$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa File: cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa (raw, json) Hash identifier: 03AmqhELpSB3xju0M5rOPzGb6t5V+OvC3uL1I/3S0v8= Subject key identifier: 13:6E:77:D8:D2:38:C0:AD:9A:E3:24:CC:C0:E5:B4:3F:77:6C:AB:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43F60F6DD8BF7C5DCD7CF5F30A006231AD90D54A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa Signing time: Wed 26 Mar 2025 00:00:07 +0000 ROA not before: Wed 26 Mar 2025 00:00:07 +0000 ROA not after: Wed 30 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:f6:0f:6d:d8:bf:7c:5d:cd:7c:f5:f3:0a:00:62:31:ad:90:d5:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 26 00:00:07 2025 GMT Not After : Apr 30 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:cc:06:74:52:00:d3:f2:eb:56:3f:2d:9a:db: f0:bf:7b:43:ac:15:51:a3:fc:be:27:5d:77:f6:18: f1:c3:c8:39:c4:89:08:a3:d5:aa:b2:d9:79:f6:c1: 65:6e:e5:2d:2a:68:17:c0:fa:6b:ce:39:3f:72:c3: 30:d3:ef:e0:fe:a1:57:5d:90:b3:c0:d2:43:ad:47: d5:44:4f:48:e4:95:db:88:cb:22:14:6b:e0:bd:84: 7a:56:b0:d1:aa:24:6a:6e:73:ab:57:e9:62:6d:7a: 5a:25:2a:17:70:58:89:25:0e:9b:9c:c0:98:63:c1: ad:dc:de:ed:5d:d3:d6:ae:34:4b:1b:87:4d:b6:22: 56:30:de:a2:85:4b:67:4a:6c:90:64:98:63:24:95: e3:08:4b:70:0b:75:e0:38:74:1c:f2:a1:ad:9b:68: 31:9b:f9:84:11:a5:ad:10:88:3e:24:0a:b9:1b:3d: a5:9e:d8:c5:da:9f:4b:f3:c4:76:c1:f5:6c:cc:23: 3d:f3:69:05:69:14:85:10:64:9a:76:6c:42:67:a3: fc:57:ff:ec:9a:4e:bf:b1:3c:d6:ee:de:a0:e4:fb: b0:b9:17:ca:86:e1:5d:e2:0e:86:5d:14:d0:3a:1a: 63:45:8d:e4:00:39:3a:fb:11:6e:10:22:fd:12:63: b5:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:6E:77:D8:D2:38:C0:AD:9A:E3:24:CC:C0:E5:B4:3F:77:6C:AB:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:c000::/40 Signature Algorithm: sha256WithRSAEncryption 13:74:2e:b8:2e:b6:e4:2c:fd:f5:76:98:9a:01:41:b5:90:75: 5d:1a:27:3c:cc:43:60:c9:1f:f2:94:41:78:d3:36:60:58:7c: 5f:fd:e1:8b:c4:84:1a:11:ff:a5:81:09:89:f5:8c:66:2e:bb: be:70:a2:c6:64:3c:3a:58:d5:46:e0:67:8a:f8:4f:37:33:74: b5:ab:04:9b:77:09:d8:e9:15:78:03:f5:d5:27:25:90:44:72: 14:60:ab:9e:ae:d6:fb:1f:ab:25:f0:f6:b3:3c:ec:20:80:a9: ad:79:d0:b1:c3:2d:87:e9:c9:39:66:3f:09:a2:a4:45:e4:49: 6d:62:a3:cd:75:ac:ff:1a:9c:e1:b2:a4:b6:a2:6f:b8:b6:d2: ad:a0:91:ae:a8:02:0d:3d:d0:e7:61:5d:d1:bb:2a:a6:28:32: 6c:2f:e6:1a:8c:d1:3a:87:e3:46:3a:10:49:65:9e:43:4b:cf: 82:cf:bc:ef:97:a5:73:68:3a:1f:47:51:68:89:35:d5:90:03: f4:76:24:ce:3a:72:4f:e4:1e:2c:36:33:cf:f9:4e:c4:29:ec: 85:2a:6d:e1:ed:fa:08:34:93:9d:f3:bf:66:3f:fa:d0:b5:f3: 05:15:3b:b4:4c:1d:7f:80:83:79:33:9d:8d:81:cb:46:46:60: 98:b6:62:7c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ/YPbdi/fF3NfPXzCgBiMa2Q1UowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDAwN1oX DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAZGI2NjQ0OGY3N2YyYjgyZGM3YTgy ZDc2OTk3Mjk5M2ZlYmJjMTVlYTcwN2FkMzZkNDE1MThjYTA4MWIxMmVjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkswGdFIA0/LrVj8tmtvwv3tDrBVR o/y+J1139hjxw8g5xIkIo9Wqstl59sFlbuUtKmgXwPprzjk/csMw0+/g/qFXXZCz wNJDrUfVRE9I5JXbiMsiFGvgvYR6VrDRqiRqbnOrV+libXpaJSoXcFiJJQ6bnMCY Y8Gt3N7tXdPWrjRLG4dNtiJWMN6ihUtnSmyQZJhjJJXjCEtwC3XgOHQc8qGtm2gx m/mEEaWtEIg+JAq5Gz2lntjF2p9L88R2wfVszCM982kFaRSFEGSadmxCZ6P8V//s mk6/sTzW7t6g5PuwuRfKhuFd4g6GXRTQOhpjRY3kADk6+xFuECL9EmO1jwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBNud9jSOMCtmuMkzMDltD93bKvIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NiZjMxYjk3LWExOTEtNGE2MC1hOWRlLTZmMjliYmVmOGIyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9MAwDQYJKoZIhvcNAQELBQADggEBABN0LrgutuQs/fV2mJoB QbWQdV0aJzzMQ2DJH/KUQXjTNmBYfF/94YvEhBoR/6WBCYn1jGYuu75wosZkPDpY 1UbgZ4r4TzczdLWrBJt3CdjpFXgD9dUnJZBEchRgq56u1vsfqyXw9rM87CCAqa15 0LHDLYfpyTlmPwmipEXkSW1io811rP8anOGypLaib7i20q2gka6oAg090OdhXdG7 KqYoMmwv5hqM0TqH40Y6EEllnkNLz4LPvO+XpXNoOh9HUWiJNdWQA/R2JM46ck/k Hiw2M8/5TsQp7IUqbeHt+gg0k53zv2Y/+tC18wUVO7RMHX+Ag3kznY2By0ZGYJi2 Ynw= -----END CERTIFICATE-----Generated at Sat Apr 5 12:10:10 2025 by rpki-client