$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa File: c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa (raw, json) Hash identifier: M15i/GM2xCzXKxb+NDpfs8/GnQix8loJhKvYI3pSBd0= Subject key identifier: 2A:BE:85:D4:51:CF:FA:7D:88:1F:DC:1F:3C:0F:10:98:A1:80:FA:F3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 72A4FB68767A4EE6E6E203B9B3B02729FDC231E6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa Signing time: Fri 16 May 2025 00:41:36 +0000 ROA not before: Fri 16 May 2025 00:41:36 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:e0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:a4:fb:68:76:7a:4e:e6:e6:e2:03:b9:b3:b0:27:29:fd:c2:31:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:41:36 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=ccf2fe2bfae897228807163f371c43409388857805b6fa73516d634d8ac70612, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:7f:52:e2:8a:43:2d:28:69:a8:2b:58:b1:46: 07:3c:50:38:a5:82:17:71:7b:68:dc:84:dc:0b:0d: 38:10:a3:01:b0:7b:d8:fd:3f:e6:db:8d:df:91:96: 92:22:23:65:3a:8d:9a:4c:4d:0c:da:66:df:33:36: 60:ef:52:b0:92:0c:53:5d:7a:44:2d:52:77:4b:86: 65:6f:a1:95:ce:d4:af:d2:36:62:2a:3e:3c:8f:4b: 5a:43:09:a6:55:48:49:73:63:53:9d:57:c1:80:be: ab:9a:d9:ac:e4:3c:9a:49:2e:a7:17:28:83:74:57: 78:4b:98:60:9e:61:f2:1f:97:2b:3e:de:27:51:5f: 97:7d:63:15:31:4a:ea:10:be:17:47:f2:4b:b7:07: 1e:7c:0f:25:33:b4:50:fe:25:e8:91:69:6d:97:70: 94:cc:37:30:76:19:da:87:19:7f:20:70:7b:0c:d5: 1f:9e:a7:4f:a5:20:87:77:d6:e8:7e:75:25:0a:78: 1e:c3:96:af:01:cb:0c:1f:cc:66:6e:98:86:dc:96: 93:26:14:f8:a8:2e:e5:2c:49:25:01:85:ff:5f:cc: b4:70:07:0a:a1:04:ad:1a:29:2a:45:6f:ca:22:19: 60:f1:50:e8:b3:9e:4c:49:b3:0c:4d:b4:ec:f7:72: f4:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:BE:85:D4:51:CF:FA:7D:88:1F:DC:1F:3C:0F:10:98:A1:80:FA:F3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:e0c0::/46 Signature Algorithm: sha256WithRSAEncryption 0e:36:25:bc:92:7b:26:31:35:2f:a4:7a:54:90:8e:4f:5f:42: c0:b3:11:47:8c:96:90:3d:c9:87:84:b1:72:fa:0a:2a:9a:b5: 99:45:e6:d7:51:c6:97:4f:51:b4:db:aa:35:ec:04:65:3c:7b: f5:b1:f2:58:9e:af:99:45:22:aa:f0:06:b1:c9:ea:5f:0b:d3: 80:aa:1e:ae:39:ef:1b:af:84:70:13:3f:80:e9:9e:d3:a9:b3: 6a:98:e9:72:ed:2a:cc:da:07:21:b8:ef:80:81:44:66:60:1d: f0:05:d8:5f:60:06:b5:52:2f:d3:76:35:c6:de:8c:19:21:fd: a4:82:44:40:d2:8d:4b:23:80:ba:48:6d:26:bf:76:70:04:48: a4:78:7e:4e:20:5d:51:5f:9a:26:0d:be:78:a8:86:72:85:87: 5f:59:aa:c0:cc:3e:d0:5d:19:84:3b:64:d9:10:7c:12:21:3c: 3c:b2:52:4d:30:74:92:4c:73:5c:64:1a:51:21:57:c8:57:98: b0:4d:5a:e9:3a:6c:7d:8c:d6:db:92:1c:b2:cd:62:59:c5:eb: 15:1c:c2:c1:08:04:76:71:c8:3d:f4:1f:10:72:70:86:45:fa: 57:2f:0e:2a:66:7d:08:4b:be:3b:34:02:a1:46:c4:c4:ce:37: 45:69:5d:fb -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUcqT7aHZ6Tubm4gO5s7AnKf3CMeYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNDEzNloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAY2NmMmZlMmJmYWU4OTcyMjg4MDcx NjNmMzcxYzQzNDA5Mzg4ODU3ODA1YjZmYTczNTE2ZDYzNGQ4YWM3MDYxMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH9S4opDLShpqCtYsUYHPFA4pYIX cXto3ITcCw04EKMBsHvY/T/m243fkZaSIiNlOo2aTE0M2mbfMzZg71KwkgxTXXpE LVJ3S4Zlb6GVztSv0jZiKj48j0taQwmmVUhJc2NTnVfBgL6rmtms5DyaSS6nFyiD dFd4S5hgnmHyH5crPt4nUV+XfWMVMUrqEL4XR/JLtwcefA8lM7RQ/iXokWltl3CU zDcwdhnahxl/IHB7DNUfnqdPpSCHd9bofnUlCngew5avAcsMH8xmbpiG3JaTJhT4 qC7lLEklAYX/X8y0cAcKoQStGikqRW/KIhlg8VDos55MSbMMTbTs93L02wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCq+hdRRz/p9iB/cHzwPEJihgPrzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZWMxZmU5LTc0ZGEtNGMwNy1hZGIyLWFjNzQ0NmRlMzg5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba++DAMA0GCSqGSIb3DQEBCwUAA4IBAQAONiW8knsmMTUvpHpU kI5PX0LAsxFHjJaQPcmHhLFy+goqmrWZRebXUcaXT1G026o17ARlPHv1sfJYnq+Z RSKq8AaxyepfC9OAqh6uOe8br4RwEz+A6Z7TqbNqmOly7SrM2gchuO+AgURmYB3w BdhfYAa1Ui/TdjXG3owZIf2kgkRA0o1LI4C6SG0mv3ZwBEikeH5OIF1RX5omDb54 qIZyhYdfWarAzD7QXRmEO2TZEHwSITw8slJNMHSSTHNcZBpRIVfIV5iwTVrpOmx9 jNbbkhyyzWJZxesVHMLBCAR2ccg99B8QcnCGRfpXLw4qZn0IS747NAKhRsTEzjdF aV37 -----END CERTIFICATE-----Generated at Tue Jun 3 23:14:48 2025 by rpki-client