$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa File: 9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa (raw, json) Hash identifier: ob4S0XtsyOAGoEAkJbrXssRgrQe8YvhGtcathskz9Qs= Subject key identifier: 79:70:BE:44:12:57:ED:76:AE:61:61:6A:71:2C:C7:B0:C7:C0:C3:87 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4E5037236ECF011A0125028A570098770D0572A0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa Signing time: Fri 23 May 2025 00:00:58 +0000 ROA not before: Fri 23 May 2025 00:00:58 +0000 ROA not after: Fri 27 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:50:37:23:6e:cf:01:1a:01:25:02:8a:57:00:98:77:0d:05:72:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 23 00:00:58 2025 GMT Not After : Jun 27 23:59:59 2025 GMT Subject: serialNumber=f92a66816a4ae5b768a4bb22884a7f706e7fc82fc830c99b25eecbfc8eb36f2c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:78:cc:8b:73:5e:3f:8a:cc:8e:81:f6:8c:74: ec:74:4c:36:5d:3c:1a:d6:64:17:91:66:70:64:36: b3:8a:b9:50:03:48:87:18:30:26:a9:ef:85:c0:34: 20:90:36:69:43:23:a7:48:43:b1:21:8d:63:ac:8e: 43:5e:40:22:6d:0e:77:cd:96:d1:2e:68:cc:a5:92: d3:e1:7f:af:a9:2e:21:11:fd:67:f4:28:3b:17:07: e2:05:50:f4:db:c0:83:c1:4f:f5:ae:0a:04:6d:ae: 4f:d5:d2:2d:aa:e7:a9:02:7e:d8:f7:f7:1d:7c:01: 92:69:72:52:6a:76:18:4c:30:60:20:7d:00:f4:02: c7:70:e2:04:a5:8a:0d:cb:0d:08:b2:f9:72:07:73: 25:03:6b:4e:27:11:3e:2d:a7:42:ba:8a:ec:6d:96: 25:ec:0d:fe:b4:16:88:8e:c4:bc:95:44:0f:c8:b7: 48:6c:83:fc:46:43:cf:6b:5f:e4:e2:e6:67:07:ad: 86:69:d3:4e:d0:4f:12:d1:58:cf:5a:6c:6a:76:3c: 2b:be:e6:1e:3f:4a:da:c6:7e:0c:c7:68:17:6b:e6: 8c:5d:a2:14:87:1e:59:e5:a6:c3:22:f5:a8:68:36: d1:34:dc:8e:82:6d:2b:f1:7d:eb:aa:b5:f7:35:66: c2:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:70:BE:44:12:57:ED:76:AE:61:61:6A:71:2C:C7:B0:C7:C0:C3:87 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:c000::/40 Signature Algorithm: sha256WithRSAEncryption 13:47:9d:19:d1:81:db:b6:63:de:a7:40:6d:22:f4:3c:5d:75: 5b:cd:86:96:8f:62:7e:98:1c:c0:88:fe:65:bd:57:6e:74:73: 71:7f:6f:7c:6a:b6:07:ec:57:c3:59:64:f6:cc:f5:ff:98:e5: 81:f9:5e:e4:a7:3f:62:83:35:1b:2c:7f:f1:74:ab:cb:d2:34: e2:8e:fa:16:43:72:3b:38:97:a2:68:e1:cf:4f:c9:12:a7:d2: 9f:b6:c1:20:a6:75:47:4d:e4:22:2b:84:1e:47:e5:78:9d:e8: 56:73:de:db:92:3d:f6:05:68:3e:41:0f:a9:e4:38:0e:ea:21: a3:8b:19:6c:63:02:11:ca:3a:43:b9:6e:09:7c:f9:a9:94:e8: 81:45:bc:a9:53:9e:d6:18:cb:79:9d:0a:be:d5:9a:7d:44:9b: 7a:eb:52:02:32:cd:f9:ed:87:0d:33:a5:c6:1a:da:ba:d9:bf: c3:a5:ab:90:41:85:e4:df:0e:f0:d6:eb:1d:dc:68:0c:b5:3c: 0a:0c:15:14:e9:40:5c:06:a0:8d:4d:c7:ca:35:73:ee:d9:4f: 82:63:90:c3:f7:6b:30:98:6e:d9:e3:f6:be:90:3a:a6:97:15: 60:d8:98:0a:12:28:f2:01:a5:d3:cf:fa:22:84:a9:eb:47:0f: 8c:40:3c:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTlA3I27PARoBJQKKVwCYdw0FcqAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMzAwMDA1OFoX DTI1MDYyNzIzNTk1OVowejFJMEcGA1UEBRNAZjkyYTY2ODE2YTRhZTViNzY4YTRi YjIyODg0YTdmNzA2ZTdmYzgyZmM4MzBjOTliMjVlZWNiZmM4ZWIzNmYyYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73jMi3NeP4rMjoH2jHTsdEw2XTwa 1mQXkWZwZDazirlQA0iHGDAmqe+FwDQgkDZpQyOnSEOxIY1jrI5DXkAibQ53zZbR LmjMpZLT4X+vqS4hEf1n9Cg7FwfiBVD028CDwU/1rgoEba5P1dItquepAn7Y9/cd fAGSaXJSanYYTDBgIH0A9ALHcOIEpYoNyw0IsvlyB3MlA2tOJxE+LadCuorsbZYl 7A3+tBaIjsS8lUQPyLdIbIP8RkPPa1/k4uZnB62GadNO0E8S0VjPWmxqdjwrvuYe P0raxn4Mx2gXa+aMXaIUhx5Z5abDIvWoaDbRNNyOgm0r8X3rqrX3NWbCPQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHlwvkQSV+12rmFhanEsx7DHwMOHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzliYzkwMjYwLWQ0ZGMtNGI1NC05NTFjLWFhOTE2N2Y4Zjk5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba78AwDQYJKoZIhvcNAQELBQADggEBABNHnRnRgdu2Y96nQG0i 9DxddVvNhpaPYn6YHMCI/mW9V250c3F/b3xqtgfsV8NZZPbM9f+Y5YH5XuSnP2KD NRssf/F0q8vSNOKO+hZDcjs4l6Jo4c9PyRKn0p+2wSCmdUdN5CIrhB5H5Xid6FZz 3tuSPfYFaD5BD6nkOA7qIaOLGWxjAhHKOkO5bgl8+amU6IFFvKlTntYYy3mdCr7V mn1Em3rrUgIyzfnthw0zpcYa2rrZv8Olq5BBheTfDvDW6x3caAy1PAoMFRTpQFwG oI1Nx8o1c+7ZT4JjkMP3azCYbtnj9r6QOqaXFWDYmAoSKPIBpdPP+iKEqetHD4xA PK0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:03 2025 by rpki-client