$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa File: bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa (raw, json) Hash identifier: ICNIlIqdr1so/YYj9OwKoCNVXpPFLbAc9IjNibm/rWU= Subject key identifier: 27:5B:81:EF:E2:68:A1:2F:11:9B:C2:43:6D:00:25:C8:13:DA:8A:EB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 20DA944513DCD98F946FF501450638BB21EDFE18 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa Signing time: Fri 16 May 2025 00:30:18 +0000 ROA not before: Fri 16 May 2025 00:30:18 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:da:94:45:13:dc:d9:8f:94:6f:f5:01:45:06:38:bb:21:ed:fe:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:30:18 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=5f0779d261f50bc5de4ec10ad190bfe70dc722baa3ff96bd66f57bde1aa6ce31, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:f5:7a:54:c2:30:2b:00:b0:73:f3:54:48:7c: 8c:24:7b:df:52:a6:34:be:b4:c4:31:e3:04:4b:20: 8e:ab:5a:23:05:b0:66:d3:07:2d:19:36:44:4d:be: cb:26:b4:f8:31:48:3e:40:1b:84:9a:3c:9e:b2:48: 07:57:9f:6d:29:8e:11:77:8e:6f:88:ba:99:f2:50: dc:49:84:9c:7b:88:ab:db:73:0d:1a:dc:aa:f3:2f: c2:9d:6d:e7:34:94:a8:b7:26:ee:d9:6f:64:28:4b: 7f:ac:8c:19:06:0c:3e:85:a9:e9:d6:a7:f0:32:5c: c8:8b:a0:9e:a9:5a:42:a5:a0:8c:cb:72:d3:e5:07: 69:1a:44:01:61:f2:bf:8e:e7:de:ef:2c:b1:e2:9b: f8:e4:b2:9e:9c:6a:60:c2:37:d6:9a:c0:14:0c:80: b6:ff:bb:7b:c8:ab:1a:4d:3d:29:32:92:9d:4b:8d: 3a:c1:b9:1d:0e:8c:1a:eb:55:6e:22:b5:18:46:6f: bf:67:04:c2:02:71:cf:1c:6a:de:67:3c:8f:55:54: da:68:1a:27:40:a8:ac:e3:f8:d9:e2:15:f1:98:5b: 7c:09:93:f0:03:6b:48:69:54:56:13:47:30:13:8f: 71:84:4a:97:82:d0:65:b5:e2:05:2c:79:cb:ca:30: ff:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:5B:81:EF:E2:68:A1:2F:11:9B:C2:43:6D:00:25:C8:13:DA:8A:EB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:7000::/40 Signature Algorithm: sha256WithRSAEncryption 33:b7:5f:9a:ed:ed:d4:ba:74:bb:5f:af:a1:39:46:28:18:1f: 7e:b0:84:2c:f8:58:37:6a:52:d3:6c:eb:8e:6b:db:6c:5c:d4: 3d:1c:49:a3:62:27:b3:43:7e:e1:80:7a:cd:a5:cf:8d:66:c4: a3:02:fd:f7:ac:59:65:5e:5b:f1:48:7a:a1:30:88:dc:3a:2f: 2f:ed:f5:72:0d:54:21:c8:e0:5a:3c:b2:5a:65:32:df:86:4e: 60:88:af:5b:1b:e4:51:b5:ac:21:11:68:c1:1c:00:91:50:8b: ca:33:1b:a5:28:c1:8d:64:cd:d3:eb:9e:19:4d:17:24:b9:aa: aa:19:b8:f6:17:de:f9:a1:ff:e0:c6:c7:17:84:41:32:ab:9c: b9:d8:91:a4:08:5f:e8:5f:3e:83:60:e5:76:bd:7f:3a:a6:ec: 13:f6:74:6b:0a:c0:4b:e7:b9:0a:d8:29:9d:4d:b5:13:c7:b2: 79:b6:bd:29:bb:c9:d8:dc:74:80:54:50:52:95:3b:93:6c:e0: 03:bc:58:a0:6e:1e:3a:62:90:49:ba:c5:85:53:c9:92:72:46: a8:9b:12:85:16:e6:74:53:29:19:a9:68:6a:a5:a7:22:bb:75: 46:90:1b:e4:43:4d:aa:ad:6d:ae:8b:0d:fb:81:15:fa:78:20: c8:7b:e0:60 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUINqURRPc2Y+Ub/UBRQY4uyHt/hgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMzAxOFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANWYwNzc5ZDI2MWY1MGJjNWRlNGVj MTBhZDE5MGJmZTcwZGM3MjJiYWEzZmY5NmJkNjZmNTdiZGUxYWE2Y2UzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vV6VMIwKwCwc/NUSHyMJHvfUqY0 vrTEMeMESyCOq1ojBbBm0wctGTZETb7LJrT4MUg+QBuEmjyeskgHV59tKY4Rd45v iLqZ8lDcSYSce4ir23MNGtyq8y/CnW3nNJSotybu2W9kKEt/rIwZBgw+hanp1qfw MlzIi6CeqVpCpaCMy3LT5QdpGkQBYfK/jufe7yyx4pv45LKenGpgwjfWmsAUDIC2 /7t7yKsaTT0pMpKdS406wbkdDowa61VuIrUYRm+/ZwTCAnHPHGreZzyPVVTaaBon QKis4/jZ4hXxmFt8CZPwA2tIaVRWE0cwE49xhEqXgtBlteIFLHnLyjD/MQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCdbge/iaKEvEZvCQ20AJcgT2orrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JiMzNjNmU5LTgzYjktNDNjMy1iNDU4LTUzYWRmN2IzZTUzZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAHAwDQYJKoZIhvcNAQELBQADggEBADO3X5rt7dS6dLtfr6E5 RigYH36whCz4WDdqUtNs645r22xc1D0cSaNiJ7NDfuGAes2lz41mxKMC/fesWWVe W/FIeqEwiNw6Ly/t9XINVCHI4Fo8slplMt+GTmCIr1sb5FG1rCERaMEcAJFQi8oz G6UowY1kzdPrnhlNFyS5qqoZuPYX3vmh/+DGxxeEQTKrnLnYkaQIX+hfPoNg5Xa9 fzqm7BP2dGsKwEvnuQrYKZ1NtRPHsnm2vSm7ydjcdIBUUFKVO5Ns4AO8WKBuHjpi kEm6xYVTyZJyRqibEoUW5nRTKRmpaGqlpyK7dUaQG+RDTaqtba6LDfuBFfp4IMh7 4GA= -----END CERTIFICATE-----Generated at Tue Jun 3 23:09:20 2025 by rpki-client