209, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:dd:67:31:81:2c:0f:46:9b:53:a4:42:f9:6c: c0:56:1e:eb:aa:97:c3:19:56:80:af:23:4a:db:5a: 68:1c:02:38:4b:fe:97:7b:e1:3f:2e:c6:5f:97:bf: 41:b2:83:ad:9e:a1:b7:30:87:af:b6:36:27:71:1f: d3:7c:f9:53:0c:ee:f6:2f:5a:db:7d:9f:23:38:41: c1:6b:31:16:c1:51:82:ff:d1:96:40:fd:bd:ce:cd: 9a:99:37:2b:00:77:14:84:ea:cc:64:b4:d3:1f:56: d0:f0:a8:e0:8a:c9:ee:8c:e2:f8:a6:15:00:a1:e1: 7a:a6:6f:c0:47:77:34:50:13:5d:66:15:c4:8c:d2: 8d:3b:ee:5f:f5:62:d1:03:fd:22:3a:0b:9d:bc:c1: dd:a6:35:2d:cd:14:93:65:c1:2b:33:fd:ed:3c:19: 92:3a:83:2d:d4:a9:32:0a:9f:52:ea:fa:46:6c:dc: 0f:80:a7:d1:12:f8:e2:03:f0:dd:3e:10:63:ae:5f: 06:07:7e:44:04:66:87:68:0f:a6:f7:17:b4:43:fb: 65:5f:c9:45:1a:2e:b7:ec:40:d5:be:13:d8:6e:ee: 57:39:94:85:17:01:dc:9f:c9:b6:ee:b4:4d:68:2f: 6e:a6:76:b7:ae:7d:23:44:d5:2c:22:6e:e1:e3:b8: 08:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:31:89:B8:8F:F2:0C:02:11:97:86:02:3B:36:5F:F7:C3:FC:85:D2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:7000::/40 Signature Algorithm: sha256WithRSAEncryption 4e:19:2b:57:3b:01:0c:46:c7:0a:91:03:3b:ed:23:7c:3b:ca: b0:98:50:06:54:2d:1b:8d:18:b2:18:21:ac:6f:79:0c:0e:85: 8d:48:13:64:6d:ef:57:bb:7b:68:7a:c0:f1:ae:12:af:0d:f8: ed:7d:92:13:91:c1:a7:f1:f4:6b:c0:86:27:33:8a:08:61:ba: 59:97:6a:72:e7:fe:a2:7f:3a:f9:5f:c9:ea:22:a2:72:e9:d9: 5d:b7:ef:52:cc:37:e2:ee:3f:19:e5:2b:9f:b5:0f:1f:f6:14: e8:75:1d:9a:e0:7c:ac:2e:8b:40:c8:e0:fc:57:d4:df:86:41: 07:4f:2a:8a:66:0f:72:d5:6d:b2:7f:de:8e:79:7c:04:9e:c0: f0:2c:d4:0c:08:a9:78:43:79:c7:bb:2c:9e:44:88:12:c9:97: 09:ce:13:3a:0e:5d:75:86:eb:9e:73:44:e5:d7:a2:9d:70:30: 76:52:be:89:b9:45:be:54:5f:26:df:49:db:1e:97:52:c6:bc: bb:43:a6:74:2c:73:a3:af:70:0b:bf:1b:e9:06:76:a0:0a:49: 37:c4:b8:4d:85:d1:38:a4:8d:36:15:6b:89:34:c1:ad:5a:1e: 5d:94:63:e7:b3:be:3b:7f:1e:6d:b2:57:af:32:23:00:c0:c6: fd:7f:2c:dc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUENORz6BqgGxjnxDCy02qg3HemGEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxOTE1MDAyMFoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAMTczY2JhNTliMGFlYzMxNDRjNjlh ZmJhZjRjMmZmOTBlMDg4ZTljY2YwMTMwNDBkYjJmYzdjMTE2NmY4ODIwOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxd1nMYEsD0abU6RC+WzAVh7rqpfD GVaAryNK21poHAI4S/6Xe+E/LsZfl79BsoOtnqG3MIevtjYncR/TfPlTDO72L1rb fZ8jOEHBazEWwVGC/9GWQP29zs2amTcrAHcUhOrMZLTTH1bQ8KjgisnujOL4phUA oeF6pm/AR3c0UBNdZhXEjNKNO+5f9WLRA/0iOgudvMHdpjUtzRSTZcErM/3tPBmS OoMt1KkyCp9S6vpGbNwPgKfREvjiA/DdPhBjrl8GB35EBGaHaA+m9xe0Q/tlX8lF Gi637EDVvhPYbu5XOZSFFwHcn8m27rRNaC9upna3rn0jRNUsIm7h47gI2wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDcxibiP8gwCEZeGAjs2X/fD/IXSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRhNzViMmE3LTE1ZTUtNDUwMS1hYWFmLTQ3MzdhNjc4ZDk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaHAwDQYJKoZIhvcNAQELBQADggEBAE4ZK1c7AQxGxwqRAzvt I3w7yrCYUAZULRuNGLIYIaxveQwOhY1IE2Rt71e7e2h6wPGuEq8N+O19khORwafx 9GvAhiczighhulmXanLn/qJ/OvlfyeoionLp2V2371LMN+LuPxnlK5+1Dx/2FOh1 HZrgfKwui0DI4PxX1N+GQQdPKopmD3LVbbJ/3o55fASewPAs1AwIqXhDece7LJ5E iBLJlwnOEzoOXXWG655zROXXop1wMHZSvom5Rb5UXybfSdsel1LGvLtDpnQsc6Ov cAu/G+kGdqAKSTfEuE2F0TikjTYVa4k0wa1aHl2UY+ezvjt/Hm2yV68yIwDAxv1/ LNw= -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:41 2025 by rpki-client