$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d57e8e3c-8605-46f3-8465-e0a444cd661d.roa File: d57e8e3c-8605-46f3-8465-e0a444cd661d.roa (raw, json) Hash identifier: wyVxi1IvvAVuH/8SMkNsFLp15bedXd5PO+QnEEugQ0g= Subject key identifier: 1B:9B:B0:11:B2:98:C0:C6:72:68:82:D0:EB:75:20:59:3C:B4:15:4F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0926DC78071759458FFA273B834229DCAC1FFC4B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d57e8e3c-8605-46f3-8465-e0a444cd661d.roa Signing time: Fri 23 May 2025 00:01:08 +0000 ROA not before: Fri 23 May 2025 00:01:08 +0000 ROA not after: Fri 27 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:26:dc:78:07:17:59:45:8f:fa:27:3b:83:42:29:dc:ac:1f:fc:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 23 00:01:08 2025 GMT Not After : Jun 27 23:59:59 2025 GMT Subject: serialNumber=cc1e64abc2ea134b00eacb4b7b1324acd3a8a984515250af621cef9c9ffbced7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:46:0f:1a:61:f8:3f:40:d3:ff:e1:04:af:0e: 6b:35:02:be:3b:a0:a2:5f:d1:ce:2b:bf:ef:4e:5d: f2:4d:30:e3:32:e1:34:43:c4:df:9d:8c:44:7f:09: ce:50:ff:55:ef:06:c6:aa:86:29:57:b6:73:4b:c9: c3:8f:7c:06:d1:b5:f2:65:ca:44:55:15:54:29:2f: 83:a2:20:d7:4e:86:97:73:fb:73:57:a6:fe:c9:f0: 4a:40:94:af:18:53:63:c4:b2:0e:3f:13:5f:88:10: 4d:de:97:5c:c5:c4:0b:12:5b:4b:ee:2f:9b:0e:40: b2:cd:11:16:a6:b6:cf:6f:18:ea:63:45:18:41:b7: 62:1a:b8:90:e7:a3:f7:2a:4f:ac:ad:78:17:f1:68: 2c:0b:e9:5c:44:6d:a0:bf:10:57:8a:92:04:68:02: 12:ab:b3:fd:83:0f:39:f7:f9:a6:9a:5c:af:bf:27: 69:3e:b3:2a:09:fb:4d:70:02:99:42:5c:ec:73:b8: 81:fb:94:f1:e6:00:8d:a9:ab:f1:cb:09:2f:3e:03: a9:eb:e8:86:fd:3d:9f:81:b8:77:89:8f:14:2d:8e: 93:91:56:15:c5:d0:81:f3:0f:3e:b2:b1:a3:68:9d: 49:93:73:4d:60:45:df:b5:07:b4:07:5a:cf:02:43: 0f:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:9B:B0:11:B2:98:C0:C6:72:68:82:D0:EB:75:20:59:3C:B4:15:4F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d57e8e3c-8605-46f3-8465-e0a444cd661d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:8800::/40 Signature Algorithm: sha256WithRSAEncryption 91:b0:86:c2:f3:ce:ca:04:5a:65:71:33:b2:71:89:dd:53:96: 67:d4:0a:01:fc:eb:b9:e6:d4:79:87:ff:1d:39:a5:fe:f3:98: 3c:7f:0b:37:2c:3f:48:7c:a8:6a:73:eb:95:4a:b1:c7:f2:6d: d5:e3:b6:17:85:90:d9:81:0a:bd:44:63:48:2d:0f:85:4f:d7: 2f:23:b1:6c:e0:31:34:ca:25:60:4b:ca:7e:d3:91:71:8f:0e: fd:2c:d3:d2:be:c4:2c:99:8b:17:53:36:fb:f3:21:fc:92:1c: f8:11:43:e4:15:a2:5e:b3:ce:87:a9:07:48:73:62:59:9e:3f: 20:05:f6:85:a3:25:ba:3d:9d:c8:25:19:85:ae:1c:91:43:70: 02:ec:f4:53:c2:47:93:69:1d:c7:58:11:7a:62:83:b1:cf:b1: 00:67:2a:08:2c:18:d1:fb:89:e6:b0:2a:35:2e:f3:24:73:31: 9b:1b:96:60:e4:a7:cb:41:5d:bd:b0:4a:72:8e:f9:e5:8a:a2: 22:22:d9:d5:f7:01:32:1f:bc:ef:e3:05:fb:61:5e:41:3b:39: 94:9a:1b:06:95:66:02:20:3e:b2:36:cd:b2:bb:54:c8:f6:49: 5c:53:f1:78:47:c1:15:1e:56:0e:dd:19:0e:6a:c0:6d:35:c2: ff:15:d9:28 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCSbceAcXWUWP+ic7g0Ip3Kwf/EswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMzAwMDEwOFoX DTI1MDYyNzIzNTk1OVowejFJMEcGA1UEBRNAY2MxZTY0YWJjMmVhMTM0YjAwZWFj YjRiN2IxMzI0YWNkM2E4YTk4NDUxNTI1MGFmNjIxY2VmOWM5ZmZiY2VkNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkYPGmH4P0DT/+EErw5rNQK+O6Ci X9HOK7/vTl3yTTDjMuE0Q8TfnYxEfwnOUP9V7wbGqoYpV7ZzS8nDj3wG0bXyZcpE VRVUKS+DoiDXToaXc/tzV6b+yfBKQJSvGFNjxLIOPxNfiBBN3pdcxcQLEltL7i+b DkCyzREWprbPbxjqY0UYQbdiGriQ56P3Kk+srXgX8WgsC+lcRG2gvxBXipIEaAIS q7P9gw859/mmmlyvvydpPrMqCftNcAKZQlzsc7iB+5Tx5gCNqavxywkvPgOp6+iG /T2fgbh3iY8ULY6TkVYVxdCB8w8+srGjaJ1Jk3NNYEXftQe0B1rPAkMP8wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBubsBGymMDGcmiC0Ot1IFk8tBVPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q1N2U4ZTNjLTg2MDUtNDZmMy04NDY1LWUwYTQ0NGNkNjYxZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaIgwDQYJKoZIhvcNAQELBQADggEBAJGwhsLzzsoEWmVxM7Jx id1TlmfUCgH867nm1HmH/x05pf7zmDx/CzcsP0h8qGpz65VKscfybdXjtheFkNmB Cr1EY0gtD4VP1y8jsWzgMTTKJWBLyn7TkXGPDv0s09K+xCyZixdTNvvzIfySHPgR Q+QVol6zzoepB0hzYlmePyAF9oWjJbo9ncglGYWuHJFDcALs9FPCR5NpHcdYEXpi g7HPsQBnKggsGNH7ieawKjUu8yRzMZsblmDkp8tBXb2wSnKO+eWKoiIi2dX3ATIf vO/jBfthXkE7OZSaGwaVZgIgPrI2zbK7VMj2SVxT8XhHwRUeVg7dGQ5qwG01wv8V 2Sg= -----END CERTIFICATE-----Generated at Mon Jun 2 06:28:05 2025 by rpki-client