$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa File: 4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa (raw, json) Hash identifier: VSfDvjk58fvsIdE+E4EE9eOSEGk/iYQO7CJn3hr0ENE= Subject key identifier: 65:DF:F1:42:53:37:03:20:29:F0:54:70:1C:C4:AF:53:1A:6A:B8:28 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 14EC74EFF081A1394A3E69BD18BB232BF6B4BEC4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa Signing time: Sat 29 Mar 2025 00:01:29 +0000 ROA not before: Sat 29 Mar 2025 00:01:29 +0000 ROA not after: Sat 03 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:ec:74:ef:f0:81:a1:39:4a:3e:69:bd:18:bb:23:2b:f6:b4:be:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 29 00:01:29 2025 GMT Not After : May 3 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b4:3d:82:32:06:66:bc:f6:11:26:fb:a0:b3: 87:ab:03:90:fb:86:21:9e:00:46:cb:38:d6:0b:9a: 7f:a1:e9:82:2a:ef:78:08:0c:5d:a8:d1:8f:8f:20: b7:89:12:df:9a:97:28:bc:6c:9a:02:3c:3c:bd:65: e3:3b:2a:79:3b:40:09:77:fc:c6:01:06:71:07:88: 59:4b:bd:81:fb:43:1b:24:81:65:02:3c:84:1e:3d: e7:b5:e0:28:6d:f8:2b:92:81:9c:5c:91:7d:13:61: 22:47:7c:0e:ab:4b:86:b3:64:81:b7:15:05:cc:91: 88:5b:f6:2f:8f:23:d1:f8:f7:33:2b:88:85:92:a9: be:84:59:a0:b1:63:25:13:20:4c:38:c0:03:7a:02: 6d:0a:ef:de:d9:33:93:2a:d7:61:62:3a:32:f4:aa: c3:ad:62:a9:23:dd:68:93:fb:c1:f4:0e:b4:2b:47: 33:c1:27:d8:b2:19:7c:01:7b:16:c6:09:92:f5:be: 3c:32:f3:0a:4d:8d:87:8d:73:52:56:93:77:f4:a2: 60:bb:f2:26:e3:e9:da:75:ff:23:9d:4c:8c:48:11: 03:8b:48:09:1d:eb:0d:43:76:a2:66:53:b5:33:d2: 5a:6e:8b:9e:61:54:da:10:ae:1f:3f:48:5b:48:5a: 1a:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:DF:F1:42:53:37:03:20:29:F0:54:70:1C:C4:AF:53:1A:6A:B8:28 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 9d:52:87:57:92:88:5d:b6:b0:3f:a1:ff:5a:bc:74:b3:53:66: 44:28:0b:5f:aa:f9:b4:c0:52:2f:38:c5:33:3a:4e:24:26:62: 24:e4:9c:ee:a7:5b:df:2b:f8:24:fe:28:8c:64:fe:4a:71:9d: 88:d6:9e:03:48:05:e2:e6:f4:8e:64:69:67:f7:2b:67:32:a1: fd:65:19:94:e0:c9:bd:36:eb:5a:b6:48:08:1b:e2:b5:39:c6: dc:8a:36:2c:c3:4b:4d:37:14:1e:48:8c:04:f1:b6:cb:52:33: a8:d8:b7:ee:53:f8:68:5b:8b:73:fe:34:c4:46:ba:ef:1d:d7: 3c:e5:fe:1c:23:3b:05:58:56:97:20:77:06:03:ce:f7:13:89: ee:b2:24:b5:c9:eb:88:8c:b7:7d:fa:f7:5f:20:a9:7c:21:df: 8b:5e:62:32:de:58:63:b5:65:10:6e:34:fb:d8:d2:52:c3:86: a6:42:e2:4f:15:46:65:a4:8c:3b:66:1a:94:3e:9e:b8:14:df: 61:c2:8d:df:da:68:ce:29:4c:1d:c6:d6:29:25:36:20:24:c1: b2:b0:88:95:eb:4a:20:77:c2:53:66:04:fc:df:27:41:1b:46: dd:9d:a9:cc:4a:77:20:0c:c7:ce:5d:42:86:40:01:32:db:75: 1a:e3:20:0c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFOx07/CBoTlKPmm9GLsjK/a0vsQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyOTAwMDEyOVoX DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAYWQ2ODE1Mjg1N2E0NjY0ZTU4NTZj YTczNDAyOTc5YjI1MmNjZTI3NzIzYWQzMWNkNWFkNzI4ZmU1OWU5NzhkMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrQ9gjIGZrz2ESb7oLOHqwOQ+4Yh ngBGyzjWC5p/oemCKu94CAxdqNGPjyC3iRLfmpcovGyaAjw8vWXjOyp5O0AJd/zG AQZxB4hZS72B+0MbJIFlAjyEHj3nteAobfgrkoGcXJF9E2EiR3wOq0uGs2SBtxUF zJGIW/YvjyPR+PczK4iFkqm+hFmgsWMlEyBMOMADegJtCu/e2TOTKtdhYjoy9KrD rWKpI91ok/vB9A60K0czwSfYshl8AXsWxgmS9b48MvMKTY2HjXNSVpN39KJgu/Im 4+nadf8jnUyMSBEDi0gJHesNQ3aiZlO1M9JaboueYVTaEK4fP0hbSFoa5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGXf8UJTNwMgKfBUcBzEr1MaargoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkNWE4NTEzLTIxZTUtNGFmNy1iMWI5LWU4NWJjOGUxNmViOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+kAwDQYJKoZIhvcNAQELBQADggEBAJ1Sh1eSiF22sD+h/1q8 dLNTZkQoC1+q+bTAUi84xTM6TiQmYiTknO6nW98r+CT+KIxk/kpxnYjWngNIBeLm 9I5kaWf3K2cyof1lGZTgyb0261q2SAgb4rU5xtyKNizDS003FB5IjATxtstSM6jY t+5T+Ghbi3P+NMRGuu8d1zzl/hwjOwVYVpcgdwYDzvcTie6yJLXJ64iMt336918g qXwh34teYjLeWGO1ZRBuNPvY0lLDhqZC4k8VRmWkjDtmGpQ+nrgU32HCjd/aaM4p TB3G1iklNiAkwbKwiJXrSiB3wlNmBPzfJ0EbRt2dqcxKdyAMx85dQoZAATLbdRrj IAw= -----END CERTIFICATE-----Generated at Sat Apr 5 10:52:33 2025 by rpki-client