$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa File: 542149ac-13e8-419c-b3c9-46274c8943df.roa (raw, json) Hash identifier: LK6xbSPdcVBW3OBLhDHTqA1W6bF2x9TdHSvaYyg9jds= Subject key identifier: 41:A1:6F:BE:8E:13:54:04:68:5E:E8:FD:0D:D9:9E:E1:CF:93:AF:62 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7F88ED833F768F5A716BB0C811C249E1BAE45B6B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa Signing time: Fri 16 May 2025 00:50:19 +0000 ROA not before: Fri 16 May 2025 00:50:19 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:8c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:88:ed:83:3f:76:8f:5a:71:6b:b0:c8:11:c2:49:e1:ba:e4:5b:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:50:19 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=8fc3f8883ceb1ade523a44e29343d28ba97af2b5e8319aee16486ff7a3b44740, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:8b:4b:30:45:ee:a5:87:e0:4e:22:f2:2f:5b: 14:90:29:21:ec:c6:81:48:61:52:25:67:2d:8a:27: 65:e2:f0:26:ce:13:36:9b:84:87:5e:b7:c9:c6:7a: 9c:91:e9:86:07:0e:e6:11:93:a9:d5:84:cb:03:e8: a9:5b:4c:f2:b7:d4:07:e1:be:91:5c:71:fb:df:3f: 90:0b:81:6e:5d:f5:30:78:8a:a1:b5:af:89:89:8c: 8f:85:b3:19:2e:b6:53:2c:3e:07:0a:ff:1c:6f:59: 98:ee:fa:66:5b:82:73:83:55:07:7b:8b:6a:0a:5a: 0f:65:47:cb:d8:fb:1b:6a:45:b5:af:6c:19:6f:83: db:2f:5b:95:86:78:e6:84:a7:a1:4f:da:ba:36:d9: 2d:66:5a:2c:da:21:5a:d3:d6:36:b8:66:5d:fa:64: 0c:46:75:ec:19:f7:24:ea:70:a8:ba:80:64:3a:07: 59:90:b3:a0:4a:29:2e:6b:b9:bc:72:27:73:23:ac: 1b:4b:fe:02:5f:ab:2c:47:ed:3c:4d:32:79:15:66: 3c:69:1e:e0:f4:86:68:e7:e0:21:8f:c8:11:b7:a4: c9:33:05:27:82:f1:1c:43:3b:cb:f8:95:af:07:97: fe:34:1c:40:3f:8a:20:83:94:7f:89:39:bf:9e:0d: a7:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:A1:6F:BE:8E:13:54:04:68:5E:E8:FD:0D:D9:9E:E1:CF:93:AF:62 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:8c0::/46 Signature Algorithm: sha256WithRSAEncryption c9:c7:39:3e:cc:35:e5:74:a4:62:25:9e:dc:11:9e:57:f9:4b: fc:5e:4d:c8:e5:bf:32:31:8f:0d:34:58:07:92:5e:0a:43:48: 98:82:74:cf:40:ce:5d:02:46:35:53:81:48:48:53:fc:1c:cf: da:f0:b4:64:be:2f:78:1d:54:63:35:f9:6d:f0:6c:69:b7:42: 83:26:57:3a:67:8b:86:ee:cf:51:ea:8d:43:ed:6d:11:13:cf: 24:f1:f8:7f:f0:e8:81:fd:ba:65:42:b8:36:4c:64:66:6b:c3: 12:15:4d:02:21:97:ff:87:55:c0:67:53:9b:29:7f:55:fb:63: 02:d6:e7:84:45:8f:29:4a:f9:19:e1:2f:97:38:3f:cb:ff:61: aa:7a:f4:16:50:70:ed:9c:cd:7e:32:7c:86:bf:d5:ee:fe:6a: ea:c9:67:29:6c:84:3b:52:97:da:2b:d9:7e:09:ec:57:6b:89: c6:f8:91:42:80:ae:a0:67:a4:d5:9d:c6:1e:c2:11:4a:83:7f: b6:e2:0c:85:55:0c:e8:6b:c5:d5:55:5f:31:97:41:31:70:55: 53:cb:76:41:1f:b1:5f:fc:54:1c:5d:48:e3:a4:8e:41:2f:3f: 4e:84:1a:e0:72:69:11:7f:4d:6d:9c:5b:f0:7e:e4:1c:d3:e5: e4:26:78:15 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUf4jtgz92j1pxa7DIEcJJ4brkW2swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNTAxOVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAOGZjM2Y4ODgzY2ViMWFkZTUyM2E0 NGUyOTM0M2QyOGJhOTdhZjJiNWU4MzE5YWVlMTY0ODZmZjdhM2I0NDc0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24tLMEXupYfgTiLyL1sUkCkh7MaB SGFSJWctiidl4vAmzhM2m4SHXrfJxnqckemGBw7mEZOp1YTLA+ipW0zyt9QH4b6R XHH73z+QC4FuXfUweIqhta+JiYyPhbMZLrZTLD4HCv8cb1mY7vpmW4Jzg1UHe4tq CloPZUfL2PsbakW1r2wZb4PbL1uVhnjmhKehT9q6NtktZlos2iFa09Y2uGZd+mQM RnXsGfck6nCouoBkOgdZkLOgSikua7m8cidzI6wbS/4CX6ssR+08TTJ5FWY8aR7g 9IZo5+Ahj8gRt6TJMwUngvEcQzvL+JWvB5f+NBxAP4ogg5R/iTm/ng2nDQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEGhb76OE1QEaF7o/Q3ZnuHPk69iMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0MjE0OWFjLTEzZTgtNDE5Yy1iM2M5LTQ2Mjc0Yzg5NDNkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaQjAMA0GCSqGSIb3DQEBCwUAA4IBAQDJxzk+zDXldKRiJZ7c EZ5X+Uv8Xk3I5b8yMY8NNFgHkl4KQ0iYgnTPQM5dAkY1U4FISFP8HM/a8LRkvi94 HVRjNflt8Gxpt0KDJlc6Z4uG7s9R6o1D7W0RE88k8fh/8OiB/bplQrg2TGRma8MS FU0CIZf/h1XAZ1ObKX9V+2MC1ueERY8pSvkZ4S+XOD/L/2GqevQWUHDtnM1+MnyG v9Xu/mrqyWcpbIQ7UpfaK9l+CexXa4nG+JFCgK6gZ6TVncYewhFKg3+24gyFVQzo a8XVVV8xl0ExcFVTy3ZBH7Ff/FQcXUjjpI5BLz9OhBrgcmkRf01tnFvwfuQc0+Xk JngV -----END CERTIFICATE-----Generated at Tue Jun 3 23:34:44 2025 by rpki-client