$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf40bbcd-0211-4289-921c-c7d5e705cbda.roa File: bf40bbcd-0211-4289-921c-c7d5e705cbda.roa (raw, json) Hash identifier: jTmoLa7IPY82l21ilnwKYt1anbK7yZdtmbjKhJUbbyQ= Subject key identifier: CD:A4:96:83:1E:88:A1:B6:7E:00:8B:90:43:0B:5B:21:5C:96:46:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 42740955CDA509115F85D825134B62AEFB5ADEC0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf40bbcd-0211-4289-921c-c7d5e705cbda.roa Signing time: Fri 16 May 2025 15:30:19 +0000 ROA not before: Fri 16 May 2025 15:30:19 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:74:09:55:cd:a5:09:11:5f:85:d8:25:13:4b:62:ae:fb:5a:de:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:30:19 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=b6a1e5f3632333af67afa53e4f77a6e7611511a96f66cffcee0bb2ab89c4f0c5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:48:bc:1b:8a:aa:02:bc:6b:f2:0a:7f:db:2a: 33:bb:4d:cb:38:6b:e0:3b:2c:90:38:fb:ab:f5:ca: 91:f0:2d:e6:c4:b6:74:0f:47:28:7a:cf:20:78:88: 08:d6:65:0e:d4:e0:45:40:d0:69:c9:80:a6:fd:e3: fb:a7:d4:c5:9a:db:6b:d6:ef:1e:8b:fb:50:19:37: 01:ea:e3:d4:af:3d:50:67:ba:69:85:e1:a3:ff:60: 34:25:96:bd:d7:24:86:b2:4d:d3:b7:9d:cb:ca:37: fc:b2:00:68:49:99:ce:15:7e:dd:b7:89:d9:d6:53: 36:13:ef:ad:2c:c8:fd:40:b0:3f:59:b5:33:ea:ed: 0d:ef:b2:83:1f:39:e6:2e:8c:bc:67:11:f7:24:87: 1f:66:2b:40:ba:93:b6:06:db:f2:6f:96:d4:74:2b: 4e:d4:a3:3d:16:4b:40:38:8e:9e:df:d4:55:11:7d: 75:d8:bf:fb:24:ad:16:b1:c9:a9:d7:59:3d:6a:eb: 55:e0:af:6b:14:a5:35:21:ac:fb:25:94:cb:ef:2e: 1a:47:32:e0:b5:4a:11:8e:47:be:17:7a:e6:ce:5a: e0:a4:04:02:5d:4f:04:08:89:9c:1a:9a:c2:f7:2b: 1b:72:e7:39:6b:3a:62:be:aa:43:55:d3:0d:aa:ec: 02:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:A4:96:83:1E:88:A1:B6:7E:00:8B:90:43:0B:5B:21:5C:96:46:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf40bbcd-0211-4289-921c-c7d5e705cbda.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:f000::/40 Signature Algorithm: sha256WithRSAEncryption 35:ef:f1:c4:ac:f5:a2:ac:0d:3a:e6:d0:08:28:40:40:43:4e: 1c:07:d3:9d:4d:e7:76:3d:79:e2:5a:cf:d9:63:19:f3:68:b2: 2b:44:64:a2:ab:aa:d5:70:51:a2:e8:28:2c:75:25:b3:43:0f: f6:3b:2d:5b:82:22:22:04:9b:de:d7:f6:2a:6b:9c:2a:8c:06: df:48:08:1b:4b:7e:88:1f:5a:77:cb:a5:f2:d6:34:98:32:9c: 83:37:57:46:fa:3b:73:58:2f:35:2d:6c:3a:4a:a9:a1:27:ef: 18:da:04:10:7f:1a:aa:b1:ed:d5:3c:4b:47:58:42:92:2d:14: b4:5c:0e:76:b0:6d:d3:8e:af:6f:02:56:f5:ae:3a:37:39:94: ec:bb:a6:18:20:30:1e:19:d8:81:d5:ec:ea:20:29:18:62:83: 06:18:64:f7:26:5b:8c:c5:b0:52:fc:6a:23:ec:6a:81:fc:24: fb:62:1f:f4:6e:fb:31:de:ea:10:d8:12:1c:df:a1:b3:5e:2e: 07:33:9a:d0:42:4d:de:5d:6c:4d:ef:b4:c1:9d:89:17:a8:95: d6:4e:7c:21:21:4b:b2:da:1f:58:62:ea:e8:6a:d4:96:66:24: 41:fc:29:79:3e:37:a1:8f:b7:03:7f:0a:b7:91:80:bb:4d:d7: 94:fa:d6:10 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQnQJVc2lCRFfhdglE0tirvta3sAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzAxOVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYjZhMWU1ZjM2MzIzMzNhZjY3YWZh NTNlNGY3N2E2ZTc2MTE1MTFhOTZmNjZjZmZjZWUwYmIyYWI4OWM0ZjBjNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0i8G4qqArxr8gp/2yozu03LOGvg OyyQOPur9cqR8C3mxLZ0D0coes8geIgI1mUO1OBFQNBpyYCm/eP7p9TFmttr1u8e i/tQGTcB6uPUrz1QZ7ppheGj/2A0JZa91ySGsk3Tt53Lyjf8sgBoSZnOFX7dt4nZ 1lM2E++tLMj9QLA/WbUz6u0N77KDHznmLoy8ZxH3JIcfZitAupO2Btvyb5bUdCtO 1KM9FktAOI6e39RVEX112L/7JK0Wscmp11k9autV4K9rFKU1Iaz7JZTL7y4aRzLg tUoRjke+F3rmzlrgpAQCXU8ECImcGprC9ysbcuc5azpivqpDVdMNquwCWwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM2kloMeiKG2fgCLkEMLWyFclkZAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmNDBiYmNkLTAyMTEtNDI4OS05MjFjLWM3ZDVlNzA1Y2JkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+PAwDQYJKoZIhvcNAQELBQADggEBADXv8cSs9aKsDTrm0Ago QEBDThwH051N53Y9eeJaz9ljGfNositEZKKrqtVwUaLoKCx1JbNDD/Y7LVuCIiIE m97X9iprnCqMBt9ICBtLfogfWnfLpfLWNJgynIM3V0b6O3NYLzUtbDpKqaEn7xja BBB/Gqqx7dU8S0dYQpItFLRcDnawbdOOr28CVvWuOjc5lOy7phggMB4Z2IHV7Oog KRhigwYYZPcmW4zFsFL8aiPsaoH8JPtiH/Ru+zHe6hDYEhzfobNeLgczmtBCTd5d bE3vtMGdiReoldZOfCEhS7LaH1hi6uhq1JZmJEH8KXk+N6GPtwN/CreRgLtN15T6 1hA= -----END CERTIFICATE-----Generated at Tue Jun 3 23:09:13 2025 by rpki-client