$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa File: cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa (raw, json) Hash identifier: PFisCwmLc5A4xPebwsv2HoK9No8eSf7HflWY7PBt2o8= Subject key identifier: D4:E1:76:6E:B5:9A:41:7A:DB:1A:94:B6:C4:96:41:4B:42:0A:DB:98 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 17F95A77ECE61BEBAF5D0296D374CFA856E92DDA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa Signing time: Tue 13 May 2025 00:00:43 +0000 ROA not before: Tue 13 May 2025 00:00:43 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:f9:5a:77:ec:e6:1b:eb:af:5d:02:96:d3:74:cf:a8:56:e9:2d:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:00:43 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=062783f4216fe1c9a150d619f56ce5a7f795e29a80f0080d676b0fab726c405b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:d0:10:ce:1a:81:d7:de:02:78:0d:c6:49:96: 2b:ba:b3:6e:42:2f:a3:e7:11:c2:9e:4f:bc:05:0c: 48:de:e6:1c:f8:38:f4:54:de:1b:d2:ac:b2:6d:9c: f4:3f:d3:e1:71:f2:63:54:34:c8:04:20:14:c7:be: 0e:38:74:53:18:bc:95:2b:9d:be:a4:65:80:84:1d: 63:f6:7c:4a:63:aa:e9:d2:bd:9e:fb:53:04:42:cc: 4a:70:31:60:1f:28:52:15:27:69:ad:39:a6:d7:3c: bd:f2:47:a9:a8:1a:5f:83:c9:a5:bc:40:2b:c0:e9: 62:c9:70:3b:5e:91:86:6a:80:b3:99:c3:ea:ca:33: eb:9e:9a:99:0f:5d:2d:9e:c5:88:8f:fc:c8:89:df: ce:82:8b:72:66:f5:9c:35:5b:6f:ae:30:96:49:29: 0c:f0:41:e1:06:f8:03:61:fb:bc:48:98:a2:39:21: c4:f2:7b:58:bc:cc:e0:ef:81:a4:1d:37:e2:5f:78: a2:b7:39:0d:4e:a1:3d:61:c7:22:8f:40:6b:58:cc: aa:d6:e0:23:97:af:47:89:8f:22:ba:5a:53:7f:cd: ac:a8:a4:5a:5e:ee:89:b1:ef:3e:52:5c:9d:be:a5: ea:20:60:70:3a:83:e4:fd:44:07:f3:50:07:e5:8a: 84:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:E1:76:6E:B5:9A:41:7A:DB:1A:94:B6:C4:96:41:4B:42:0A:DB:98 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 9c:30:08:c1:39:81:c7:71:fb:a7:b0:80:b7:15:5e:f5:7e:69: bf:85:8e:08:13:82:73:f3:22:18:76:49:e3:b7:bc:60:fd:01: 00:63:3e:2a:e0:cc:e2:75:3f:c1:c9:b8:4e:04:45:99:4a:6d: 66:8d:93:06:4a:75:b0:11:f3:07:a3:73:18:54:63:df:07:6d: 99:68:08:57:70:c3:3a:db:e0:86:79:b9:e7:62:38:37:42:00: 42:19:18:78:7e:ed:dc:97:24:b1:a3:a7:1e:09:b3:b4:89:5d: d9:f1:e7:1f:f3:2d:c8:d7:de:32:94:5b:37:cb:4d:d6:a9:80: d2:46:bd:bd:e4:c6:de:1b:7e:96:b6:50:23:2c:74:80:40:2c: e7:85:5e:e0:df:b7:3e:82:55:a0:55:90:e4:8e:3b:b7:04:0b: 05:fa:b5:a0:a6:a4:6c:bb:8e:41:02:fe:e9:b0:ef:34:ed:c8: b6:ef:73:b4:5f:2c:56:f1:81:b6:06:48:b7:39:58:e5:af:94: b8:5d:89:b0:01:42:1d:b8:df:07:70:d5:e9:2c:ea:dc:53:69: c1:cb:8b:dd:81:99:df:89:51:18:05:08:b3:9b:ad:5c:70:aa: 4a:43:52:81:be:72:34:e4:77:3f:7b:e4:23:f6:02:13:ec:26: 82:de:d5:94 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUF/lad+zmG+uvXQKW03TPqFbpLdowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMzAwMDA0M1oX DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAMDYyNzgzZjQyMTZmZTFjOWExNTBk NjE5ZjU2Y2U1YTdmNzk1ZTI5YTgwZjAwODBkNjc2YjBmYWI3MjZjNDA1YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNAQzhqB194CeA3GSZYrurNuQi+j 5xHCnk+8BQxI3uYc+Dj0VN4b0qyybZz0P9PhcfJjVDTIBCAUx74OOHRTGLyVK52+ pGWAhB1j9nxKY6rp0r2e+1MEQsxKcDFgHyhSFSdprTmm1zy98kepqBpfg8mlvEAr wOliyXA7XpGGaoCzmcPqyjPrnpqZD10tnsWIj/zIid/OgotyZvWcNVtvrjCWSSkM 8EHhBvgDYfu8SJiiOSHE8ntYvMzg74GkHTfiX3iitzkNTqE9Yccij0BrWMyq1uAj l69HiY8iulpTf82sqKRaXu6Jse8+UlydvqXqIGBwOoPk/UQH81AH5YqEZQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNThdm61mkF62xqUtsSWQUtCCtuYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmNmY2ZTc1LTZiYWItNGJjMS04ODIyLTFiN2VjMWZjMTQ4ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mDAMA0GCSqGSIb3DQEBCwUAA4IBAQCcMAjBOYHHcfunsIC3 FV71fmm/hY4IE4Jz8yIYdknjt7xg/QEAYz4q4MzidT/BybhOBEWZSm1mjZMGSnWw EfMHo3MYVGPfB22ZaAhXcMM62+CGebnnYjg3QgBCGRh4fu3clySxo6ceCbO0iV3Z 8ecf8y3I194ylFs3y03WqYDSRr295MbeG36WtlAjLHSAQCznhV7g37c+glWgVZDk jju3BAsF+rWgpqRsu45BAv7psO807ci273O0XyxW8YG2Bki3OVjlr5S4XYmwAUId uN8HcNXpLOrcU2nBy4vdgZnfiVEYBQizm61ccKpKQ1KBvnI05Hc/e+Qj9gIT7CaC 3tWU -----END CERTIFICATE-----Generated at Mon Jun 2 06:15:24 2025 by rpki-client