$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0d4438c-48d3-4e79-8a64-d15a4521eb7b.roa File: c0d4438c-48d3-4e79-8a64-d15a4521eb7b.roa (raw, json) Hash identifier: F+mviVTOFSfqDzDwDhPM0XauykZx9Rb0ZqXGs9SteI0= Subject key identifier: EE:73:F4:54:5D:2C:64:4A:7B:4C:37:D3:71:C7:CC:EF:5F:90:F4:4A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1B70D4E0990EBAAEEE55F271F0AC7182D00DC3A4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0d4438c-48d3-4e79-8a64-d15a4521eb7b.roa Signing time: Wed 14 May 2025 00:50:45 +0000 ROA not before: Wed 14 May 2025 00:50:45 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:70:d4:e0:99:0e:ba:ae:ee:55:f2:71:f0:ac:71:82:d0:0d:c3:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:50:45 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=8b9664e2e53d6a626941a5d91dd170bf883881613ecb19e0acfed099cd2e008d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:69:ea:97:6f:e8:f4:9c:d3:97:6b:8a:08:da: 17:29:a0:4b:ec:05:60:d4:ec:b3:bf:83:c5:5f:7e: 8e:58:f5:d6:69:0a:5a:79:45:80:46:a2:e9:d3:47: 79:de:dd:f4:fe:ea:96:2d:e8:2a:9c:f5:47:50:7d: 77:a9:ec:93:86:67:c0:0f:f4:8a:76:53:8c:85:7f: 86:0f:ed:47:1d:9d:f5:43:94:e1:e7:1f:ed:de:8f: 87:6d:c8:ac:83:3e:c8:4f:f3:aa:fa:b3:93:2f:ac: 98:c6:ca:a6:ab:c8:55:4d:e3:ac:3a:5d:a6:fa:12: 34:78:b5:3a:9f:06:8d:68:50:69:fc:3a:38:d9:ca: b8:7f:6e:dd:50:a6:28:69:8e:64:43:2d:74:bb:53: 80:26:84:02:e3:df:41:3d:f9:4c:0b:26:2e:6d:5a: a8:17:09:a4:04:9e:93:51:0f:a2:0f:11:93:31:42: bf:54:18:b5:e3:cb:34:6c:69:1d:36:ff:bd:ea:2e: 85:dc:a5:d4:71:e7:c7:5e:9a:68:99:b8:04:92:78: 33:56:08:dc:e2:46:e4:1a:7b:e8:0b:13:1c:58:4e: 88:87:e3:fd:94:a0:a2:df:25:14:1d:1e:d5:3e:2b: e3:e7:80:6d:b0:08:0b:c0:8a:46:70:38:54:7f:b3: f8:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:73:F4:54:5D:2C:64:4A:7B:4C:37:D3:71:C7:CC:EF:5F:90:F4:4A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0d4438c-48d3-4e79-8a64-d15a4521eb7b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:800::/40 Signature Algorithm: sha256WithRSAEncryption 3c:ca:17:cf:46:31:57:38:4b:9e:88:be:7c:ec:4b:74:4f:ae: 3b:69:97:a1:e2:41:d1:98:a3:13:70:6d:ab:41:23:af:20:b9: a2:7b:bb:12:fa:b8:97:53:1e:3e:e2:66:23:36:9c:c8:9d:61: 86:45:dd:87:b5:9c:94:72:f8:74:12:65:79:40:e5:6e:51:84: 67:56:03:62:84:77:cd:26:e6:2c:11:b7:0d:36:7d:9a:2a:49: e6:76:60:cf:b1:b4:b5:ca:b5:ef:82:06:fb:84:c9:c0:ae:ff: 44:55:ed:e5:15:f6:12:ef:1f:4b:3d:32:45:c4:f7:eb:6d:8d: f1:52:a9:ae:f6:f6:eb:4e:1c:89:73:e9:0e:81:84:f4:8a:51: ad:ce:0c:4a:d2:a9:5c:77:ee:b6:98:df:33:16:64:c5:44:b8: d9:5a:23:93:8f:84:27:c4:64:05:cc:ab:29:2a:c3:2a:71:45: 35:88:e8:81:cf:27:6c:9d:e7:a4:50:01:31:d2:18:ee:b6:99: 25:98:19:40:bd:a5:04:14:aa:2d:19:82:55:40:64:3a:d6:40: 35:74:16:92:b0:7d:ef:70:52:db:10:27:9b:08:b4:64:74:e7: 7d:e8:c9:cd:2c:e7:42:7c:c4:52:c5:68:2c:87:86:44:26:13: dd:55:9f:fd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG3DU4JkOuq7uVfJx8KxxgtANw6QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwNTA0NVoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAOGI5NjY0ZTJlNTNkNmE2MjY5NDFh NWQ5MWRkMTcwYmY4ODM4ODE2MTNlY2IxOWUwYWNmZWQwOTljZDJlMDA4ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGnql2/o9JzTl2uKCNoXKaBL7AVg 1Oyzv4PFX36OWPXWaQpaeUWARqLp00d53t30/uqWLegqnPVHUH13qeyThmfAD/SK dlOMhX+GD+1HHZ31Q5Th5x/t3o+Hbcisgz7IT/Oq+rOTL6yYxsqmq8hVTeOsOl2m +hI0eLU6nwaNaFBp/Do42cq4f27dUKYoaY5kQy10u1OAJoQC499BPflMCyYubVqo FwmkBJ6TUQ+iDxGTMUK/VBi148s0bGkdNv+96i6F3KXUcefHXppombgEkngzVgjc 4kbkGnvoCxMcWE6Ih+P9lKCi3yUUHR7VPivj54BtsAgLwIpGcDhUf7P48wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFO5z9FRdLGRKe0w303HHzO9fkPRKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZDQ0MzhjLTQ4ZDMtNGU3OS04YTY0LWQxNWE0NTIxZWI3Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8ggwDQYJKoZIhvcNAQELBQADggEBADzKF89GMVc4S56Ivnzs S3RPrjtpl6HiQdGYoxNwbatBI68guaJ7uxL6uJdTHj7iZiM2nMidYYZF3Ye1nJRy +HQSZXlA5W5RhGdWA2KEd80m5iwRtw02fZoqSeZ2YM+xtLXKte+CBvuEycCu/0RV 7eUV9hLvH0s9MkXE9+ttjfFSqa729utOHIlz6Q6BhPSKUa3ODErSqVx37raY3zMW ZMVEuNlaI5OPhCfEZAXMqykqwypxRTWI6IHPJ2yd56RQATHSGO62mSWYGUC9pQQU qi0ZglVAZDrWQDV0FpKwfe9wUtsQJ5sItGR0533oyc0s50J8xFLFaCyHhkQmE91V n/0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:11:58 2025 by rpki-client