$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d27c27f-a84f-4c44-b812-a96cb7c1af1e.roa File: 4d27c27f-a84f-4c44-b812-a96cb7c1af1e.roa (raw, json) Hash identifier: IJkAVsrMeWvyPgE6UM4CfZBPfO0dtbpdOCRzJ2Ew4wI= Subject key identifier: 0C:16:DD:BE:F2:2D:78:FE:20:C9:10:18:86:B8:AC:AD:54:59:2C:DE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 282B036398B04A5147E0DAE6488BB499B6325AE2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d27c27f-a84f-4c44-b812-a96cb7c1af1e.roa Signing time: Fri 16 May 2025 16:01:33 +0000 ROA not before: Fri 16 May 2025 16:01:33 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28:8000::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:2b:03:63:98:b0:4a:51:47:e0:da:e6:48:8b:b4:99:b6:32:5a:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 16:01:33 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=ad773acf8cd8b62a22b83b0099607de1aa91b127e963403cdcd5c344ae25694c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:31:59:27:31:54:53:e9:7c:34:f3:a3:12:50: 3f:c8:f7:4f:9f:4a:da:81:d0:64:72:0c:05:e3:29: d5:bf:f9:91:0b:f9:90:c3:2a:c6:85:28:68:15:81: b4:54:27:ab:82:49:18:95:a5:2d:3b:96:3a:b2:81: c5:4a:35:99:74:0c:03:e5:f4:c5:58:01:c7:97:fe: 05:70:2f:4b:6e:dd:5b:ab:e8:c4:21:70:1c:7a:6a: af:d9:ae:2e:49:e7:20:da:d0:2b:0a:3b:69:c9:75: 24:3b:ef:f1:41:23:b1:c1:e9:13:f8:a3:1f:29:00: 83:15:59:55:79:ae:16:ca:f5:f1:c0:2d:c9:b7:86: bd:e1:f5:09:ce:b3:6a:10:3b:54:26:b8:21:1e:39: 61:91:5d:17:24:f1:0a:9a:55:d3:06:95:6f:c2:a9: 10:1a:d8:c4:d1:2d:16:30:31:dc:5c:df:d4:59:81: 76:31:51:05:c8:41:e6:6b:d4:ba:29:be:a9:ca:2c: d1:1b:b4:9e:7e:51:c0:6b:a1:cf:b5:c4:8c:c2:95: c2:ce:ec:54:11:fd:02:2f:49:9a:0c:b5:a4:98:b5: ce:18:04:ee:2b:bf:a8:e2:41:04:1d:7a:d8:53:59: fe:13:bd:2c:89:ef:1c:83:8b:91:33:e3:22:26:d0: a3:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:16:DD:BE:F2:2D:78:FE:20:C9:10:18:86:B8:AC:AD:54:59:2C:DE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d27c27f-a84f-4c44-b812-a96cb7c1af1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28:8000::/37 Signature Algorithm: sha256WithRSAEncryption 3a:7e:ac:06:01:c2:ec:0a:51:1a:ab:41:21:2a:fe:d5:b5:f1: 74:f0:7b:34:38:1c:19:a8:97:df:5e:b3:53:ba:12:f2:e5:05: 4a:51:e3:34:e4:31:0b:d7:2a:a6:65:ca:4a:2f:90:17:de:0c: 4a:82:94:6a:73:ea:33:7e:61:6c:f6:ac:8f:69:25:a7:84:2e: de:a0:07:7f:ae:6b:0a:a6:98:e5:a6:ef:79:36:e9:90:5b:03: a6:1a:10:67:f0:2f:17:64:96:c0:bb:bc:d4:9b:28:99:80:e3: e3:05:7e:bd:fd:ad:75:8b:66:c7:d5:0a:71:2e:31:fd:5f:26: 44:56:63:79:6d:49:f0:9b:0d:b6:ee:d7:36:9f:db:c4:42:ae: bf:a3:af:19:87:92:b6:7f:b7:e5:8f:36:f5:94:e0:75:22:21: 8a:14:cd:6d:50:44:4d:b5:6b:40:e6:5a:d8:41:7c:ea:db:7c: a0:a5:c9:1d:e3:5f:e7:f6:40:9c:8e:85:63:74:ce:8e:9f:e9: 22:b3:f7:32:e0:89:0d:3f:5d:dd:a3:13:00:51:85:dc:a9:f5: ae:6d:5e:d2:cd:71:77:2f:cd:37:56:12:38:8c:12:d9:1e:91: 4b:fe:56:8c:f2:4f:74:5a:32:0c:12:2f:1d:bd:df:b4:17:90: 37:f3:8d:98 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKCsDY5iwSlFH4NrmSIu0mbYyWuIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE2MDEzM1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYWQ3NzNhY2Y4Y2Q4YjYyYTIyYjgz YjAwOTk2MDdkZTFhYTkxYjEyN2U5NjM0MDNjZGNkNWMzNDRhZTI1Njk0YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zFZJzFUU+l8NPOjElA/yPdPn0ra gdBkcgwF4ynVv/mRC/mQwyrGhShoFYG0VCergkkYlaUtO5Y6soHFSjWZdAwD5fTF WAHHl/4FcC9Lbt1bq+jEIXAcemqv2a4uSecg2tArCjtpyXUkO+/xQSOxwekT+KMf KQCDFVlVea4WyvXxwC3Jt4a94fUJzrNqEDtUJrghHjlhkV0XJPEKmlXTBpVvwqkQ GtjE0S0WMDHcXN/UWYF2MVEFyEHma9S6Kb6pyizRG7SeflHAa6HPtcSMwpXCzuxU Ef0CL0maDLWkmLXOGATuK7+o4kEEHXrYU1n+E70sie8cg4uRM+MiJtCjKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAwW3b7yLXj+IMkQGIa4rK1UWSzeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkMjdjMjdmLWE4NGYtNGM0NC1iODEyLWE5NmNiN2MxYWYxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYDJAbaKIAwDQYJKoZIhvcNAQELBQADggEBADp+rAYBwuwKURqrQSEq /tW18XTwezQ4HBmol99es1O6EvLlBUpR4zTkMQvXKqZlykovkBfeDEqClGpz6jN+ YWz2rI9pJaeELt6gB3+uawqmmOWm73k26ZBbA6YaEGfwLxdklsC7vNSbKJmA4+MF fr39rXWLZsfVCnEuMf1fJkRWY3ltSfCbDbbu1zaf28RCrr+jrxmHkrZ/t+WPNvWU 4HUiIYoUzW1QRE21a0DmWthBfOrbfKClyR3jX+f2QJyOhWN0zo6f6SKz9zLgiQ0/ Xd2jEwBRhdyp9a5tXtLNcXcvzTdWEjiMEtkekUv+VozyT3RaMgwSLx2937QXkDfz jZg= -----END CERTIFICATE-----Generated at Tue Jun 3 23:08:24 2025 by rpki-client