$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e72651b8-422c-4c74-90a2-0aee8e659796.roa File: e72651b8-422c-4c74-90a2-0aee8e659796.roa (raw, json) Hash identifier: yTIeOCbzvfkrFDXjlTo0j6s7ThamMq4jdpX21hugqvQ= Subject key identifier: 21:DC:EF:11:0B:01:C7:E4:9A:9A:C6:FE:77:55:1A:9F:AA:D7:B6:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 476D544B338AAC19B427E979F76367654A167D53 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e72651b8-422c-4c74-90a2-0aee8e659796.roa Signing time: Mon 19 May 2025 15:00:21 +0000 ROA not before: Mon 19 May 2025 15:00:21 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:6d:54:4b:33:8a:ac:19:b4:27:e9:79:f7:63:67:65:4a:16:7d:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 19 15:00:21 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=7294bbb7a6e52a7bd1f373269d5f8620160a7d34d4ece915669837d5bc3647b2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:7c:3f:40:4c:a1:01:9b:13:18:e8:aa:b6:2e: 0d:80:93:99:5f:a9:93:d8:54:6c:9c:71:9e:b2:f2: 5b:30:d8:47:af:13:93:fc:1e:88:f4:39:ca:20:f5: 80:6f:03:29:d6:f6:ab:72:01:de:4e:df:99:d7:d0: 9a:28:8f:dd:2e:d7:ec:24:90:a3:5e:c0:56:7d:b2: 55:d2:7a:f2:27:dc:f8:c4:2a:43:67:4d:5c:ce:72: d9:e5:2d:53:13:85:e0:57:db:69:0e:15:c8:0d:95: 3d:5f:4b:fc:af:2d:3e:9e:3b:61:70:6f:b7:16:b1: 69:58:6c:ce:8b:ae:4c:82:37:41:0a:0f:57:21:ca: 14:c5:cc:97:f5:2f:7b:11:52:52:62:a5:44:f0:b1: b3:29:c2:8c:5b:14:a8:c2:13:09:ae:17:98:96:22: d4:d3:5c:a3:b4:60:e8:4c:b0:81:2b:69:e0:f1:18: b8:f3:cc:f0:10:cf:5d:d5:73:d6:15:8c:c7:b3:3e: 1a:e3:7f:ba:e4:aa:44:3f:a8:5e:ff:9e:02:c1:e7: 4f:35:04:83:93:e5:ad:f0:4c:93:f3:42:e7:42:82: de:13:13:3b:84:35:13:4a:76:78:0d:a0:32:57:f6: 5d:ea:2e:a6:fb:ae:d4:b3:8e:9f:24:5e:05:2d:ff: be:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:DC:EF:11:0B:01:C7:E4:9A:9A:C6:FE:77:55:1A:9F:AA:D7:B6:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e72651b8-422c-4c74-90a2-0aee8e659796.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:6000::/40 Signature Algorithm: sha256WithRSAEncryption 5c:87:7d:d0:22:1c:05:e3:a9:47:c6:af:b5:64:70:e7:ae:b9: ae:ff:90:b2:47:99:4b:7a:7b:9e:fe:79:57:40:6a:db:c7:07: 6f:0d:4c:c5:0a:d4:b8:95:97:90:81:ba:fa:a7:84:d7:6d:34: 62:53:c2:42:4e:b5:6b:8e:53:2e:be:16:91:f0:b7:1b:bd:37: 08:1d:ca:39:8d:ea:ac:5a:70:8f:23:32:13:ee:48:3a:ae:1c: 63:fa:64:4a:c8:d1:bb:63:c6:3e:88:ef:23:be:65:4e:08:5d: f5:88:c5:04:bf:42:2e:8f:3f:af:7d:7d:d9:b0:c0:77:c3:8c: f4:a9:7a:a3:9c:01:8a:66:74:6d:b3:d0:99:7b:6b:b6:9c:87: c5:30:ea:93:2c:6a:e0:5b:38:55:c9:1d:a0:88:ec:e2:f5:28: 97:a3:65:3c:22:85:10:30:9a:85:3e:32:6b:48:6c:a7:2e:81: 4c:9d:b1:9e:6e:ac:71:15:d9:1a:e4:20:18:91:00:d8:29:5a: 74:87:dd:5e:85:5f:41:32:66:6c:dc:2a:af:3d:a4:73:96:8f: be:42:d5:cd:7a:9b:51:df:9c:12:8e:9e:e1:7f:ea:5d:8f:d2: 18:1f:2a:7d:8a:22:ae:e9:d9:7e:81:d3:0f:9a:2c:79:16:00: b5:27:3e:8b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUR21USzOKrBm0J+l592NnZUoWfVMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxOTE1MDAyMVoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNANzI5NGJiYjdhNmU1MmE3YmQxZjM3 MzI2OWQ1Zjg2MjAxNjBhN2QzNGQ0ZWNlOTE1NjY5ODM3ZDViYzM2NDdiMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHw/QEyhAZsTGOiqti4NgJOZX6mT 2FRsnHGesvJbMNhHrxOT/B6I9DnKIPWAbwMp1varcgHeTt+Z19CaKI/dLtfsJJCj XsBWfbJV0nryJ9z4xCpDZ01cznLZ5S1TE4XgV9tpDhXIDZU9X0v8ry0+njthcG+3 FrFpWGzOi65MgjdBCg9XIcoUxcyX9S97EVJSYqVE8LGzKcKMWxSowhMJrheYliLU 01yjtGDoTLCBK2ng8Ri488zwEM9d1XPWFYzHsz4a43+65KpEP6he/54CwedPNQSD k+Wt8EyT80LnQoLeExM7hDUTSnZ4DaAyV/Zd6i6m+67Us46fJF4FLf++xwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCHc7xELAcfkmprG/ndVGp+q17ZTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U3MjY1MWI4LTQyMmMtNGM3NC05MGEyLTBhZWU4ZTY1OTc5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+GAwDQYJKoZIhvcNAQELBQADggEBAFyHfdAiHAXjqUfGr7Vk cOeuua7/kLJHmUt6e57+eVdAatvHB28NTMUK1LiVl5CBuvqnhNdtNGJTwkJOtWuO Uy6+FpHwtxu9NwgdyjmN6qxacI8jMhPuSDquHGP6ZErI0btjxj6I7yO+ZU4IXfWI xQS/Qi6PP699fdmwwHfDjPSpeqOcAYpmdG2z0Jl7a7ach8Uw6pMsauBbOFXJHaCI 7OL1KJejZTwihRAwmoU+MmtIbKcugUydsZ5urHEV2RrkIBiRANgpWnSH3V6FX0Ey ZmzcKq89pHOWj75C1c16m1HfnBKOnuF/6l2P0hgfKn2KIq7p2X6B0w+aLHkWALUn Pos= -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:23 2025 by rpki-client