$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830802a5-d8f4-4fa8-945f-86772db3ed31.roa File: 830802a5-d8f4-4fa8-945f-86772db3ed31.roa (raw, json) Hash identifier: 7iMvJXl+L3VqkTTDO8PtjOEYxdQbH7HdYWQgYcx5wro= Subject key identifier: E9:81:0F:7C:4B:2A:3C:30:53:13:C3:34:4B:90:01:9D:A4:DB:0B:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1977673705CD4321D4FADF2A6F09A3EE61062738 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830802a5-d8f4-4fa8-945f-86772db3ed31.roa Signing time: Sat 10 May 2025 00:01:47 +0000 ROA not before: Sat 10 May 2025 00:01:47 +0000 ROA not after: Sat 14 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:77:67:37:05:cd:43:21:d4:fa:df:2a:6f:09:a3:ee:61:06:27:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 10 00:01:47 2025 GMT Not After : Jun 14 23:59:59 2025 GMT Subject: serialNumber=d95aaa8d5c1ca8ea3ea7a274a55accf57dcb273250b977bcf9684719e32ed423, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:c5:05:11:8d:ad:e1:28:83:07:69:ba:8e:c0: 04:74:48:c6:11:3e:7f:0b:1c:fa:55:60:04:f6:0e: 1a:d1:cc:1b:cb:68:5d:c7:73:1c:0f:91:58:80:c1: 2f:39:95:80:54:0f:cd:c7:f9:55:94:be:f5:0b:d0: 34:cb:52:b6:de:f9:c3:7b:44:77:b1:02:f2:67:20: 8e:4b:9a:4c:88:4a:24:18:37:43:3e:d4:27:90:5b: 43:ca:0c:3d:00:de:82:b4:07:5f:82:df:a1:a9:7b: 37:c3:7b:99:28:0c:e2:01:18:e9:96:20:d5:c5:3e: 4c:64:c7:ee:1c:67:24:8a:5e:51:71:61:37:80:54: c2:6d:7b:91:a8:ca:8e:54:ce:27:66:79:14:76:a2: 3e:fb:eb:47:1e:61:48:7d:ef:d7:90:82:2c:2d:52: 8d:e9:27:39:d3:84:33:52:0d:85:6b:e8:0d:db:51: dc:5e:4d:c5:15:5c:2c:4a:c0:0b:61:28:96:25:0b: 26:e9:89:65:fb:45:d9:15:7d:10:40:d3:30:30:28: 34:0e:7d:5f:96:25:03:45:21:71:c5:44:39:ab:d8: 4e:21:8f:0d:01:2b:1f:01:61:1c:77:ae:ba:fa:5d: 70:f3:17:5e:1b:6c:71:a4:0c:65:bb:4a:7d:d8:39: c0:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:81:0F:7C:4B:2A:3C:30:53:13:C3:34:4B:90:01:9D:A4:DB:0B:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830802a5-d8f4-4fa8-945f-86772db3ed31.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:f000::/40 Signature Algorithm: sha256WithRSAEncryption 85:94:9b:28:e2:d1:80:dc:44:e4:e2:1a:9e:b8:83:60:e8:6a: 51:57:87:35:47:0a:db:2f:13:dd:d0:3c:48:d2:c8:9b:ce:10: 33:9a:ef:1e:ed:ee:0a:b9:7c:a9:e0:32:7b:01:07:96:b5:f7: 9a:de:64:38:99:30:c2:79:3e:47:3f:50:bb:a6:a0:57:d8:4a: 90:70:6d:43:df:fe:43:53:6b:3d:f4:e9:37:df:06:a6:9b:05: 32:2d:82:2f:0d:3d:82:0a:ba:bc:a5:15:98:e1:59:54:74:d9: 43:56:57:3b:a2:ce:ff:27:c0:df:e6:1a:f7:7f:bc:41:b1:b9: 1e:f6:96:7b:4b:99:32:6b:b7:f1:c8:52:ae:ce:01:ba:7d:a1: 6a:77:dc:cd:47:d2:bd:9b:65:8b:c6:a0:e2:3a:a8:f3:12:f3: 81:9b:d9:1e:7f:ff:f4:88:dc:a7:1e:62:d2:30:5f:94:a4:6b: 5d:5c:5b:4e:70:99:e4:68:d0:f0:7e:1e:02:1b:d4:28:71:5b: ac:72:53:84:7d:46:4e:79:42:97:01:e8:e8:25:d8:a2:8e:45: d1:2d:fa:f8:07:bc:30:c8:7d:a0:9e:9b:67:50:c3:64:2a:3a: d1:58:16:e1:e0:c8:34:9e:68:fb:52:1a:92:f8:dc:92:ae:da: c6:40:db:79 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGXdnNwXNQyHU+t8qbwmj7mEGJzgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMDAwMDE0N1oX DTI1MDYxNDIzNTk1OVowejFJMEcGA1UEBRNAZDk1YWFhOGQ1YzFjYThlYTNlYTdh Mjc0YTU1YWNjZjU3ZGNiMjczMjUwYjk3N2JjZjk2ODQ3MTllMzJlZDQyMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18UFEY2t4SiDB2m6jsAEdEjGET5/ Cxz6VWAE9g4a0cwby2hdx3McD5FYgMEvOZWAVA/Nx/lVlL71C9A0y1K23vnDe0R3 sQLyZyCOS5pMiEokGDdDPtQnkFtDygw9AN6CtAdfgt+hqXs3w3uZKAziARjpliDV xT5MZMfuHGckil5RcWE3gFTCbXuRqMqOVM4nZnkUdqI+++tHHmFIfe/XkIIsLVKN 6Sc504QzUg2Fa+gN21HcXk3FFVwsSsALYSiWJQsm6Yll+0XZFX0QQNMwMCg0Dn1f liUDRSFxxUQ5q9hOIY8NASsfAWEcd666+l1w8xdeG2xxpAxlu0p92DnApQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOmBD3xLKjwwUxPDNEuQAZ2k2ws1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgzMDgwMmE1LWQ4ZjQtNGZhOC05NDVmLTg2NzcyZGIzZWQzMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYPAwDQYJKoZIhvcNAQELBQADggEBAIWUmyji0YDcROTiGp64 g2DoalFXhzVHCtsvE93QPEjSyJvOEDOa7x7t7gq5fKngMnsBB5a195reZDiZMMJ5 Pkc/ULumoFfYSpBwbUPf/kNTaz306TffBqabBTItgi8NPYIKurylFZjhWVR02UNW Vzuizv8nwN/mGvd/vEGxuR72lntLmTJrt/HIUq7OAbp9oWp33M1H0r2bZYvGoOI6 qPMS84Gb2R5///SI3KceYtIwX5Ska11cW05wmeRo0PB+HgIb1ChxW6xyU4R9Rk55 QpcB6Ogl2KKORdEt+vgHvDDIfaCem2dQw2QqOtFYFuHgyDSeaPtSGpL43JKu2sZA 23k= -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:36 2025 by rpki-client