$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa File: bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa (raw, json) Hash identifier: 0eV0u6GNt/pCICB9gZSiIyUIB9Jf4oC6mKLL8Ezcy5Y= Subject key identifier: 2B:D6:B5:79:AE:21:7F:66:E4:98:4F:E5:55:4E:8D:CF:EC:41:FC:91 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1BCCE17734C1D7347D013FA753EE023E2DF41088 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa Signing time: Wed 26 Mar 2025 00:00:04 +0000 ROA not before: Wed 26 Mar 2025 00:00:04 +0000 ROA not after: Wed 30 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:cc:e1:77:34:c1:d7:34:7d:01:3f:a7:53:ee:02:3e:2d:f4:10:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 26 00:00:04 2025 GMT Not After : Apr 30 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:39:36:0b:07:c6:82:8c:32:44:23:dc:2a:2f: 2f:78:21:b7:dd:a7:fc:09:1e:d1:93:3f:aa:4e:73: f8:67:13:96:02:e2:c1:89:d1:8e:f6:cd:6c:48:e6: 67:4d:0a:82:43:a4:c2:ee:87:7d:81:a1:98:c4:26: 71:16:17:b4:7e:5b:4e:7f:4d:68:f2:1b:55:40:ca: 21:85:d6:fb:47:52:62:4a:8e:99:74:dc:73:72:f0: 22:5e:76:59:58:c2:de:e5:81:7c:4a:95:1e:f2:5c: 3e:c6:fd:21:a2:fc:c9:22:44:89:c5:40:5a:d1:82: 71:0d:da:13:e7:f5:e3:1e:bd:b7:8d:05:32:2d:82: 5d:d3:45:6f:b8:bb:b8:36:6b:05:1a:43:7e:6e:95: 8b:e8:29:6c:eb:46:61:17:64:9d:5e:0c:d0:3c:03: 9b:02:24:c0:75:e1:62:51:c9:3c:4c:b5:e6:8d:6a: 9e:b4:00:63:b6:45:b9:6a:16:cb:3f:b1:c6:5e:2f: 69:4e:52:fa:6e:dc:e2:3e:58:bb:10:12:6a:56:f2: 40:3e:b9:34:a1:0e:f3:d6:f6:98:bb:97:19:b3:c9: 59:82:ce:b4:c8:aa:12:e3:5e:ba:3b:13:12:aa:df: 25:6c:58:09:02:e0:2e:f3:7e:60:19:74:fa:6a:dc: 57:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:D6:B5:79:AE:21:7F:66:E4:98:4F:E5:55:4E:8D:CF:EC:41:FC:91 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bfce63b8-442d-44cb-a2b7-1b70800b70cf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:2800::/40 Signature Algorithm: sha256WithRSAEncryption 89:03:f7:59:b1:2d:1b:5d:7d:29:4d:40:07:6b:29:19:56:07: 3c:6c:2d:08:d9:e9:8b:04:ff:62:53:06:2e:4d:8d:89:94:a7: 87:57:76:f1:e7:93:00:4b:af:0c:ac:c1:a2:9f:fd:45:3f:a7: d2:5d:18:09:98:9e:a7:8f:74:14:fc:b2:58:1d:80:f4:22:a6: 39:6d:51:df:65:0c:ab:47:9a:86:fa:e3:07:87:a2:ea:2c:00: 03:d0:2b:8e:83:ef:a6:e9:7e:b2:b6:99:5d:fe:cc:b2:6e:62: d0:ff:d3:da:82:57:0b:bc:57:c1:3b:4d:a4:7a:8d:d6:56:c9: b5:95:12:c0:d2:0f:da:77:47:63:03:f2:97:15:c0:2f:0d:df: 07:e3:5f:45:f8:49:69:85:ba:9d:cf:f6:c9:5a:8b:ac:ba:fc: e0:51:ce:a9:7d:25:cd:04:d6:ff:fa:f5:ef:d5:28:9e:28:ca: f0:ec:9e:84:dc:9d:03:f9:5d:ea:fb:02:a3:6d:63:6f:6b:9b: ca:1e:1e:ff:6a:17:c5:55:f2:5e:57:38:9e:17:80:64:b5:02: 88:69:09:67:04:e5:ad:a5:08:59:1e:85:c3:ff:d3:15:dc:7e: a5:da:f6:3d:da:70:9a:c0:f5:d2:1d:3a:7f:df:60:4a:02:60: 15:bf:d8:4a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG8zhdzTB1zR9AT+nU+4CPi30EIgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDAwNFoX DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAZmY3ZDk4YzQ2MzBmOWQ1MmQxZDI5 NGRmYjk0NTlmMGNiZDU0MDNjM2RhNGQ5NzhlMWVkZWEzNDA4NGI4YzVjZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjk2CwfGgowyRCPcKi8veCG33af8 CR7Rkz+qTnP4ZxOWAuLBidGO9s1sSOZnTQqCQ6TC7od9gaGYxCZxFhe0fltOf01o 8htVQMohhdb7R1JiSo6ZdNxzcvAiXnZZWMLe5YF8SpUe8lw+xv0hovzJIkSJxUBa 0YJxDdoT5/XjHr23jQUyLYJd00VvuLu4NmsFGkN+bpWL6Cls60ZhF2SdXgzQPAOb AiTAdeFiUck8TLXmjWqetABjtkW5ahbLP7HGXi9pTlL6btziPli7EBJqVvJAPrk0 oQ7z1vaYu5cZs8lZgs60yKoS4166OxMSqt8lbFgJAuAu835gGXT6atxXCwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCvWtXmuIX9m5JhP5VVOjc/sQfyRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmY2U2M2I4LTQ0MmQtNDRjYi1hMmI3LTFiNzA4MDBiNzBjZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauSgwDQYJKoZIhvcNAQELBQADggEBAIkD91mxLRtdfSlNQAdr KRlWBzxsLQjZ6YsE/2JTBi5NjYmUp4dXdvHnkwBLrwyswaKf/UU/p9JdGAmYnqeP dBT8slgdgPQipjltUd9lDKtHmob64weHouosAAPQK46D76bpfrK2mV3+zLJuYtD/ 09qCVwu8V8E7TaR6jdZWybWVEsDSD9p3R2MD8pcVwC8N3wfjX0X4SWmFup3P9sla i6y6/OBRzql9Jc0E1v/69e/VKJ4oyvDsnoTcnQP5Xer7AqNtY29rm8oeHv9qF8VV 8l5XOJ4XgGS1AohpCWcE5a2lCFkehcP/0xXcfqXa9j3acJrA9dIdOn/fYEoCYBW/ 2Eo= -----END CERTIFICATE-----Generated at Sat Apr 5 12:23:31 2025 by rpki-client