$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa File: 64aa810d-cc7f-45fe-b794-d290c3a511c5.roa (raw, json) Hash identifier: +He7eHL51PGfBfvMPzKsEDMZyoyUXN2zB4KCof/6MFI= Subject key identifier: 63:4D:0B:ED:80:C8:5F:79:47:4D:D7:08:1F:78:48:7A:22:2D:C2:69 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 791A1897C82313D7E544C54EFB38EAFBC5A438CA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa Signing time: Wed 26 Mar 2025 00:02:02 +0000 ROA not before: Wed 26 Mar 2025 00:02:02 +0000 ROA not after: Wed 30 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:1a:18:97:c8:23:13:d7:e5:44:c5:4e:fb:38:ea:fb:c5:a4:38:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 26 00:02:02 2025 GMT Not After : Apr 30 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:8a:27:6d:03:e9:34:c2:ae:9e:2c:f6:f8:98: 6b:5e:c6:b6:1a:d3:65:9e:fc:48:b1:37:02:d6:2c: 6e:af:b8:1a:53:bd:e4:5e:1d:ec:1b:05:e5:53:1e: 59:3c:d8:49:0e:12:c0:42:35:95:10:d6:4b:5a:39: 7c:f7:02:57:b6:a8:71:06:d2:d1:9f:14:97:bc:8f: b6:73:84:bd:80:66:f6:52:a4:c6:0d:5c:0b:6f:5e: fb:e1:18:66:10:3a:d4:05:ce:c4:42:26:ee:47:02: 24:25:52:2c:2c:e9:07:85:2b:87:42:53:e9:b2:b7: e5:af:f3:87:2f:f2:21:74:e4:03:5f:a0:c7:24:da: dc:71:5e:68:3a:fd:e8:6f:3b:17:b2:95:ee:b6:45: 58:29:e1:c1:ed:e9:cb:54:33:9e:1d:03:c7:bf:8c: 7d:c6:66:22:85:1c:35:b0:e3:08:9b:44:ab:6d:ff: 8e:b3:31:05:15:d9:97:c5:6a:35:ae:46:9c:c2:c4: ed:c2:85:fb:57:8c:ee:27:8b:e7:95:14:7c:ad:13: eb:a2:51:99:42:87:7c:3f:85:90:e0:ca:ec:dc:8b: 30:5d:72:b3:7e:d6:19:37:c7:42:40:7f:c6:05:aa: 1d:64:ce:12:ad:38:43:91:0b:e1:04:cb:76:2a:f7: e6:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:4D:0B:ED:80:C8:5F:79:47:4D:D7:08:1F:78:48:7A:22:2D:C2:69 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:e000::/40 Signature Algorithm: sha256WithRSAEncryption 3b:8b:9d:04:6a:be:4e:34:2e:59:8f:3d:0e:34:5a:51:52:57: b6:f2:66:39:bb:82:8d:d2:c3:5e:13:85:e4:3b:c7:4b:28:ed: d3:f5:52:5f:25:03:ce:37:1e:48:94:24:89:b6:bc:24:26:5f: 3e:f2:71:66:68:e6:47:5c:17:38:2c:3d:80:c0:21:73:0f:52: 08:9e:6a:6b:25:ed:7a:e1:84:84:f2:1d:ae:08:45:de:31:72: 54:47:78:f1:4d:26:17:e1:bb:9f:b5:ed:96:f4:09:93:8f:ac: b8:7c:50:fc:65:97:0f:24:ab:2c:c3:38:32:44:7d:cf:4e:59: e4:ac:4d:e6:e7:fe:30:d8:7a:cc:3f:f9:b0:6b:dc:05:f2:2e: b1:12:0d:d1:e8:a0:25:be:81:bc:fb:51:58:86:47:65:17:5b: 5e:51:c0:74:42:7c:13:8a:d6:98:08:99:02:d4:2d:8c:ee:16: a6:72:a6:7c:c1:d0:27:24:2c:b5:70:45:50:e0:d2:ed:87:63: 48:fd:56:4a:24:93:a2:49:23:27:a3:2d:85:a2:51:dc:8b:7b: ba:ec:8a:90:13:83:2e:68:80:4e:cf:a6:d7:bd:bc:1c:b5:e8: ed:cb:91:09:89:f0:cd:08:6e:ef:e3:30:7d:2b:d1:70:24:52: a3:58:08:e3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeRoYl8gjE9flRMVO+zjq+8WkOMowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDIwMloX DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAOWExNjE2M2M3Mjg2MTc5ZWYxYzI4 MDQ3OTM0YjNlNjUxMjE1YmQ4MDE2N2JiOThiMTgxN2U1ZDMwMWRjOTE0YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4onbQPpNMKuniz2+JhrXsa2GtNl nvxIsTcC1ixur7gaU73kXh3sGwXlUx5ZPNhJDhLAQjWVENZLWjl89wJXtqhxBtLR nxSXvI+2c4S9gGb2UqTGDVwLb1774RhmEDrUBc7EQibuRwIkJVIsLOkHhSuHQlPp srflr/OHL/IhdOQDX6DHJNrccV5oOv3obzsXspXutkVYKeHB7enLVDOeHQPHv4x9 xmYihRw1sOMIm0Srbf+OszEFFdmXxWo1rkacwsTtwoX7V4zuJ4vnlRR8rRProlGZ Qod8P4WQ4Mrs3IswXXKzftYZN8dCQH/GBaodZM4SrThDkQvhBMt2KvfmAQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGNNC+2AyF95R03XCB94SHoiLcJpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY0YWE4MTBkLWNjN2YtNDVmZS1iNzk0LWQyOTBjM2E1MTFjNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8eAwDQYJKoZIhvcNAQELBQADggEBADuLnQRqvk40LlmPPQ40 WlFSV7byZjm7go3Sw14TheQ7x0so7dP1Ul8lA843HkiUJIm2vCQmXz7ycWZo5kdc FzgsPYDAIXMPUgieamsl7XrhhITyHa4IRd4xclRHePFNJhfhu5+17Zb0CZOPrLh8 UPxllw8kqyzDODJEfc9OWeSsTebn/jDYesw/+bBr3AXyLrESDdHooCW+gbz7UViG R2UXW15RwHRCfBOK1pgImQLULYzuFqZypnzB0CckLLVwRVDg0u2HY0j9Vkokk6JJ IyejLYWiUdyLe7rsipATgy5ogE7Ppte9vBy16O3LkQmJ8M0Ibu/jMH0r0XAkUqNY COM= -----END CERTIFICATE-----Generated at Sat Apr 5 10:53:32 2025 by rpki-client