$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa File: d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa (raw, json) Hash identifier: Xl510wF7sebplF6aYTL3ERIC/21ctJpzuZt4WOzmsW4= Subject key identifier: 8E:2B:90:1A:17:50:31:55:E7:01:52:52:82:96:29:51:16:F6:AD:A2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 129BF45C0F40EC9B3AB3052DFBFF5BBFCCAB664D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa Signing time: Fri 16 May 2025 00:20:49 +0000 ROA not before: Fri 16 May 2025 00:20:49 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:9b:f4:5c:0f:40:ec:9b:3a:b3:05:2d:fb:ff:5b:bf:cc:ab:66:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:20:49 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=b6aad1d435bf5b32d08e2b88c3cfe636afe128afa0ffca3cb21aa67d4ddd013e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:c3:f0:fb:e2:b6:90:bc:4e:de:0c:68:f5:8e: 3f:14:c7:15:0e:b1:c3:42:1a:06:30:03:d0:9e:09: 8a:67:a1:fa:76:19:71:c0:df:7f:6e:40:e1:2b:c9: 54:b2:7c:54:dc:51:4b:ff:b4:9e:e3:42:54:b2:7d: a0:6a:bc:b7:7f:dd:4e:31:d6:9e:05:a3:96:23:3a: 86:1d:8d:b0:e6:fa:46:31:f7:2e:79:8a:5d:cd:33: 33:f5:c2:48:26:42:1b:7f:79:16:59:10:3c:02:64: 0f:37:c5:ee:ea:67:73:36:48:eb:17:66:53:37:a8: 03:0d:69:5f:0d:ce:f5:cd:c0:17:82:4a:f4:85:62: 49:4c:9a:d2:91:19:b3:9d:af:e2:f0:84:67:18:b5: d2:3f:68:2c:b2:c6:5e:eb:7c:a9:09:05:87:6f:6f: 1a:91:b5:13:b2:b0:3b:4f:bf:df:fb:0f:6d:c2:48: a4:e5:66:b8:16:e0:69:12:3c:dd:10:8a:3d:82:2d: 6a:96:54:e8:fb:49:b8:76:0a:3d:96:1a:62:7f:79: 44:bb:a5:42:c9:74:6e:c2:39:ae:7d:a8:d9:2a:49: 12:d1:0b:3a:97:b1:ad:ed:2e:1a:ea:e2:59:31:a8: 9d:3b:81:14:aa:6a:41:6d:d8:04:4e:bc:c6:26:d6: ec:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:2B:90:1A:17:50:31:55:E7:01:52:52:82:96:29:51:16:F6:AD:A2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4000::/40 Signature Algorithm: sha256WithRSAEncryption 3c:4b:3e:1d:1c:1f:f3:b4:f2:a9:f9:ac:c0:21:2a:f9:ba:db: ca:eb:be:6c:c2:6d:5f:d7:b4:da:f7:92:ab:7f:16:3c:46:8a: db:aa:3a:81:23:58:55:e6:c8:49:ca:bd:b8:d0:02:e0:3b:b6: d0:dd:f6:48:6c:61:4b:ac:9a:cd:82:dd:35:ea:5b:65:83:d0: 0b:df:aa:aa:9a:a9:1d:2d:9c:0f:7b:c4:cb:f4:e3:5b:ee:b0: 56:6f:af:0b:cf:67:78:75:dd:4a:6b:77:5b:55:18:a0:f4:50: a1:92:4e:8d:99:1a:43:12:e4:9b:e5:ea:e7:29:52:34:26:ef: c8:9f:8f:2d:15:5b:96:cf:de:d2:25:b1:a8:e1:c7:cb:80:fe: 87:1e:7b:da:40:da:ae:e4:87:fc:6c:20:9a:25:7b:ea:36:d3: a1:27:d8:e6:fd:fa:eb:e6:4f:f5:3d:b5:c4:89:9e:47:10:2c: 8a:75:bf:70:5c:e9:dc:60:2a:6c:fe:6a:b7:78:8b:aa:0d:0d: 3d:eb:ae:f5:6e:26:4f:e2:cb:2d:56:0d:b3:f6:29:1e:84:21: 5d:20:1d:76:40:e8:23:a1:d4:b1:76:9c:b4:6a:b8:59:54:71: ed:4b:25:ed:0d:03:06:f4:ef:4f:ed:54:b7:f8:3a:72:a7:c2: 54:21:30:dd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEpv0XA9A7Js6swUt+/9bv8yrZk0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMjA0OVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYjZhYWQxZDQzNWJmNWIzMmQwOGUy Yjg4YzNjZmU2MzZhZmUxMjhhZmEwZmZjYTNjYjIxYWE2N2Q0ZGRkMDEzZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicPw++K2kLxO3gxo9Y4/FMcVDrHD QhoGMAPQngmKZ6H6dhlxwN9/bkDhK8lUsnxU3FFL/7Se40JUsn2gary3f91OMdae BaOWIzqGHY2w5vpGMfcueYpdzTMz9cJIJkIbf3kWWRA8AmQPN8Xu6mdzNkjrF2ZT N6gDDWlfDc71zcAXgkr0hWJJTJrSkRmzna/i8IRnGLXSP2gsssZe63ypCQWHb28a kbUTsrA7T7/f+w9twkik5Wa4FuBpEjzdEIo9gi1qllTo+0m4dgo9lhpif3lEu6VC yXRuwjmufajZKkkS0Qs6l7Gt7S4a6uJZMaidO4EUqmpBbdgETrzGJtbssQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI4rkBoXUDFV5wFSUoKWKVEW9q2iMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QzYmFlNzkwLTAxZDctNGI2ZS1hMGYwLTkzMDViY2JkNGEzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAEAwDQYJKoZIhvcNAQELBQADggEBADxLPh0cH/O08qn5rMAh Kvm628rrvmzCbV/XtNr3kqt/FjxGituqOoEjWFXmyEnKvbjQAuA7ttDd9khsYUus ms2C3TXqW2WD0AvfqqqaqR0tnA97xMv041vusFZvrwvPZ3h13Uprd1tVGKD0UKGS To2ZGkMS5Jvl6ucpUjQm78ifjy0VW5bP3tIlsajhx8uA/ocee9pA2q7kh/xsIJol e+o206En2Ob9+uvmT/U9tcSJnkcQLIp1v3Bc6dxgKmz+ard4i6oNDT3rrvVuJk/i yy1WDbP2KR6EIV0gHXZA6COh1LF2nLRquFlUce1LJe0NAwb070/tVLf4OnKnwlQh MN0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:13 2025 by rpki-client