$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa File: 67b122dd-c584-4c2f-ac76-fb1a660b79da.roa (raw, json) Hash identifier: ydDaBdpiv9o4WHZQMdYOm4VYqDDQ/y0oH0MsOw1rkmM= Subject key identifier: FB:C9:E5:AF:1D:63:A1:C9:A3:91:F4:72:DE:E0:AB:37:74:0C:57:C4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0138B255F007FEB23362B02FA673830A7FD2CB3C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa Signing time: Tue 18 Mar 2025 00:00:09 +0000 ROA not before: Tue 18 Mar 2025 00:00:09 +0000 ROA not after: Tue 22 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:38:b2:55:f0:07:fe:b2:33:62:b0:2f:a6:73:83:0a:7f:d2:cb:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 18 00:00:09 2025 GMT Not After : Apr 22 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:fc:0e:64:e7:21:33:19:28:94:da:4a:0f:77: cc:49:71:82:c4:63:90:90:5b:21:28:58:23:e6:b4: bb:92:3b:32:21:9f:bc:43:37:8f:d6:a8:81:b7:6f: 27:f5:58:6d:c1:a7:c3:c7:be:10:40:5e:c5:0e:2d: d5:02:02:dd:f3:a0:aa:c2:33:76:23:ad:c1:09:ae: 78:c2:b7:f3:16:ac:c6:03:c3:6a:e0:a0:ee:a5:e9: 79:aa:83:c2:44:cb:52:53:08:a4:1e:bf:74:0a:23: 1d:53:54:1a:b3:92:63:8b:a0:d1:f4:7e:58:b9:e6: e3:ae:f2:cf:e7:27:92:a9:5a:69:36:83:c1:82:d7: 6c:5a:35:f1:92:f6:22:db:63:93:27:92:d7:4b:80: fb:b0:5b:3e:22:66:47:6e:fc:47:1c:31:3c:cb:bf: 7a:be:35:00:f9:da:cd:01:49:3d:1d:8b:fd:d1:02: 87:b4:05:64:ed:7c:41:f1:0a:4a:03:1f:cb:fc:4b: e1:e7:d2:f3:bb:98:bb:03:31:00:4a:c0:38:bf:0d: 1d:a6:75:24:a7:60:06:39:a7:53:ad:55:87:d6:c2: 2f:7f:c7:f1:5d:85:16:d8:07:e4:23:41:11:38:c5: cb:15:97:a9:6a:00:c6:fe:47:b6:f9:28:b2:9e:e6: dc:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:C9:E5:AF:1D:63:A1:C9:A3:91:F4:72:DE:E0:AB:37:74:0C:57:C4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28::/36 Signature Algorithm: sha256WithRSAEncryption 19:fa:09:cc:fb:40:28:12:1f:22:0f:73:95:a4:b1:87:78:07: d0:85:56:48:be:d4:6e:9b:4d:34:72:44:c8:93:c7:c1:db:20: 1f:ef:67:c0:b0:c8:d2:b2:14:be:a2:88:42:ed:b8:4b:e4:67: 97:a5:ab:0a:1f:d3:6c:44:92:31:02:6a:40:35:56:05:62:4f: b3:34:c5:c7:be:db:0b:5e:d4:bd:36:da:fa:8a:0d:fd:66:53: 09:e6:3d:9d:4c:25:2f:ca:93:6c:a7:89:71:76:57:79:00:91: 51:94:0e:60:57:f4:96:2c:cd:a5:8b:6a:49:5d:92:26:50:e1: 49:c6:ae:a5:bb:1e:97:64:3a:19:b3:ea:e6:07:d3:c6:70:bc: 02:6b:2e:5b:37:9a:55:9f:80:35:e6:a6:ad:3a:a3:04:d2:b0: 35:d7:62:fd:57:64:6f:ef:a6:7c:35:52:cb:26:ce:fe:a1:c7: 93:97:f0:6a:96:dd:da:ec:1b:4c:37:cf:57:de:15:e5:a9:4c: f1:d7:c5:67:e1:79:c7:3f:81:f1:8b:fc:91:bb:63:b5:04:99: 79:01:de:d0:7c:f4:68:f6:bc:23:c2:60:f5:d1:3a:e9:9d:0a: 5d:df:c1:18:de:ad:eb:d2:42:9b:03:b8:44:08:91:1d:6f:28: 67:b1:97:fc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUATiyVfAH/rIzYrAvpnODCn/SyzwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxODAwMDAwOVoX DTI1MDQyMjIzNTk1OVowejFJMEcGA1UEBRNAYzZlNGFkNDNmNjU4YTA5NmVhNTFm NGYyYzczYTNkMmVkNTQ2NzM2NjY1NzM5MDBhZjRhM2E2YjkxZDkzNDkxODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/wOZOchMxkolNpKD3fMSXGCxGOQ kFshKFgj5rS7kjsyIZ+8QzeP1qiBt28n9VhtwafDx74QQF7FDi3VAgLd86CqwjN2 I63BCa54wrfzFqzGA8Nq4KDupel5qoPCRMtSUwikHr90CiMdU1Qas5Jji6DR9H5Y uebjrvLP5yeSqVppNoPBgtdsWjXxkvYi22OTJ5LXS4D7sFs+ImZHbvxHHDE8y796 vjUA+drNAUk9HYv90QKHtAVk7XxB8QpKAx/L/Evh59Lzu5i7AzEASsA4vw0dpnUk p2AGOadTrVWH1sIvf8fxXYUW2AfkI0EROMXLFZepagDG/ke2+SiynubcFwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPvJ5a8dY6HJo5H0ct7gqzd0DFfEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3YjEyMmRkLWM1ODQtNGMyZi1hYzc2LWZiMWE2NjBiNzlkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaKAAwDQYJKoZIhvcNAQELBQADggEBABn6Ccz7QCgSHyIPc5Wk sYd4B9CFVki+1G6bTTRyRMiTx8HbIB/vZ8CwyNKyFL6iiELtuEvkZ5elqwof02xE kjECakA1VgViT7M0xce+2wte1L022vqKDf1mUwnmPZ1MJS/Kk2yniXF2V3kAkVGU DmBX9JYszaWLakldkiZQ4UnGrqW7HpdkOhmz6uYH08ZwvAJrLls3mlWfgDXmpq06 owTSsDXXYv1XZG/vpnw1Ussmzv6hx5OX8GqW3drsG0w3z1feFeWpTPHXxWfhecc/ gfGL/JG7Y7UEmXkB3tB89Gj2vCPCYPXROumdCl3fwRjerevSQpsDuEQIkR1vKGex l/w= -----END CERTIFICATE-----Generated at Sat Apr 5 10:54:34 2025 by rpki-client