$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa File: 4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa (raw, json) Hash identifier: LRU/fJ6daDLEOiAa6+JaFq+DBEvFni2y/mhpSIqLcB0= Subject key identifier: 58:2F:D2:BF:58:6B:BC:34:33:D9:EF:8F:C1:CA:42:E6:45:D9:B3:B5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 586FEF3D6B00133411739D711AC0F60DB59A3126 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa Signing time: Wed 14 May 2025 00:50:48 +0000 ROA not before: Wed 14 May 2025 00:50:48 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:1080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:6f:ef:3d:6b:00:13:34:11:73:9d:71:1a:c0:f6:0d:b5:9a:31:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:50:48 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=6440ae28f1fb32d2b2af08cabc1b6cf2da69ddc38fd4efbb8f01fa2908b61985, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:74:ac:1e:ca:6a:39:e5:b7:1c:dc:64:d6:e0: 7e:1c:0c:49:a1:9c:b5:01:d7:fa:b5:34:60:40:a5: 8e:57:e8:4e:9d:d5:5c:f8:b6:f2:4c:e1:e0:61:14: 9a:d1:90:d4:4a:cd:9d:b5:54:80:e0:a1:a5:f4:99: 43:80:91:db:fe:28:86:be:39:9c:ab:ad:72:20:1e: 65:e7:e2:71:3d:9d:4b:4b:40:c3:df:26:1e:d0:21: 38:c0:69:c5:02:f6:fd:51:c9:02:82:6e:98:6e:81: ef:80:44:f2:72:52:4b:cd:8a:05:f0:46:f1:37:f8: c1:95:21:3e:15:3f:65:f2:25:75:62:71:8e:be:93: d1:64:80:c5:52:b4:70:1d:b4:57:f7:0d:4b:1f:4d: ac:1a:55:ee:e9:15:af:5e:15:6c:f3:27:b0:1e:78: ef:a3:a7:08:c6:3c:8c:32:42:39:f9:d4:6e:64:ce: 77:2d:a6:5f:d9:e8:2d:a2:b0:6e:7f:54:6d:a3:32: e9:f2:96:b8:09:16:8c:8a:c3:43:ee:02:5f:ef:54: 23:59:42:a7:fc:2b:1e:44:a9:1b:e1:56:ab:1c:02: 0d:8e:d3:ed:75:c6:bb:d8:89:04:de:de:69:43:e1: e7:1e:ad:4c:01:05:f5:df:61:e3:25:33:d8:a3:1a: 68:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:2F:D2:BF:58:6B:BC:34:33:D9:EF:8F:C1:CA:42:E6:45:D9:B3:B5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:1080::/48 Signature Algorithm: sha256WithRSAEncryption 68:bf:c1:a6:85:ed:b8:d9:92:c6:f4:19:a2:ea:a7:d8:6b:5c: 9f:21:7c:75:69:ba:68:69:27:94:e7:ea:28:b0:2f:bf:67:75: 50:b1:0f:22:f0:0d:54:35:be:d2:47:fb:4c:fe:6c:82:74:0e: e3:4a:c1:d7:6a:07:27:46:b6:bb:b1:0d:fa:f3:5e:1b:0a:63: 07:2e:1c:83:67:23:68:10:03:be:02:b6:96:c7:9b:d1:49:11: d7:b0:a1:0e:c0:d8:e9:96:93:57:c6:51:47:9e:bb:7a:69:a7: fc:89:75:a8:ff:2c:bc:41:7e:2f:16:75:ed:0a:d6:89:87:2e: 00:cf:8d:99:44:6f:9e:83:2f:2a:39:94:b0:45:41:3b:e9:ea: 57:49:cb:cd:00:88:93:06:c5:5f:bb:76:f8:94:61:1e:39:4e: e1:eb:05:fa:88:a1:2c:0d:f8:8d:9f:c3:3c:48:29:83:be:cf: 50:37:15:01:58:8b:ae:f6:e7:fd:06:68:38:fc:74:d3:7e:3b: 01:c2:63:c9:0e:61:2c:d1:f2:e4:0c:01:5f:b7:bc:04:c8:20: b9:2d:b0:f1:36:5f:b8:46:31:be:fc:59:6e:93:40:32:45:74: f0:b9:c9:f4:a3:1d:89:1b:09:3f:7c:ab:5d:a1:ab:b0:16:a5: fe:c2:df:c7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWG/vPWsAEzQRc51xGsD2DbWaMSYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwNTA0OFoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNANjQ0MGFlMjhmMWZiMzJkMmIyYWYw OGNhYmMxYjZjZjJkYTY5ZGRjMzhmZDRlZmJiOGYwMWZhMjkwOGI2MTk4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHSsHspqOeW3HNxk1uB+HAxJoZy1 Adf6tTRgQKWOV+hOndVc+LbyTOHgYRSa0ZDUSs2dtVSA4KGl9JlDgJHb/iiGvjmc q61yIB5l5+JxPZ1LS0DD3yYe0CE4wGnFAvb9UckCgm6YboHvgETyclJLzYoF8Ebx N/jBlSE+FT9l8iV1YnGOvpPRZIDFUrRwHbRX9w1LH02sGlXu6RWvXhVs8yewHnjv o6cIxjyMMkI5+dRuZM53LaZf2egtorBuf1RtozLp8pa4CRaMisND7gJf71QjWUKn /CseRKkb4VarHAINjtPtdca72IkE3t5pQ+HnHq1MAQX132HjJTPYoxpooQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFgv0r9Ya7w0M9nvj8HKQuZF2bO1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjMDFkMGI3LWEzNmMtNGZkNC04NzYzLTVjZmZhZTk2YmM2YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaABCAMA0GCSqGSIb3DQEBCwUAA4IBAQBov8Gmhe242ZLG9Bmi 6qfYa1yfIXx1abpoaSeU5+oosC+/Z3VQsQ8i8A1UNb7SR/tM/myCdA7jSsHXagcn Rra7sQ36814bCmMHLhyDZyNoEAO+AraWx5vRSRHXsKEOwNjplpNXxlFHnrt6aaf8 iXWo/yy8QX4vFnXtCtaJhy4Az42ZRG+egy8qOZSwRUE76epXScvNAIiTBsVfu3b4 lGEeOU7h6wX6iKEsDfiNn8M8SCmDvs9QNxUBWIuu9uf9Bmg4/HTTfjsBwmPJDmEs 0fLkDAFft7wEyCC5LbDxNl+4RjG+/Fluk0AyRXTwucn0ox2JGwk/fKtdoauwFqX+ wt/H -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:24 2025 by rpki-client