$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa File: 4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa (raw, json) Hash identifier: 9N8VRoWmd6wS1q/TCRC7isFMmeIxkixZqQerDZblWk0= Subject key identifier: 6E:20:01:87:E1:8F:94:33:E4:A2:99:B0:B0:37:F7:65:E3:6E:21:05 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 337E59677F5E5FE6CE13DD9D86CFE01DEFF2FE48 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa Signing time: Mon 19 May 2025 15:00:22 +0000 ROA not before: Mon 19 May 2025 15:00:22 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:7e:59:67:7f:5e:5f:e6:ce:13:dd:9d:86:cf:e0:1d:ef:f2:fe:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 19 15:00:22 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=62b4eb6549dd4417c92bf8a9a9a1b127b57f280fbe5a03412a5a2678371092e1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e3:e4:e0:d5:d7:85:14:05:ea:df:55:38:c4: 22:e0:86:d5:0e:26:4f:28:ac:a2:9e:f8:c8:db:14: ed:52:78:48:91:ee:d3:2d:6e:06:b7:2d:9d:7f:ce: 84:66:22:2d:02:85:6e:67:16:08:84:32:cb:fc:82: fe:16:01:5d:4b:d4:74:a9:05:0d:2b:41:48:52:b1: c2:d1:87:33:ce:37:8a:e5:24:d7:2b:72:12:5a:2f: f3:7c:c1:7b:dd:5a:67:d1:07:e6:a5:f7:5c:7a:9c: 03:f0:1b:84:be:20:25:34:cc:09:90:6b:6e:76:90: ca:b3:44:50:0b:92:1a:70:7f:db:ba:89:dd:04:5a: 0a:6f:6d:f8:d1:c7:ae:bd:36:8a:95:1b:34:ee:c7: ed:3a:11:8e:9e:e2:d5:3f:0c:e8:63:e9:93:95:bd: 2e:ab:94:70:32:be:4e:2a:5c:ef:fc:8d:ed:4f:b7: dc:72:b5:5a:dd:3c:0e:11:98:18:fe:7b:1a:5e:6e: 1d:61:74:63:e8:71:63:9b:1f:c5:3d:80:63:a4:97: 32:5b:6c:9c:20:b8:11:67:5f:3e:7a:04:3e:dd:ae: 17:1b:75:53:57:ab:19:0f:6e:86:3f:d0:57:a3:b3: 50:f5:f9:27:51:9a:b3:7b:2a:32:84:c8:08:07:ca: 9e:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:20:01:87:E1:8F:94:33:E4:A2:99:B0:B0:37:F7:65:E3:6E:21:05 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:4000::/40 Signature Algorithm: sha256WithRSAEncryption bd:11:89:b3:b4:89:1a:4a:ef:06:b3:2d:e4:62:88:3c:f8:1b: b5:38:cb:2e:ff:46:86:ea:52:7f:ef:22:d8:ce:e2:64:ea:ec: 35:94:7a:7c:bb:d0:23:ba:74:3f:75:53:b0:e1:6b:d8:ec:7d: 8b:79:a1:c7:ff:9e:8e:57:27:f4:6a:dd:48:aa:f3:b3:df:21: f1:c2:d3:ab:23:f9:a9:d4:cf:e0:65:21:23:2f:87:0d:10:3d: 2e:e3:0a:2b:72:a7:ad:12:c3:a8:27:ab:e1:d3:39:ca:cb:21: f6:e0:cd:7b:fa:6a:2f:30:20:0f:49:10:16:ba:11:bd:b1:08: 88:9c:13:60:5f:00:c8:1b:e7:7e:67:e5:cc:95:d4:7a:92:03: 20:15:86:de:e9:30:7a:2b:85:c0:6e:8c:7b:ef:74:25:81:31: b7:47:93:57:72:36:d2:15:58:24:83:69:02:bd:c1:b2:6c:ea: cc:4d:68:5b:57:55:d5:71:b9:da:30:32:ae:f3:15:fe:a9:78: 53:5d:8b:ce:f6:e0:1b:f6:4d:a7:87:95:47:29:21:a5:b2:f1: 3a:04:24:d8:91:66:9e:b7:8c:b3:bf:7a:e8:18:af:28:2b:76: ea:9c:21:1a:8f:8c:35:4e:9a:09:50:69:cc:1f:6e:58:58:25: 11:6e:d7:c0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM35ZZ39eX+bOE92dhs/gHe/y/kgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxOTE1MDAyMloX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNANjJiNGViNjU0OWRkNDQxN2M5MmJm OGE5YTlhMWIxMjdiNTdmMjgwZmJlNWEwMzQxMmE1YTI2NzgzNzEwOTJlMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+Pk4NXXhRQF6t9VOMQi4IbVDiZP KKyinvjI2xTtUnhIke7TLW4Gty2df86EZiItAoVuZxYIhDLL/IL+FgFdS9R0qQUN K0FIUrHC0YczzjeK5STXK3ISWi/zfMF73Vpn0QfmpfdcepwD8BuEviAlNMwJkGtu dpDKs0RQC5IacH/buondBFoKb2340ceuvTaKlRs07sftOhGOnuLVPwzoY+mTlb0u q5RwMr5OKlzv/I3tT7fccrVa3TwOEZgY/nsaXm4dYXRj6HFjmx/FPYBjpJcyW2yc ILgRZ18+egQ+3a4XG3VTV6sZD26GP9BXo7NQ9fknUZqzeyoyhMgIB8qeUQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG4gAYfhj5Qz5KKZsLA392XjbiEFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkNWE4NTEzLTIxZTUtNGFmNy1iMWI5LWU4NWJjOGUxNmViOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+kAwDQYJKoZIhvcNAQELBQADggEBAL0RibO0iRpK7wazLeRi iDz4G7U4yy7/RobqUn/vItjO4mTq7DWUeny70CO6dD91U7Dha9jsfYt5ocf/no5X J/Rq3Uiq87PfIfHC06sj+anUz+BlISMvhw0QPS7jCityp60Sw6gnq+HTOcrLIfbg zXv6ai8wIA9JEBa6Eb2xCIicE2BfAMgb535n5cyV1HqSAyAVht7pMHorhcBujHvv dCWBMbdHk1dyNtIVWCSDaQK9wbJs6sxNaFtXVdVxudowMq7zFf6peFNdi8724Bv2 TaeHlUcpIaWy8ToEJNiRZp63jLO/eugYrygrduqcIRqPjDVOmglQacwfblhYJRFu 18A= -----END CERTIFICATE-----Generated at Tue Jun 3 23:14:22 2025 by rpki-client