$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa File: d874a882-7cd5-41b7-aeff-555ab68043f0.roa (raw, json) Hash identifier: X6qG2OlvOgw++ikwxUbvSAQrPpuhA9nxk5le/X7aCMI= Subject key identifier: 50:52:6E:C2:F0:AE:47:15:45:0F:CB:B0:FB:92:3C:04:87:9A:1E:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3CA3F1CFE624E1D228B253DE38C9E44729211E1B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa Signing time: Tue 25 Mar 2025 16:21:37 +0000 ROA not before: Tue 25 Mar 2025 16:21:37 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:a3:f1:cf:e6:24:e1:d2:28:b2:53:de:38:c9:e4:47:29:21:1e:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 25 16:21:37 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:1a:7c:ff:24:17:93:07:98:cf:43:7d:16:8c: 57:df:bd:b7:cc:16:02:cd:d5:12:33:ef:49:8a:9c: 02:ef:c1:ed:6c:74:6a:e5:97:6b:0a:94:ee:5f:85: 25:08:2a:ac:04:bd:ed:00:bf:a3:eb:a2:41:5b:65: 31:47:e1:39:c2:c4:eb:fb:e0:18:54:88:7c:f7:4c: d5:67:12:e3:87:f1:21:86:75:29:73:d7:fe:57:81: e0:9c:60:dd:9b:71:71:fe:1c:77:02:7e:f9:08:67: 81:1f:93:00:92:2c:64:f1:61:3f:43:03:7b:e0:c6: b1:37:b1:ac:02:2e:5e:de:1f:7e:a4:15:8c:27:d4: 1a:df:1d:de:09:7e:45:c3:9a:f4:03:d5:2f:18:d4: 85:2c:e3:90:b1:35:2f:9c:49:f9:2b:fc:1d:b5:5c: 10:6c:94:74:5f:0b:24:3d:44:77:2c:1c:9d:c4:e9: e6:af:f1:46:c3:ed:01:56:ff:a5:5f:ce:93:cb:d9: 25:87:a9:ff:69:fa:39:8c:02:a0:2d:a7:94:5e:df: 18:42:bb:ad:3e:2c:9b:5c:7c:e7:67:41:a0:25:ff: 23:76:7f:b2:97:ef:49:f5:a9:5f:90:62:8c:ab:f9: 7d:15:0c:43:6d:7f:f2:e1:61:be:05:b1:91:89:e6: 7a:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:52:6E:C2:F0:AE:47:15:45:0F:CB:B0:FB:92:3C:04:87:9A:1E:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:e000::/40 Signature Algorithm: sha256WithRSAEncryption 18:db:18:55:64:4d:76:57:73:bd:d8:cf:65:19:aa:1f:bd:a4: 1b:81:f1:ef:77:85:96:8e:97:62:9e:49:e4:27:78:6b:0e:5f: ee:15:73:c8:df:b1:00:ae:51:e6:6d:66:7e:96:1e:53:2c:6a: bd:18:67:7a:6e:40:f5:96:92:4f:1c:af:b6:7f:5e:29:8a:16: 37:12:a4:1b:34:3c:80:d1:9d:f4:8b:8e:b8:16:28:2c:35:39: dd:a7:f9:29:49:a5:17:81:c8:37:85:ba:09:20:c4:2e:d8:f1: e3:e9:73:c5:a1:26:6c:ac:00:e6:31:4b:7e:0b:2e:e5:a3:cb: 52:40:f7:74:0a:22:17:a5:b9:0a:4d:c1:88:d1:3f:ca:fc:52: b3:e9:e1:7c:23:61:91:00:dd:0a:44:78:1c:b7:d2:ef:58:45: 5e:38:4e:6f:f9:f1:22:e2:c3:af:58:2d:13:0d:3f:c2:52:94: 3b:a8:03:77:59:77:d0:e5:20:6a:74:02:5d:56:8f:24:7b:9f: ca:a5:29:8f:1d:07:49:51:07:4d:2a:21:9e:fe:d2:26:79:8b: 64:04:a3:da:7d:a2:d7:43:60:61:82:20:d5:f6:68:7d:73:0d: 76:24:68:f2:d9:b6:8e:0d:be:18:bc:e1:4f:24:46:49:da:db: c2:22:29:b8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPKPxz+Yk4dIoslPeOMnkRykhHhswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MjEzN1oX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZjRiZjNkYTZjOWI2MjJjZTczZDg1 MDkzODY4ZjcwZDNkNWE0MzgxZDllZjczNTBlMmI3OTVhYzdjOWMyN2IxZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Bp8/yQXkweYz0N9FoxX3723zBYC zdUSM+9JipwC78HtbHRq5ZdrCpTuX4UlCCqsBL3tAL+j66JBW2UxR+E5wsTr++AY VIh890zVZxLjh/EhhnUpc9f+V4HgnGDdm3Fx/hx3An75CGeBH5MAkixk8WE/QwN7 4MaxN7GsAi5e3h9+pBWMJ9Qa3x3eCX5Fw5r0A9UvGNSFLOOQsTUvnEn5K/wdtVwQ bJR0XwskPUR3LBydxOnmr/FGw+0BVv+lX86Ty9klh6n/afo5jAKgLaeUXt8YQrut PiybXHznZ0GgJf8jdn+yl+9J9alfkGKMq/l9FQxDbX/y4WG+BbGRieZ6ZQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFBSbsLwrkcVRQ/LsPuSPASHmh73MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NzRhODgyLTdjZDUtNDFiNy1hZWZmLTU1NWFiNjgwNDNmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+OAwDQYJKoZIhvcNAQELBQADggEBABjbGFVkTXZXc73Yz2UZ qh+9pBuB8e93hZaOl2KeSeQneGsOX+4Vc8jfsQCuUeZtZn6WHlMsar0YZ3puQPWW kk8cr7Z/XimKFjcSpBs0PIDRnfSLjrgWKCw1Od2n+SlJpReByDeFugkgxC7Y8ePp c8WhJmysAOYxS34LLuWjy1JA93QKIheluQpNwYjRP8r8UrPp4XwjYZEA3QpEeBy3 0u9YRV44Tm/58SLiw69YLRMNP8JSlDuoA3dZd9DlIGp0Al1WjyR7n8qlKY8dB0lR B00qIZ7+0iZ5i2QEo9p9otdDYGGCINX2aH1zDXYkaPLZto4Nvhi84U8kRkna28Ii Kbg= -----END CERTIFICATE-----Generated at Sat Apr 5 12:11:39 2025 by rpki-client