$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/63206b2b-d620-415f-9dee-e3c63ab27be0.roa File: 63206b2b-d620-415f-9dee-e3c63ab27be0.roa (raw, json) Hash identifier: wnxg2uv6zP7FVcSLOlxKhlQ9X7dvxDqLD7q+j4pP5fI= Subject key identifier: D5:0D:FA:45:C1:BE:8C:5E:E3:63:E1:95:20:50:B4:EA:CE:C2:A8:CE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 75B08946C92E397C47DCCF71DB104D194B49EBEE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/63206b2b-d620-415f-9dee-e3c63ab27be0.roa Signing time: Sat 22 Mar 2025 00:01:10 +0000 ROA not before: Sat 22 Mar 2025 00:01:10 +0000 ROA not after: Sat 26 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:8000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:b0:89:46:c9:2e:39:7c:47:dc:cf:71:db:10:4d:19:4b:49:eb:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 22 00:01:10 2025 GMT Not After : Apr 26 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1d:b5:de:08:c6:2a:44:21:5f:01:5d:6d:51: 0e:84:95:e1:f5:c6:b5:63:6b:b4:18:44:18:32:eb: e0:eb:78:7d:d7:4c:f7:d9:b5:67:ba:c3:2f:4c:46: f7:d9:e0:1f:81:05:1e:a9:c4:77:06:bb:3e:a8:64: 4b:55:1c:b6:ca:84:07:11:bf:c7:d7:3e:ff:ea:3d: 69:00:e5:3b:0b:c0:4e:81:a4:a7:67:49:52:4d:fc: b5:c5:74:5e:45:e9:2d:ff:72:ff:a4:b3:06:4f:a1: b5:8d:21:66:26:fd:79:1e:dc:5f:e1:9a:97:29:e2: ab:4f:d5:72:c6:ef:9c:b3:cd:cb:ca:85:37:39:4b: 56:f4:32:e9:10:58:ad:d8:07:87:44:0e:c6:08:d5: f1:37:fd:bd:27:a8:f6:06:63:61:4d:ec:26:82:41: 3e:40:25:c9:f7:2c:d4:c6:f1:95:cb:09:73:a5:b8: fe:dc:d6:2a:c1:a9:e2:c8:0d:24:2b:c3:b4:bf:aa: 6e:bb:a4:60:57:b7:e6:b7:81:7b:16:80:82:2b:d9: 7a:34:34:d8:ea:f9:30:2c:a4:58:90:a7:20:2b:73: d6:a6:69:dc:eb:15:0a:2d:b8:6c:52:50:db:97:0a: 84:b3:bf:6c:3b:be:1a:7d:2f:15:8f:b0:9c:b5:cf: a6:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:0D:FA:45:C1:BE:8C:5E:E3:63:E1:95:20:50:B4:EA:CE:C2:A8:CE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/63206b2b-d620-415f-9dee-e3c63ab27be0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:8000::/48 Signature Algorithm: sha256WithRSAEncryption 89:0e:cf:52:04:4b:11:60:8c:81:17:6f:6b:91:db:5e:50:8b: bc:83:04:0a:c4:80:95:44:da:04:a6:c0:56:93:fb:f6:27:7f: 6e:68:5b:4f:75:79:89:dc:77:c8:cf:29:c8:8b:d0:b9:d2:51: 83:15:fb:10:6e:8d:e9:5a:f0:87:16:84:27:e2:60:46:a3:79: f9:b2:2a:48:9b:46:53:df:73:8d:74:81:a3:26:b3:12:4d:42: d6:15:2f:94:2a:ad:01:d9:1d:f2:48:54:58:06:6d:e7:e0:4a: 71:0d:cc:de:dd:44:96:58:de:f6:a0:b5:de:f3:ed:82:38:81: c8:fb:68:9f:e2:21:d0:5e:55:95:7b:30:d1:48:ee:6a:69:76: 87:91:45:6d:0f:c6:5c:dc:db:2a:82:5f:e2:6a:a1:eb:5c:65: 61:ad:6a:7f:7e:92:50:07:55:11:2e:66:7c:57:60:05:2e:76: ba:70:e3:0d:a9:87:26:b8:91:7c:52:aa:39:a8:74:73:d1:ee: 65:3a:f7:27:0d:1d:58:60:c4:6d:42:82:6c:52:b3:c0:ba:e5: 02:9e:fc:1b:8c:ca:46:0d:7e:8f:e2:62:6b:e2:f8:de:c1:b0: 09:f0:a1:7a:55:50:c7:bb:d1:da:4f:4b:5d:9d:84:98:a0:37: e1:bf:79:03 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdbCJRskuOXxH3M9x2xBNGUtJ6+4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMjAwMDExMFoX DTI1MDQyNjIzNTk1OVowejFJMEcGA1UEBRNAOTk3MmE0OTI4ZGJlYzU2ZDllODgy YjVlNDU3NjczOWM5ODUwOGVkMWE3MmJmNDg3OTc3Njk5MmZiOTQzYzJlNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx213gjGKkQhXwFdbVEOhJXh9ca1 Y2u0GEQYMuvg63h910z32bVnusMvTEb32eAfgQUeqcR3Brs+qGRLVRy2yoQHEb/H 1z7/6j1pAOU7C8BOgaSnZ0lSTfy1xXReRekt/3L/pLMGT6G1jSFmJv15Htxf4ZqX KeKrT9Vyxu+cs83LyoU3OUtW9DLpEFit2AeHRA7GCNXxN/29J6j2BmNhTewmgkE+ QCXJ9yzUxvGVywlzpbj+3NYqwaniyA0kK8O0v6puu6RgV7fmt4F7FoCCK9l6NDTY 6vkwLKRYkKcgK3PWpmnc6xUKLbhsUlDblwqEs79sO74afS8Vj7Cctc+mVQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNUN+kXBvoxe42PhlSBQtOrOwqjOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYzMjA2YjJiLWQ2MjAtNDE1Zi05ZGVlLWUzYzYzYWIyN2JlMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9oAAMA0GCSqGSIb3DQEBCwUAA4IBAQCJDs9SBEsRYIyBF29r kdteUIu8gwQKxICVRNoEpsBWk/v2J39uaFtPdXmJ3HfIzynIi9C50lGDFfsQbo3p WvCHFoQn4mBGo3n5sipIm0ZT33ONdIGjJrMSTULWFS+UKq0B2R3ySFRYBm3n4Epx Dcze3USWWN72oLXe8+2COIHI+2if4iHQXlWVezDRSO5qaXaHkUVtD8Zc3Nsqgl/i aqHrXGVhrWp/fpJQB1URLmZ8V2AFLna6cOMNqYcmuJF8Uqo5qHRz0e5lOvcnDR1Y YMRtQoJsUrPAuuUCnvwbjMpGDX6P4mJr4vjewbAJ8KF6VVDHu9HaT0tdnYSYoDfh v3kD -----END CERTIFICATE-----Generated at Sat Apr 5 10:57:18 2025 by rpki-client