$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa File: dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa (raw, json) Hash identifier: nryBhjfZIbVoeRNugChl1GhlLV58i6paUBZGEqdkVLc= Subject key identifier: 40:D6:FF:F8:5F:B1:BE:B1:01:94:61:44:8A:A7:D6:22:F6:29:29:C2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4CD3809DF5BDA60C078E08E84878344FD5927DC8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa Signing time: Sat 31 May 2025 00:00:55 +0000 ROA not before: Sat 31 May 2025 00:00:55 +0000 ROA not after: Sat 05 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:d3:80:9d:f5:bd:a6:0c:07:8e:08:e8:48:78:34:4f:d5:92:7d:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:00:55 2025 GMT Not After : Jul 5 23:59:59 2025 GMT Subject: serialNumber=7efaa52aea6c9973e31202985998d9c71fabb084a0012a3df40b1c5b8d92bfd3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:84:3e:0f:76:64:f2:59:ee:7c:02:d5:9a:91: f1:57:e6:08:f1:35:8d:23:5c:09:d8:5c:a4:29:d1: 73:e7:60:3b:b9:57:c3:89:54:f4:71:54:43:5d:7b: 39:5a:2b:72:1d:c0:4a:05:d1:2b:e3:98:16:35:c4: ec:cc:09:b7:8c:71:fc:a6:0c:a5:50:06:07:d0:9d: 64:07:b5:b2:8b:a4:a2:39:69:50:a3:a4:ee:8a:70: 0f:09:23:ce:a5:a6:e9:79:7e:03:53:cc:9b:08:1d: 1d:b0:a2:57:a3:33:03:76:d4:ce:da:9f:1e:0a:43: 81:19:2c:55:39:66:90:b1:24:f1:5c:5a:9e:fd:76: d9:61:fd:76:29:0c:78:97:99:17:1b:29:eb:a4:c2: fe:64:8d:13:60:8b:97:f6:02:3c:c7:94:8d:7b:05: 95:e4:32:6e:16:29:40:06:68:fe:a6:0c:8f:98:b7: 65:1e:18:70:85:6f:c2:07:9f:04:8c:dc:77:a2:11: 40:b5:94:d4:fb:07:e4:44:7e:ba:77:29:81:c4:52: 94:df:ed:6b:20:a8:93:c0:95:50:87:15:1b:9c:40: d2:56:f7:5a:54:da:a0:1c:81:a1:bb:e0:0d:66:92: 82:58:29:fa:2f:83:9a:80:65:81:a6:5b:d5:3a:88: ff:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:D6:FF:F8:5F:B1:BE:B1:01:94:61:44:8A:A7:D6:22:F6:29:29:C2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:2000::/40 Signature Algorithm: sha256WithRSAEncryption 5b:5a:84:fd:8b:05:c3:a5:51:7b:80:43:89:a3:3b:df:41:34: bc:34:c2:bc:bb:cb:65:6c:0d:05:3f:e2:0e:5f:0b:37:08:ef: 46:7b:a9:0b:20:20:65:30:40:18:d3:07:d7:ea:59:a3:ff:b1: 9c:95:59:55:c1:7a:5f:01:72:99:2e:f5:07:63:8c:bf:aa:9a: b9:12:53:0f:d7:e1:2a:6e:07:17:96:20:48:ba:9f:bb:e5:7e: 48:5f:74:a6:aa:ae:61:10:b3:35:27:31:4a:16:87:e2:df:6f: c5:5f:34:63:c4:0a:c2:31:0d:14:9a:7f:4f:ac:70:1f:b8:ac: f8:74:54:5b:fc:7d:9c:e9:b1:5d:25:38:70:98:cb:d6:5e:39: b7:10:a3:87:b5:2c:8f:6a:c8:09:b6:c3:c1:0e:19:a3:36:38: f9:ca:3a:5e:be:66:41:08:14:30:bb:5d:02:44:93:fc:d8:7f: c5:ea:f3:d3:73:a6:63:79:c4:22:d7:e5:11:e1:6c:69:0f:f6: 12:13:d9:32:cf:bd:73:e9:34:4f:5e:18:da:7f:b0:dc:12:d4: 42:c1:8c:a0:9d:6c:de:c9:8e:66:ac:e1:67:1a:36:f7:a0:33: 7b:9f:31:7e:ce:b5:1a:bc:c2:7e:f1:b3:60:09:f1:b6:64:06: 28:a3:40:ef -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTNOAnfW9pgwHjgjoSHg0T9WSfcgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUzMTAwMDA1NVoX DTI1MDcwNTIzNTk1OVowejFJMEcGA1UEBRNAN2VmYWE1MmFlYTZjOTk3M2UzMTIw Mjk4NTk5OGQ5YzcxZmFiYjA4NGEwMDEyYTNkZjQwYjFjNWI4ZDkyYmZkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYQ+D3Zk8lnufALVmpHxV+YI8TWN I1wJ2FykKdFz52A7uVfDiVT0cVRDXXs5WityHcBKBdEr45gWNcTszAm3jHH8pgyl UAYH0J1kB7Wyi6SiOWlQo6TuinAPCSPOpabpeX4DU8ybCB0dsKJXozMDdtTO2p8e CkOBGSxVOWaQsSTxXFqe/XbZYf12KQx4l5kXGynrpML+ZI0TYIuX9gI8x5SNewWV 5DJuFilABmj+pgyPmLdlHhhwhW/CB58EjNx3ohFAtZTU+wfkRH66dymBxFKU3+1r IKiTwJVQhxUbnEDSVvdaVNqgHIGhu+ANZpKCWCn6L4OagGWBplvVOoj//QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEDW//hfsb6xAZRhRIqn1iL2KSnCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RkM2Q2MDIwLWJlNzgtNDZjYS05YjhhLTYzZmRiZmM5ZGE5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9SAwDQYJKoZIhvcNAQELBQADggEBAFtahP2LBcOlUXuAQ4mj O99BNLw0wry7y2VsDQU/4g5fCzcI70Z7qQsgIGUwQBjTB9fqWaP/sZyVWVXBel8B cpku9QdjjL+qmrkSUw/X4SpuBxeWIEi6n7vlfkhfdKaqrmEQszUnMUoWh+Lfb8Vf NGPECsIxDRSaf0+scB+4rPh0VFv8fZzpsV0lOHCYy9ZeObcQo4e1LI9qyAm2w8EO GaM2OPnKOl6+ZkEIFDC7XQJEk/zYf8Xq89NzpmN5xCLX5RHhbGkP9hIT2TLPvXPp NE9eGNp/sNwS1ELBjKCdbN7Jjmas4WcaNvegM3ufMX7OtRq8wn7xs2AJ8bZkBiij QO8= -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:20 2025 by rpki-client