$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa File: c7a048e9-67c5-415d-88d4-0acc3454af62.roa (raw, json) Hash identifier: wtLaSBKxBJOVmElkUxGYau2X4V7I8qjP8qpF9M9o2UQ= Subject key identifier: D6:C3:E6:5F:99:52:A7:DD:21:8F:27:8B:DF:CE:51:7A:1F:7D:F8:12 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4F6FC97EDE5EA971ADE28AF5A8AC86297AF80BFB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa Signing time: Fri 16 May 2025 15:31:40 +0000 ROA not before: Fri 16 May 2025 15:31:40 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:6f:c9:7e:de:5e:a9:71:ad:e2:8a:f5:a8:ac:86:29:7a:f8:0b:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:31:40 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=dd528d20a5b1c984ca50ddb12c44f625c50d32a25d6065e9181175444ff0d8a8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:ca:21:04:ed:05:ba:e0:e6:c3:1b:8e:17:ec: 4a:e2:60:bc:cf:12:ee:12:a8:dc:5b:17:17:de:1a: 1b:57:9f:6a:5f:81:3c:ec:5a:74:98:cb:9a:83:eb: 3a:42:fb:9a:b3:d2:f9:9b:fb:75:ea:00:17:39:7c: 6c:18:0a:e0:7b:bd:ef:5f:71:47:a4:60:38:27:15: 22:7b:f9:ea:ca:9e:d0:6b:1e:d7:7f:24:8f:3a:08: 70:b5:c6:f5:69:88:28:51:39:07:17:b3:31:a6:11: 51:41:2b:ca:13:02:64:a0:95:1b:b0:32:c4:a2:29: c9:5f:c1:74:f0:a6:0f:8b:e8:1c:33:e3:cf:7b:cd: 5b:15:21:35:ff:34:30:be:aa:fe:cb:73:06:16:74: 8b:60:ca:14:bc:b7:ed:27:10:f0:12:7f:7b:c3:fe: 93:5a:13:1e:56:7e:bf:c2:41:b7:56:7a:34:81:53: 1e:90:ab:56:88:bb:5e:27:7f:20:28:9b:89:73:8f: ed:bc:fe:ef:97:43:f4:e5:4e:77:87:da:8f:df:57: 8a:e2:c8:a8:b2:a7:d0:ac:89:ef:66:0d:42:81:c9: 75:1b:ed:bf:c9:5c:72:d6:20:00:65:c1:e1:ad:c5: cd:91:60:b4:66:d8:11:8d:52:9d:e0:a4:f4:e3:f5: c4:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:C3:E6:5F:99:52:A7:DD:21:8F:27:8B:DF:CE:51:7A:1F:7D:F8:12 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:8000::/40 Signature Algorithm: sha256WithRSAEncryption b5:85:73:8b:5f:f5:9a:db:b0:00:1d:02:b1:54:ab:fd:f7:10: 43:75:5b:a2:54:09:42:5c:97:48:cf:18:ba:66:f2:36:db:08: 94:bd:06:6d:2a:bf:61:9e:2e:3b:ee:e9:e6:9c:24:9e:87:37: fe:34:3c:7a:30:ce:4b:01:73:d2:08:d0:08:d4:0a:3c:07:5d: 27:cc:10:42:66:f6:7a:32:36:1e:cc:34:b7:a8:39:d4:58:0d: fb:10:98:4b:a6:9e:bb:ab:ba:bd:59:43:9c:30:a8:0e:7b:d6: 72:19:e3:0d:48:df:59:5b:0a:10:8b:7d:26:9a:20:31:f9:2f: a4:2b:40:94:a0:bc:48:cd:9c:04:41:90:fe:81:d6:9c:bc:db: 60:78:66:90:b1:7e:41:30:80:71:eb:03:ed:8d:8d:7a:83:24: 19:82:aa:75:d3:44:d6:5f:77:4c:89:0b:19:f8:7f:eb:ce:d9: 1a:35:bc:e6:ee:10:f8:8d:1f:73:bb:d7:ca:38:1b:82:b5:67: 00:23:40:4a:dc:5f:c6:f2:ab:37:de:f2:21:64:b1:dd:cb:e0: 1c:f3:9d:24:be:a5:33:4f:14:68:ab:b8:63:68:bb:48:cd:c6: da:18:c5:46:bc:4d:22:87:b3:75:a3:df:8f:b4:c1:ef:e9:d5: 91:31:2a:52 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUT2/Jft5eqXGt4or1qKyGKXr4C/swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzE0MFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZGQ1MjhkMjBhNWIxYzk4NGNhNTBk ZGIxMmM0NGY2MjVjNTBkMzJhMjVkNjA2NWU5MTgxMTc1NDQ0ZmYwZDhhODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MohBO0FuuDmwxuOF+xK4mC8zxLu EqjcWxcX3hobV59qX4E87Fp0mMuag+s6Qvuas9L5m/t16gAXOXxsGArge73vX3FH pGA4JxUie/nqyp7Qax7XfySPOghwtcb1aYgoUTkHF7MxphFRQSvKEwJkoJUbsDLE oinJX8F08KYPi+gcM+PPe81bFSE1/zQwvqr+y3MGFnSLYMoUvLftJxDwEn97w/6T WhMeVn6/wkG3Vno0gVMekKtWiLteJ38gKJuJc4/tvP7vl0P05U53h9qP31eK4sio sqfQrInvZg1Cgcl1G+2/yVxy1iAAZcHhrcXNkWC0ZtgRjVKd4KT04/XEMwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNbD5l+ZUqfdIY8ni9/OUXofffgSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YTA0OGU5LTY3YzUtNDE1ZC04OGQ0LTBhY2MzNDU0YWY2Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/oAwDQYJKoZIhvcNAQELBQADggEBALWFc4tf9ZrbsAAdArFU q/33EEN1W6JUCUJcl0jPGLpm8jbbCJS9Bm0qv2GeLjvu6eacJJ6HN/40PHowzksB c9II0AjUCjwHXSfMEEJm9noyNh7MNLeoOdRYDfsQmEumnrurur1ZQ5wwqA571nIZ 4w1I31lbChCLfSaaIDH5L6QrQJSgvEjNnARBkP6B1py822B4ZpCxfkEwgHHrA+2N jXqDJBmCqnXTRNZfd0yJCxn4f+vO2Ro1vObuEPiNH3O718o4G4K1ZwAjQErcX8by qzfe8iFksd3L4BzznSS+pTNPFGiruGNou0jNxtoYxUa8TSKHs3Wj34+0we/p1ZEx KlI= -----END CERTIFICATE-----Generated at Mon Jun 2 06:18:33 2025 by rpki-client