$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f4077791-add9-436b-8f2e-4a21cda9ff2b.roa File: f4077791-add9-436b-8f2e-4a21cda9ff2b.roa (raw, json) Hash identifier: 78WXXcCSXMgb18/nZ2901taAucuTgIC2VvD0GfCNGJo= Subject key identifier: B1:EC:F1:2B:5C:6E:37:BD:34:32:B7:32:5D:3D:9D:6B:7D:CF:6A:3C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 76BE69A7A908E232A19C5A988BF8D5E6539A3D9F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f4077791-add9-436b-8f2e-4a21cda9ff2b.roa Signing time: Tue 25 Mar 2025 16:11:32 +0000 ROA not before: Tue 25 Mar 2025 16:11:32 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:be:69:a7:a9:08:e2:32:a1:9c:5a:98:8b:f8:d5:e6:53:9a:3d:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 25 16:11:32 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:de:98:be:20:08:6d:25:90:e7:20:63:65:a8: 5e:a8:75:fa:e3:bc:49:e2:a7:3f:98:0d:e3:6f:cc: 76:90:8a:1b:88:5c:1a:65:43:fd:6f:a9:75:cd:0a: 42:c2:40:1d:dc:6d:46:37:6b:0c:39:72:38:13:9b: 37:7a:bd:9a:c8:ef:84:55:47:87:28:56:4d:cb:3a: 6d:54:6a:42:7b:4c:e6:ea:a3:f4:bc:76:2d:41:07: d7:5b:50:35:4a:50:ff:4f:17:43:c1:87:e7:83:f8: 7d:4b:c0:58:e5:7e:5a:e5:9b:e7:b7:48:06:1e:ab: 21:ca:cd:48:11:bb:25:3e:f1:da:7e:14:4a:ae:30: 48:56:6d:c5:4c:e8:3d:2a:e2:72:33:7f:c4:fe:53: c2:21:7d:a1:12:26:d3:e6:da:87:d8:ba:6d:71:69: 71:7c:6e:29:15:7a:34:c7:a4:47:3d:d4:1b:37:d0: ba:de:9c:23:7a:72:1b:1c:84:83:2f:cd:7e:c8:58: bf:7f:42:0a:77:1f:40:c7:95:5f:0d:d3:14:51:31: 58:08:d9:53:df:31:9e:74:e6:53:c2:af:00:54:84: 2e:ce:aa:37:73:06:5f:07:e7:66:90:e1:bb:55:45: 3c:fa:e4:eb:50:2b:c9:23:c8:d6:d2:a4:27:d8:6f: 9e:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:EC:F1:2B:5C:6E:37:BD:34:32:B7:32:5D:3D:9D:6B:7D:CF:6A:3C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f4077791-add9-436b-8f2e-4a21cda9ff2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:4800::/40 Signature Algorithm: sha256WithRSAEncryption a4:40:a6:5d:6e:ca:2f:73:a7:e5:a5:50:9b:71:6b:21:f5:ae: 8c:76:7a:f1:de:55:c5:8e:9d:14:38:a0:1d:34:f2:a0:2e:c4: f5:3b:5b:27:c6:7a:3e:8a:5b:54:4b:c5:6a:ba:ce:76:d4:52: 72:fd:5f:ee:5a:b9:50:5a:1c:4b:24:4f:a2:f5:d7:30:34:9c: ea:25:41:b5:d0:ba:db:48:ef:94:75:af:8d:53:bb:6c:28:f0: 98:95:d9:b0:27:a8:94:dd:d7:cd:b6:6b:d0:30:d5:b8:0a:8d: 35:56:19:4f:82:3b:d6:23:cb:4b:4e:4b:5b:f0:1b:b8:9a:f9: dc:87:ad:71:7a:26:00:66:82:d6:e8:9a:fc:42:e3:bd:26:06: c3:ae:bf:84:74:42:ca:68:ed:d7:a4:b3:51:2c:0d:fb:a0:b3: f2:b2:b1:65:d8:18:f8:ea:ee:d1:1c:72:fd:e1:65:74:e7:c9: 60:81:93:b5:9b:3b:3d:7b:b9:49:05:ee:dc:86:d1:ef:b9:4e: 95:c8:5f:dd:a8:e5:21:f6:07:d3:80:cf:5f:8d:25:16:95:b5: 89:46:fa:20:be:91:08:df:45:de:d3:46:06:ba:94:e7:50:25: 5a:c0:a2:47:91:51:be:8c:70:5b:e4:ec:7f:c6:01:69:38:d0: 76:b5:45:29 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdr5pp6kI4jKhnFqYi/jV5lOaPZ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MTEzMloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAZjU3MjE5M2Q1YjM1Y2Q5YjgzMDk1 MDM2NWY2NGVjZTkwY2NkM2Y0NjJiYzlhODUxOGRkZmRhM2RiZGYwNDIwZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2d6YviAIbSWQ5yBjZaheqHX647xJ 4qc/mA3jb8x2kIobiFwaZUP9b6l1zQpCwkAd3G1GN2sMOXI4E5s3er2ayO+EVUeH KFZNyzptVGpCe0zm6qP0vHYtQQfXW1A1SlD/TxdDwYfng/h9S8BY5X5a5Zvnt0gG Hqshys1IEbslPvHafhRKrjBIVm3FTOg9KuJyM3/E/lPCIX2hEibT5tqH2LptcWlx fG4pFXo0x6RHPdQbN9C63pwjenIbHISDL81+yFi/f0IKdx9Ax5VfDdMUUTFYCNlT 3zGedOZTwq8AVIQuzqo3cwZfB+dmkOG7VUU8+uTrUCvJI8jW0qQn2G+e7QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLHs8Stcbje9NDK3Ml09nWt9z2o8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y0MDc3NzkxLWFkZDktNDM2Yi04ZjJlLTRhMjFjZGE5ZmYyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauUgwDQYJKoZIhvcNAQELBQADggEBAKRApl1uyi9zp+WlUJtx ayH1rox2evHeVcWOnRQ4oB008qAuxPU7WyfGej6KW1RLxWq6znbUUnL9X+5auVBa HEskT6L11zA0nOolQbXQuttI75R1r41Tu2wo8JiV2bAnqJTd1822a9Aw1bgKjTVW GU+CO9Yjy0tOS1vwG7ia+dyHrXF6JgBmgtbomvxC470mBsOuv4R0Qspo7deks1Es Dfugs/KysWXYGPjq7tEccv3hZXTnyWCBk7WbOz17uUkF7tyG0e+5TpXIX92o5SH2 B9OAz1+NJRaVtYlG+iC+kQjfRd7TRga6lOdQJVrAokeRUb6McFvk7H/GAWk40Ha1 RSk= -----END CERTIFICATE-----Generated at Sat Apr 5 10:50:58 2025 by rpki-client