$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b424c862-bbee-4123-87b5-a8a734d27574.roa File: b424c862-bbee-4123-87b5-a8a734d27574.roa (raw, json) Hash identifier: uYNAHESzJAkbMd8a5US67Qi4E1dbCxbHwr/CISV4AlM= Subject key identifier: 33:43:7E:EA:12:67:3B:BF:23:1E:48:6F:21:70:7F:BE:66:A5:BD:7A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 515F29241FF62BE834D7E898FAA7BB8A3ADF1A91 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b424c862-bbee-4123-87b5-a8a734d27574.roa Signing time: Fri 16 May 2025 00:31:45 +0000 ROA not before: Fri 16 May 2025 00:31:45 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 00:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:5f:29:24:1f:f6:2b:e8:34:d7:e8:98:fa:a7:bb:8a:3a:df:1a:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:31:45 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=2964cafd0b52cbfc6d0db301453d74ed0fa217b9bf068ab29c3e0e5ff3eed7e7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c7:ed:aa:d6:d2:68:94:b8:59:31:f3:c8:38: d9:a0:e3:34:f5:8c:1c:95:d7:20:a4:c8:a1:81:2a: 9b:14:b9:a1:bd:07:e6:34:f8:97:db:18:a7:7f:84: 8d:fe:5b:76:4e:76:96:4d:b0:21:a0:b4:b2:a0:d4: a3:00:a1:62:57:fb:15:a2:ad:d4:a3:71:fb:b0:d2: 3d:ef:6f:75:d5:42:df:fc:86:05:9e:67:e6:02:2d: 2b:b3:44:aa:9f:4e:c9:f0:85:c8:be:9e:0b:5e:fb: b7:20:e5:27:5c:7c:b1:76:d7:54:1a:e8:71:20:df: 03:2f:8f:18:a7:53:37:eb:7c:49:ab:30:50:1d:78: 9d:ae:b1:a2:11:1a:fc:53:4a:04:1e:95:3d:df:8b: d9:ea:ba:ac:f0:7a:8c:ed:4b:e3:01:88:ae:c6:47: 08:98:00:bf:f6:cf:c7:0e:c2:af:91:18:80:63:7c: cc:f6:11:17:08:d4:62:ba:be:45:55:d3:fd:62:31: 8c:75:f2:00:df:de:0a:21:34:c7:63:78:3e:6b:19: 0a:69:48:32:80:1d:98:13:0a:22:05:d2:bd:04:7d: c3:27:00:9a:76:87:a8:4a:bb:78:f6:3c:2a:87:87: 9b:ea:06:d9:a6:cc:a8:9a:7d:33:a3:86:15:cf:70: c2:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:43:7E:EA:12:67:3B:BF:23:1E:48:6F:21:70:7F:BE:66:A5:BD:7A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b424c862-bbee-4123-87b5-a8a734d27574.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:8c0::/48 Signature Algorithm: sha256WithRSAEncryption 4f:40:de:67:cf:d4:71:28:73:8e:bd:4b:58:ef:da:09:5c:7d: 8a:27:29:47:c6:bf:c0:6d:0d:a8:aa:12:f7:a2:24:d2:c7:0c: 36:f2:71:cf:d0:d8:54:c3:b9:57:de:ef:39:ea:14:91:39:11: f0:92:6d:79:4b:12:ac:d9:5b:d6:71:e5:03:17:04:a8:71:52: 4c:75:fb:10:59:3a:9e:70:f9:a0:e2:8b:1c:c2:64:55:0a:d8: bd:46:00:40:4a:95:12:4c:a0:12:b6:78:d3:0f:b0:1f:40:95: f5:27:20:0b:96:34:11:27:87:5d:8c:6c:5d:a0:85:e6:63:2d: bd:60:6a:04:1c:66:c0:81:88:b1:0d:bb:11:af:ad:c0:a1:94: 44:6f:13:38:38:c6:b0:c4:d7:36:d0:c1:61:af:b2:1a:ab:d6: f4:33:3c:5f:dc:a4:f1:8b:38:64:20:7f:60:fd:88:9f:7d:36: a6:e2:fd:35:bb:e3:38:68:52:da:7d:f6:1f:c1:9f:51:52:25: b3:e1:64:28:e9:b0:d1:b3:17:d6:e5:83:77:0e:fe:34:a1:71: e0:84:35:cf:8c:fd:29:a9:3c:f9:2b:f5:06:c0:65:92:da:ab: f1:57:96:9c:ee:aa:1e:db:fd:10:79:5c:7c:c4:b8:57:e6:d7: a4:0a:52:08 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUV8pJB/2K+g01+iY+qe7ijrfGpEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMzE0NVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMjk2NGNhZmQwYjUyY2JmYzZkMGRi MzAxNDUzZDc0ZWQwZmEyMTdiOWJmMDY4YWIyOWMzZTBlNWZmM2VlZDdlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsftqtbSaJS4WTHzyDjZoOM09Ywc ldcgpMihgSqbFLmhvQfmNPiX2xinf4SN/lt2TnaWTbAhoLSyoNSjAKFiV/sVoq3U o3H7sNI972911ULf/IYFnmfmAi0rs0Sqn07J8IXIvp4LXvu3IOUnXHyxdtdUGuhx IN8DL48Yp1M363xJqzBQHXidrrGiERr8U0oEHpU934vZ6rqs8HqM7UvjAYiuxkcI mAC/9s/HDsKvkRiAY3zM9hEXCNRiur5FVdP9YjGMdfIA394KITTHY3g+axkKaUgy gB2YEwoiBdK9BH3DJwCadoeoSrt49jwqh4eb6gbZpsyomn0zo4YVz3DClwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDNDfuoSZzu/Ix5IbyFwf75mpb16MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I0MjRjODYyLWJiZWUtNDEyMy04N2I1LWE4YTczNGQyNzU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/wjAMA0GCSqGSIb3DQEBCwUAA4IBAQBPQN5nz9RxKHOOvUtY 79oJXH2KJylHxr/AbQ2oqhL3oiTSxww28nHP0NhUw7lX3u856hSRORHwkm15SxKs 2VvWceUDFwSocVJMdfsQWTqecPmg4oscwmRVCti9RgBASpUSTKAStnjTD7AfQJX1 JyALljQRJ4ddjGxdoIXmYy29YGoEHGbAgYixDbsRr63AoZREbxM4OMawxNc20MFh r7Iaq9b0Mzxf3KTxizhkIH9g/YiffTam4v01u+M4aFLaffYfwZ9RUiWz4WQo6bDR sxfW5YN3Dv40oXHghDXPjP0pqTz5K/UGwGWS2qvxV5ac7qoe2/0QeVx8xLhX5tek ClII -----END CERTIFICATE-----Generated at Thu Jun 5 18:20:16 2025 by rpki-client