$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c5d2129-c65c-4419-a480-b48028703d92.roa File: 6c5d2129-c65c-4419-a480-b48028703d92.roa (raw, json) Hash identifier: dGxxKihOQUQaRo1YdBOuG6SFUPYaNUhaxHZnjfqiJZo= Subject key identifier: 6A:53:A1:B2:0C:D2:C2:65:14:53:CA:FC:85:6D:4C:73:3B:FC:A5:A2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 427EFAD68835E259976BBF086F5682103D1E76EC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c5d2129-c65c-4419-a480-b48028703d92.roa Signing time: Tue 25 Mar 2025 16:10:49 +0000 ROA not before: Tue 25 Mar 2025 16:10:49 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:7e:fa:d6:88:35:e2:59:97:6b:bf:08:6f:56:82:10:3d:1e:76:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 25 16:10:49 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:bf:7e:b7:61:be:0b:ae:d1:f0:3c:20:f2:5e: cd:ce:ca:c3:af:80:8c:c3:11:f5:ca:f2:6b:15:f3: d0:14:77:a7:7d:a8:c0:3b:d6:e7:76:9e:3f:6c:2c: 89:ef:86:af:1b:d4:db:90:85:d3:a9:14:cd:dd:54: de:3c:9e:a9:75:8f:eb:34:ba:71:49:85:1a:d3:9c: 17:a4:9f:a6:c7:09:7f:45:f1:30:1a:d9:ea:3e:b3: 17:4a:56:99:6d:92:8c:99:e1:f5:ac:11:9d:6a:58: 7e:1c:ef:81:8d:80:69:f9:c5:00:1a:81:f9:63:47: 80:73:07:b6:7f:93:a0:3f:f8:33:cf:b2:61:70:06: 24:8d:3e:c5:ad:96:33:c5:ee:57:8c:7f:69:39:92: c4:d6:ac:d7:c0:7f:ec:2d:78:13:48:a6:29:5e:4e: e9:88:d8:92:11:23:65:d8:ac:46:b9:b9:4f:75:3e: 84:af:ec:ca:b0:1c:4f:0c:1c:78:17:cb:eb:44:22: 8b:66:ca:cd:7a:65:13:0c:67:7a:01:45:40:1e:f8: 61:e5:cf:fd:75:af:de:70:92:ea:25:c8:f0:89:56: ad:17:cc:43:e5:8a:25:54:f6:ca:87:2f:e2:13:2f: ea:20:4c:de:bd:ff:bc:35:05:02:a4:19:e1:52:94: 2c:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:53:A1:B2:0C:D2:C2:65:14:53:CA:FC:85:6D:4C:73:3B:FC:A5:A2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c5d2129-c65c-4419-a480-b48028703d92.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:9000::/40 Signature Algorithm: sha256WithRSAEncryption a8:11:67:43:d0:70:7e:83:d3:b0:ef:bc:ea:fb:aa:d3:8a:25: d5:67:7c:eb:de:21:53:aa:15:26:47:76:41:18:67:6f:56:4d: 45:52:fd:5f:71:17:b8:30:7e:c2:7e:8c:f4:0e:d2:b6:38:a9: 4c:55:35:46:34:f1:62:14:74:bf:23:f3:d9:cf:c1:9b:bd:8f: a6:1b:bf:25:eb:83:28:ab:e9:11:12:2f:c1:c8:eb:57:a3:f6: 23:6b:72:68:5c:65:52:dc:7b:af:bb:c1:ba:b4:dc:49:13:45: 51:29:60:38:68:23:c0:c2:fc:f5:3c:90:d0:ad:d2:6a:b8:02: c3:9a:72:53:e9:49:9f:af:d6:a6:88:25:66:f0:96:d4:39:9c: 91:14:72:43:c5:a2:b4:5e:29:64:3e:20:b2:71:6b:1c:fe:96: 4e:bb:69:61:cd:7b:7b:ca:89:9f:d0:29:93:70:aa:5d:21:58: 90:e5:3d:2d:6f:9e:54:c5:d6:ed:37:e0:e0:34:62:e4:7c:2a: bc:65:fb:32:06:8a:e2:90:11:2d:31:d5:cc:a2:7d:0d:98:d8: e3:a6:c4:e2:d6:58:87:e8:d6:42:93:ef:44:54:7a:8c:76:dd: a8:27:9a:64:74:57:7a:c9:cb:66:83:0a:03:da:6d:73:63:c5: e9:78:4d:d1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQn761og14lmXa78Ib1aCED0eduwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MTA0OVoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYThjNzAyYmM2ZDg1OGE1OWQwNjM2 MGQ0OTY0ODJkOWY1NDQ0ZjM2ZDhmNDJiNzgxMjc1NGRiMmRkYWYzYmM1NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr9+t2G+C67R8Dwg8l7NzsrDr4CM wxH1yvJrFfPQFHenfajAO9bndp4/bCyJ74avG9TbkIXTqRTN3VTePJ6pdY/rNLpx SYUa05wXpJ+mxwl/RfEwGtnqPrMXSlaZbZKMmeH1rBGdalh+HO+BjYBp+cUAGoH5 Y0eAcwe2f5OgP/gzz7JhcAYkjT7FrZYzxe5XjH9pOZLE1qzXwH/sLXgTSKYpXk7p iNiSESNl2KxGublPdT6Er+zKsBxPDBx4F8vrRCKLZsrNemUTDGd6AUVAHvhh5c/9 da/ecJLqJcjwiVatF8xD5YolVPbKhy/iEy/qIEzevf+8NQUCpBnhUpQs+wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGpTobIM0sJlFFPK/IVtTHM7/KWiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZjNWQyMTI5LWM2NWMtNDQxOS1hNDgwLWI0ODAyODcwM2Q5Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOJAwDQYJKoZIhvcNAQELBQADggEBAKgRZ0PQcH6D07DvvOr7 qtOKJdVnfOveIVOqFSZHdkEYZ29WTUVS/V9xF7gwfsJ+jPQO0rY4qUxVNUY08WIU dL8j89nPwZu9j6YbvyXrgyir6RESL8HI61ej9iNrcmhcZVLce6+7wbq03EkTRVEp YDhoI8DC/PU8kNCt0mq4AsOaclPpSZ+v1qaIJWbwltQ5nJEUckPForReKWQ+ILJx axz+lk67aWHNe3vKiZ/QKZNwql0hWJDlPS1vnlTF1u034OA0YuR8Krxl+zIGiuKQ ES0x1cyifQ2Y2OOmxOLWWIfo1kKT70RUeox23agnmmR0V3rJy2aDCgPabXNjxel4 TdE= -----END CERTIFICATE-----Generated at Sat Apr 5 10:58:41 2025 by rpki-client