$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c27b2338-5ab9-4430-8cc1-8132801f76eb.roa File: c27b2338-5ab9-4430-8cc1-8132801f76eb.roa (raw, json) Hash identifier: kD+596+B0Bui+r45wJFjUblV9qT5RZhSSt6JgAzEPMM= Subject key identifier: 54:B6:65:C7:74:43:5C:4C:18:1E:DE:91:A8:DA:74:B2:07:A8:FF:A7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 53AA75209369342905847C8C91EE8DC9A146E461 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c27b2338-5ab9-4430-8cc1-8132801f76eb.roa Signing time: Mon 02 Jun 2025 15:00:11 +0000 ROA not before: Mon 02 Jun 2025 15:00:11 +0000 ROA not after: Mon 07 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2c::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:aa:75:20:93:69:34:29:05:84:7c:8c:91:ee:8d:c9:a1:46:e4:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 2 15:00:11 2025 GMT Not After : Jul 7 23:59:59 2025 GMT Subject: serialNumber=d476ed2f07a886c425f93d5d57f95e04b65c2508d10abc37d3ef9383caaa1493, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:9d:dc:ca:c9:d6:31:4c:04:b5:1b:11:85:9d: ef:88:d5:ba:a1:fb:44:24:fb:d4:a8:fc:c9:8a:e7: d5:cb:ca:7f:89:b7:9f:f1:49:02:19:ca:47:f7:b9: 56:b4:8f:51:53:92:a1:af:7f:56:6a:16:69:52:c6: 2d:60:c4:1c:89:20:f6:60:11:a4:22:58:db:19:e5: 4b:95:f7:99:34:8c:01:7b:33:05:20:c6:32:d9:2c: 5b:73:8b:80:11:65:89:8d:8f:34:c3:6c:40:09:e2: 09:42:b2:a8:73:64:4c:08:7c:7f:cf:d9:fb:a9:6b: f1:71:50:7c:6e:da:5d:8c:66:f0:95:a8:3f:2a:6b: 94:16:b1:8f:2e:4b:4b:8b:d2:a8:a6:46:a4:fd:5f: 06:31:5e:8f:90:f8:58:95:60:71:fc:0d:a7:50:38: 94:4e:53:88:35:d9:b9:47:2c:c3:15:49:6d:f2:ae: 10:ef:07:86:bd:5a:74:4c:43:09:ec:b2:66:14:8d: 77:ad:ba:80:0a:9a:40:08:5a:7e:06:91:31:2b:d2: dd:ae:b7:7f:94:39:33:bf:cb:70:79:73:2e:a1:30: 8b:bb:0d:dc:67:e5:38:e1:05:32:c4:1e:2d:28:c2: e5:60:b0:bd:e0:d6:3d:1b:17:ca:ed:fb:ed:50:76: 5f:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:B6:65:C7:74:43:5C:4C:18:1E:DE:91:A8:DA:74:B2:07:A8:FF:A7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c27b2338-5ab9-4430-8cc1-8132801f76eb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2c::/36 Signature Algorithm: sha256WithRSAEncryption 09:5c:91:65:e6:27:ed:7a:5f:51:69:de:58:70:ca:48:3d:68: a1:f9:1e:e9:f5:b7:33:8f:2a:f9:e7:e4:ab:61:c8:b7:1b:23: 57:02:32:71:90:a1:69:b4:e9:3e:95:31:07:8b:5d:ff:73:0e: 21:d7:51:21:74:10:81:f6:f2:36:b5:05:40:1d:24:02:f0:1a: 92:1e:c5:93:1a:9c:c2:16:e4:c0:a0:92:65:e7:68:11:c7:56: b3:08:42:a2:12:2d:09:ab:5f:cb:90:93:d5:7a:1e:50:72:45: 13:ba:83:6c:34:75:05:38:0c:7d:3c:93:92:3a:67:a1:20:12: f2:19:7d:d6:ce:7b:a5:dc:1a:08:39:44:95:b3:7f:92:73:cf: a8:fd:11:d5:09:7d:4a:a8:e9:45:69:2a:0f:e9:ae:48:3b:2e: 79:29:2e:a5:d3:4a:06:d0:36:3d:7f:cd:37:4d:52:0f:71:ad: bf:92:fd:ed:eb:64:92:2a:26:aa:e2:e4:21:e3:59:2c:35:4b: 0f:5c:50:38:42:a4:7f:4a:40:90:a0:0f:11:a5:e7:13:2b:72: 39:00:f5:d9:0f:f4:db:f8:bd:6c:46:6a:e6:58:fb:7f:2c:33: b1:8f:8d:81:01:93:c5:25:7c:8c:61:7b:41:ff:8c:81:4f:55: b1:09:c3:80 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUU6p1IJNpNCkFhHyMke6NyaFG5GEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwMjE1MDAxMVoX DTI1MDcwNzIzNTk1OVowejFJMEcGA1UEBRNAZDQ3NmVkMmYwN2E4ODZjNDI1Zjkz ZDVkNTdmOTVlMDRiNjVjMjUwOGQxMGFiYzM3ZDNlZjkzODNjYWFhMTQ5MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp3cysnWMUwEtRsRhZ3viNW6oftE JPvUqPzJiufVy8p/ibef8UkCGcpH97lWtI9RU5Khr39WahZpUsYtYMQciSD2YBGk IljbGeVLlfeZNIwBezMFIMYy2Sxbc4uAEWWJjY80w2xACeIJQrKoc2RMCHx/z9n7 qWvxcVB8btpdjGbwlag/KmuUFrGPLktLi9Kopkak/V8GMV6PkPhYlWBx/A2nUDiU TlOINdm5RyzDFUlt8q4Q7weGvVp0TEMJ7LJmFI13rbqACppACFp+BpExK9Ldrrd/ lDkzv8tweXMuoTCLuw3cZ+U44QUyxB4tKMLlYLC94NY9GxfK7fvtUHZfBQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFS2Zcd0Q1xMGB7ekajadLIHqP+nMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MyN2IyMzM4LTVhYjktNDQzMC04Y2MxLTgxMzI4MDFmNzZlYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaLAAwDQYJKoZIhvcNAQELBQADggEBAAlckWXmJ+16X1Fp3lhw ykg9aKH5Hun1tzOPKvnn5KthyLcbI1cCMnGQoWm06T6VMQeLXf9zDiHXUSF0EIH2 8ja1BUAdJALwGpIexZManMIW5MCgkmXnaBHHVrMIQqISLQmrX8uQk9V6HlByRRO6 g2w0dQU4DH08k5I6Z6EgEvIZfdbOe6XcGgg5RJWzf5Jzz6j9EdUJfUqo6UVpKg/p rkg7LnkpLqXTSgbQNj1/zTdNUg9xrb+S/e3rZJIqJqri5CHjWSw1Sw9cUDhCpH9K QJCgDxGl5xMrcjkA9dkP9Nv4vWxGauZY+38sM7GPjYEBk8UlfIxhe0H/jIFPVbEJ w4A= -----END CERTIFICATE-----Generated at Tue Jun 3 23:17:59 2025 by rpki-client