$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa File: b105a261-7baa-401b-b853-65b2635b3f6d.roa (raw, json) Hash identifier: MUlPvYvkZWet2xkBTbyTSzqUtbAxQmfJV25dAL3iKJg= Subject key identifier: 68:3F:2B:13:9E:9D:0E:C9:13:C6:82:C7:BF:E3:70:52:DD:C8:73:C5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 480BA08D78B92B1827AC4934C2C6A758BA9A4788 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa Signing time: Wed 12 Mar 2025 16:36:44 +0000 ROA not before: Wed 12 Mar 2025 16:36:44 +0000 ROA not after: Wed 16 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da24:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:0b:a0:8d:78:b9:2b:18:27:ac:49:34:c2:c6:a7:58:ba:9a:47:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 12 16:36:44 2025 GMT Not After : Apr 16 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:23:22:ab:9b:ef:15:2c:16:3b:4e:f4:8f:33: 13:06:89:64:7b:38:4e:7f:ff:b7:77:9e:6d:7d:9b: 64:85:c6:5b:25:16:e0:c4:e5:e4:3b:07:47:2d:17: 1a:e5:c7:57:24:f5:63:63:1d:14:d1:f4:ab:33:11: ef:c6:b9:22:79:a4:09:a4:2a:cb:e4:47:bd:a3:4b: 58:77:2c:46:0a:25:0a:8b:bd:41:b5:3e:21:7c:56: 10:e8:5e:0d:07:22:10:36:de:56:4b:e4:9b:9f:50: da:6a:fa:30:c5:e7:90:4f:9b:f5:bb:9b:97:89:81: 50:8f:d5:d6:5a:d0:af:98:f5:2e:ca:6c:11:cd:8c: ad:de:fb:62:a5:69:a5:ac:f2:15:6a:93:7e:9f:46: df:3c:7c:2a:3f:5e:47:2d:05:4e:aa:8a:49:90:58: b5:da:2e:98:0d:75:5b:2b:7c:24:c3:96:6f:05:c8: 0a:c5:b8:b0:0d:5a:a2:9d:fc:b9:9d:be:ed:59:e6: da:e8:8b:21:cc:e2:61:7d:36:05:55:2a:66:b7:c4: e6:64:21:59:35:a8:ad:b7:1b:44:21:81:84:9d:e6: 51:00:b5:fb:7e:68:43:4d:37:98:6b:16:43:3a:7d: 4b:94:d0:6d:8c:96:d6:f8:57:0f:b1:e4:e9:57:34: ef:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:3F:2B:13:9E:9D:0E:C9:13:C6:82:C7:BF:E3:70:52:DD:C8:73:C5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24:8000::/36 Signature Algorithm: sha256WithRSAEncryption 00:a2:24:39:c3:f0:99:f1:64:bc:ef:a4:9d:4f:e3:4c:3b:e5: 71:3d:5b:53:dd:15:df:cb:e9:ef:ba:b5:fd:e8:61:5e:7d:4e: cb:ec:6c:74:7f:b3:84:f3:4e:cf:61:21:cd:02:33:18:79:f7: cb:1b:ce:04:97:39:ce:87:33:df:fc:29:1d:b4:c5:0b:c9:22: 81:2d:4a:24:d4:7e:37:f8:22:00:af:52:6c:f3:73:1e:e1:11: 7d:49:a0:7e:22:69:04:4e:a7:67:f0:1a:59:a9:d3:28:13:9f: 61:a2:66:24:67:a5:a0:94:42:91:9c:f1:cb:16:62:21:fd:cb: e0:a1:6e:b9:e4:78:66:20:85:91:e7:67:96:2c:60:45:9b:9f: 30:cc:15:47:ae:0d:30:a9:6e:8d:44:8b:7b:85:1b:d1:aa:89: af:ed:44:5e:f8:01:9b:56:8c:03:16:c0:22:f8:f2:21:b1:c3: 34:f4:02:78:49:21:31:fe:3f:8c:e9:6d:41:b1:26:ad:3b:cf: 47:91:37:87:6e:53:53:d4:5b:f4:9f:f5:34:9d:e7:43:7b:87: 45:10:32:4e:d3:8b:08:1e:20:da:59:6c:b7:74:f5:69:7e:af: 19:6b:7d:79:4c:e5:fc:a2:e3:20:f7:90:bc:b3:bf:f6:a4:2a: 43:91:72:da -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSAugjXi5KxgnrEk0wsanWLqaR4gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxMjE2MzY0NFoX DTI1MDQxNjIzNTk1OVowejFJMEcGA1UEBRNAZTM2MThmYjA1YTQ4NTFhOWE5MGE3 MWQzMzgwMDZkZTM3OGJlZjcwMzlhOWFkODEzNWEwZTVmMzZmYWZjZmI1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiMiq5vvFSwWO070jzMTBolkezhO f/+3d55tfZtkhcZbJRbgxOXkOwdHLRca5cdXJPVjYx0U0fSrMxHvxrkieaQJpCrL 5Ee9o0tYdyxGCiUKi71BtT4hfFYQ6F4NByIQNt5WS+Sbn1DaavowxeeQT5v1u5uX iYFQj9XWWtCvmPUuymwRzYyt3vtipWmlrPIVapN+n0bfPHwqP15HLQVOqopJkFi1 2i6YDXVbK3wkw5ZvBcgKxbiwDVqinfy5nb7tWeba6IshzOJhfTYFVSpmt8TmZCFZ NaittxtEIYGEneZRALX7fmhDTTeYaxZDOn1LlNBtjJbW+FcPseTpVzTvWQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGg/KxOenQ7JE8aCx7/jcFLdyHPFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IxMDVhMjYxLTdiYWEtNDAxYi1iODUzLTY1YjI2MzViM2Y2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJIAwDQYJKoZIhvcNAQELBQADggEBAACiJDnD8JnxZLzvpJ1P 40w75XE9W1PdFd/L6e+6tf3oYV59TsvsbHR/s4TzTs9hIc0CMxh598sbzgSXOc6H M9/8KR20xQvJIoEtSiTUfjf4IgCvUmzzcx7hEX1JoH4iaQROp2fwGlmp0ygTn2Gi ZiRnpaCUQpGc8csWYiH9y+ChbrnkeGYghZHnZ5YsYEWbnzDMFUeuDTCpbo1Ei3uF G9Gqia/tRF74AZtWjAMWwCL48iGxwzT0AnhJITH+P4zpbUGxJq07z0eRN4duU1PU W/Sf9TSd50N7h0UQMk7TiwgeINpZbLd09Wl+rxlrfXlM5fyi4yD3kLyzv/akKkOR cto= -----END CERTIFICATE-----Generated at Sat Apr 5 12:34:47 2025 by rpki-client