$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa File: cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa (raw, json) Hash identifier: 6xSv9KOq+GQ7Z0lUOseHiQALqG83WGxohGtpZE2++qM= Subject key identifier: F9:20:40:59:44:34:82:4D:EE:1B:FE:1A:88:0C:94:5A:31:D0:D6:B3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D975F8E84B73576CEE1DA348034ABCCB44D50A8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa Signing time: Fri 16 May 2025 00:20:12 +0000 ROA not before: Fri 16 May 2025 00:20:12 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:97:5f:8e:84:b7:35:76:ce:e1:da:34:80:34:ab:cc:b4:4d:50:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:20:12 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=1afcb9ad1a0c803b340e1bb4c9061fb3732111c2f5c2e270ac5e9ae9494c63c4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f3:88:53:a8:0f:98:59:62:b6:37:80:7a:a0: 00:8c:78:08:b5:76:44:43:32:0a:f2:95:be:1e:36: f9:65:6b:cf:3f:ab:7c:fb:11:7d:ab:de:11:9b:44: 62:25:64:34:4a:45:27:9d:0f:ee:bc:2f:98:07:f3: 8a:62:97:5e:09:3b:9a:63:37:fb:81:bd:fd:b1:16: 82:70:d1:57:ab:22:15:de:1e:5a:a6:ba:48:c8:2d: 35:74:fe:73:5e:20:52:d8:22:97:bd:a7:cf:cf:95: 6e:1e:ff:58:77:db:aa:22:f0:14:22:8d:0a:90:02: 8e:dc:28:f3:fc:b0:0d:0a:b2:1c:89:35:f1:80:bd: 00:e3:7c:a7:b2:37:ba:58:f9:aa:6d:27:22:96:93: 6e:8c:86:56:56:08:38:5e:ac:3c:7b:ae:04:5e:28: ee:be:25:18:67:1c:ad:e8:73:b9:ea:5d:ec:f4:42: fa:c6:cd:fa:09:9c:6a:72:c3:8a:ba:35:cf:1f:7f: 1f:90:dc:48:cf:c6:f0:c7:08:bd:20:15:51:e5:6d: a7:dc:f9:c7:26:9e:a6:58:7f:04:e9:d7:d6:85:91: ce:c0:f3:d0:c3:0d:20:89:b3:6b:ea:e4:69:cf:a1: b1:10:82:aa:75:28:07:61:0b:11:f9:a6:8f:33:b0: 73:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:20:40:59:44:34:82:4D:EE:1B:FE:1A:88:0C:94:5A:31:D0:D6:B3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:9000::/40 Signature Algorithm: sha256WithRSAEncryption 27:fe:f2:da:b6:37:44:4b:4c:fd:d8:74:5f:95:80:12:84:aa: e8:bd:6e:91:e7:75:c7:9f:08:63:7c:19:91:fa:a7:79:06:b9: 27:b6:33:26:48:d6:2a:a1:55:cf:46:6e:6c:19:45:f6:9b:ee: 7a:1d:b1:c4:b6:c1:80:df:82:9f:e4:18:51:a6:51:9e:b6:c0: f6:17:89:42:eb:97:e2:07:15:56:ed:25:2f:97:68:f8:2f:90: d1:f1:5c:b7:dd:fa:a6:49:36:39:29:c8:2c:6d:a7:e8:50:c5: 26:ba:cf:15:e4:67:38:53:ed:54:f0:98:e9:66:74:a3:a2:58: dc:a4:5c:ba:8d:40:f5:77:b7:08:b8:fd:ab:5b:17:be:f4:c7: 02:fb:57:5a:d6:92:e5:bb:1b:af:39:77:79:39:d3:d6:3b:a5: 8a:a8:af:0a:68:26:f7:25:e3:ec:a6:e2:8b:28:c6:84:e7:6b: 1b:23:f0:e4:eb:24:5a:0b:a6:99:e3:df:81:a6:4e:fa:d9:1c: 90:18:52:20:81:08:6c:1a:c0:c7:7a:06:0b:f2:e9:6c:59:9e: 2a:3e:eb:5c:bd:24:91:98:f0:ae:b8:3e:2f:e2:3e:e8:25:88: 0e:9b:e7:dd:36:2d:10:b1:c5:60:72:03:50:be:e1:80:f9:d3: ed:67:98:7d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPZdfjoS3NXbO4do0gDSrzLRNUKgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMjAxMloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMWFmY2I5YWQxYTBjODAzYjM0MGUx YmI0YzkwNjFmYjM3MzIxMTFjMmY1YzJlMjcwYWM1ZTlhZTk0OTRjNjNjNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/OIU6gPmFlitjeAeqAAjHgItXZE QzIK8pW+Hjb5ZWvPP6t8+xF9q94Rm0RiJWQ0SkUnnQ/uvC+YB/OKYpdeCTuaYzf7 gb39sRaCcNFXqyIV3h5aprpIyC01dP5zXiBS2CKXvafPz5VuHv9Yd9uqIvAUIo0K kAKO3Cjz/LANCrIciTXxgL0A43ynsje6WPmqbScilpNujIZWVgg4Xqw8e64EXiju viUYZxyt6HO56l3s9EL6xs36CZxqcsOKujXPH38fkNxIz8bwxwi9IBVR5W2n3PnH Jp6mWH8E6dfWhZHOwPPQww0gibNr6uRpz6GxEIKqdSgHYQsR+aaPM7Bz3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPkgQFlENIJN7hv+GogMlFox0NazMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NlZjZiMWQ0LWE1MDEtNDZkNC1iOGQ4LTMyYjJmNTZhZTE5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaZAwDQYJKoZIhvcNAQELBQADggEBACf+8tq2N0RLTP3YdF+V gBKEqui9bpHndcefCGN8GZH6p3kGuSe2MyZI1iqhVc9GbmwZRfab7nodscS2wYDf gp/kGFGmUZ62wPYXiULrl+IHFVbtJS+XaPgvkNHxXLfd+qZJNjkpyCxtp+hQxSa6 zxXkZzhT7VTwmOlmdKOiWNykXLqNQPV3twi4/atbF770xwL7V1rWkuW7G685d3k5 09Y7pYqorwpoJvcl4+ym4osoxoTnaxsj8OTrJFoLppnj34GmTvrZHJAYUiCBCGwa wMd6Bgvy6WxZnio+61y9JJGY8K64Pi/iPugliA6b5902LRCxxWByA1C+4YD50+1n mH0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:10 2025 by rpki-client