$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eaf380aa-91a9-4a82-b0bd-5177e1da2138.roa File: eaf380aa-91a9-4a82-b0bd-5177e1da2138.roa (raw, json) Hash identifier: TGnjXy5+EZp/zkPRJ/bULw9+kWRdCa2FLSVFIWOaZDg= Subject key identifier: 42:1B:1B:A5:EC:00:BC:58:9A:14:C9:4C:3B:89:6E:72:47:DE:42:3C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 251A709638F14B1FE525EA92717F384E69D2EF74 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eaf380aa-91a9-4a82-b0bd-5177e1da2138.roa Signing time: Wed 14 May 2025 00:10:24 +0000 ROA not before: Wed 14 May 2025 00:10:24 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:1a:70:96:38:f1:4b:1f:e5:25:ea:92:71:7f:38:4e:69:d2:ef:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:10:24 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=8189bcfc23a3a97fa4cdeb8d716d2f0be9d5326f80eedcc3b0d72e310a94f3b0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:d8:1d:24:0f:9f:75:5e:1c:9a:9a:0b:b2:19: 54:12:93:e9:a4:72:7d:93:f5:de:99:4f:d3:73:99: f9:95:63:e9:94:a4:41:85:b5:e5:1b:b5:24:15:70: ed:73:31:1a:17:e8:e3:e3:90:f2:b3:88:4a:a5:6c: 8b:17:e1:fb:0c:4a:ae:da:41:f1:2e:55:10:45:bb: 83:9b:16:f3:5a:f0:23:ab:7f:f1:d5:75:81:60:5d: 81:fd:e1:68:70:34:c6:40:41:b9:e1:6f:a7:e1:d0: 11:4b:5e:ad:fd:68:6a:00:ac:bd:c4:97:c3:36:86: 31:9a:88:77:94:e5:d8:e5:ba:9e:83:1d:3a:5f:63: d0:6f:fc:b0:a6:f8:95:7f:41:23:e4:d4:a1:a2:96: 9f:35:47:b8:28:cc:57:5a:5a:5d:b4:06:9c:92:2f: f3:8a:ee:39:59:5e:be:7d:a0:62:35:17:30:9c:46: 9b:07:22:11:0a:da:ca:8f:90:49:c5:17:2d:5c:45: 56:21:bd:e2:73:5f:04:fa:fe:2e:c4:70:8c:c8:4b: 59:ad:a6:7c:85:0b:e4:87:1e:1e:25:78:b6:74:0d: ac:db:f9:86:87:34:11:97:95:b7:4b:9c:fa:bb:7f: c9:2c:df:d1:fc:e4:2e:0f:99:c2:34:05:5e:93:f1: 83:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:1B:1B:A5:EC:00:BC:58:9A:14:C9:4C:3B:89:6E:72:47:DE:42:3C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eaf380aa-91a9-4a82-b0bd-5177e1da2138.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:800::/40 Signature Algorithm: sha256WithRSAEncryption a0:81:03:3e:1a:fa:d5:02:ae:90:02:a8:33:14:a7:e2:b6:06: a1:b3:10:8d:67:1a:79:f0:8a:d7:64:4f:d6:a4:08:c8:89:8a: 7e:ba:ec:bd:c5:64:c7:82:86:77:b8:ca:21:90:32:7c:90:70: 46:b6:1e:a9:7a:db:fb:e0:50:cd:92:c4:e6:96:56:7f:f9:06: d4:32:9c:63:8f:d5:d7:f1:91:47:7f:1f:51:af:41:2e:3d:ae: e6:a4:dc:49:1b:a4:92:5c:84:61:9a:18:15:5a:3b:f7:af:fd: 45:7d:a8:08:f3:cc:cf:31:71:eb:d5:42:6d:a4:32:a7:6d:33: 1f:cb:a3:94:2c:da:c6:ff:6e:82:60:c1:02:55:0f:78:79:35: 3c:2d:52:23:86:3b:eb:e1:9f:e1:0f:05:ac:14:be:32:75:a8: 88:e8:91:8b:c1:12:24:39:12:c0:38:97:54:2f:cd:5b:0c:2c: 27:fb:9b:50:40:d7:05:43:18:21:03:ce:96:66:c7:45:d6:a4: 13:ad:02:08:a0:1d:89:54:b1:cc:dc:98:60:1c:6b:ce:91:a2: f4:f7:e9:b5:f9:e2:35:cd:0c:97:bb:d7:05:b5:33:a1:bb:db: 76:e6:d6:8a:e7:a2:7a:62:59:26:f9:3e:20:1f:46:fa:3a:bd: 96:50:66:0d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJRpwljjxSx/lJeqScX84TmnS73QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMTAyNFoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAODE4OWJjZmMyM2EzYTk3ZmE0Y2Rl YjhkNzE2ZDJmMGJlOWQ1MzI2ZjgwZWVkY2MzYjBkNzJlMzEwYTk0ZjNiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29gdJA+fdV4cmpoLshlUEpPppHJ9 k/XemU/Tc5n5lWPplKRBhbXlG7UkFXDtczEaF+jj45Dys4hKpWyLF+H7DEqu2kHx LlUQRbuDmxbzWvAjq3/x1XWBYF2B/eFocDTGQEG54W+n4dARS16t/WhqAKy9xJfD NoYxmoh3lOXY5bqegx06X2PQb/ywpviVf0Ej5NShopafNUe4KMxXWlpdtAacki/z iu45WV6+faBiNRcwnEabByIRCtrKj5BJxRctXEVWIb3ic18E+v4uxHCMyEtZraZ8 hQvkhx4eJXi2dA2s2/mGhzQRl5W3S5z6u3/JLN/R/OQuD5nCNAVek/GDmwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEIbG6XsALxYmhTJTDuJbnJH3kI8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhZjM4MGFhLTkxYTktNGE4Mi1iMGJkLTUxNzdlMWRhMjEzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9AgwDQYJKoZIhvcNAQELBQADggEBAKCBAz4a+tUCrpACqDMU p+K2BqGzEI1nGnnwitdkT9akCMiJin667L3FZMeChne4yiGQMnyQcEa2Hql62/vg UM2SxOaWVn/5BtQynGOP1dfxkUd/H1GvQS49ruak3EkbpJJchGGaGBVaO/ev/UV9 qAjzzM8xcevVQm2kMqdtMx/Lo5Qs2sb/boJgwQJVD3h5NTwtUiOGO+vhn+EPBawU vjJ1qIjokYvBEiQ5EsA4l1QvzVsMLCf7m1BA1wVDGCEDzpZmx0XWpBOtAgigHYlU sczcmGAca86RovT36bX54jXNDJe71wW1M6G723bm1ornonpiWSb5PiAfRvo6vZZQ Zg0= -----END CERTIFICATE-----Generated at Mon Jun 2 06:28:13 2025 by rpki-client