$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd0ac6ba-e775-4f86-853e-f467879f4e6c.roa File: fd0ac6ba-e775-4f86-853e-f467879f4e6c.roa (raw, json) Hash identifier: mH9Vcyqr/tQ4gRzvyhonypqQKXun8IeKnFd2HkCY+xQ= Subject key identifier: D1:28:80:F3:FC:E8:3F:AD:8D:E1:61:85:8D:5E:FC:5E:88:39:5F:2A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0A3D500F40CE65A3F5AFEEF99C7CB07EDFFBEFD4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd0ac6ba-e775-4f86-853e-f467879f4e6c.roa Signing time: Mon 17 Mar 2025 15:00:57 +0000 ROA not before: Mon 17 Mar 2025 15:00:57 +0000 ROA not after: Mon 21 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:3d:50:0f:40:ce:65:a3:f5:af:ee:f9:9c:7c:b0:7e:df:fb:ef:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 17 15:00:57 2025 GMT Not After : Apr 21 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:64:ea:de:3a:07:32:e6:fb:99:0a:1b:5e:44: df:2d:c7:66:f6:ab:9a:1c:7e:41:3e:96:72:65:e4: 4c:87:f1:46:03:04:94:fc:ff:d6:5f:ef:6f:f9:3e: cf:f3:37:83:34:65:f5:52:12:36:90:48:e8:63:63: 06:74:28:6d:f5:ea:93:3f:f1:c8:0e:51:9e:a2:6d: 9e:3f:5b:c6:d1:87:4a:5a:be:27:f3:00:6b:89:8a: 42:25:85:c7:17:05:a7:32:2b:fe:4f:90:ed:f6:86: 77:64:a1:75:e9:2d:06:f5:9c:04:1e:1e:03:94:26: 71:2a:fe:42:50:02:36:b5:02:b1:90:09:f7:2f:fc: e5:14:b3:bd:42:ca:93:2d:83:70:74:be:de:c6:7f: d5:fb:f1:89:95:39:38:fe:00:2a:f2:67:33:6a:5f: 01:27:5a:af:e3:2c:66:05:50:75:0c:d4:12:c8:cb: 44:3e:e7:8f:4f:ab:91:54:15:e6:f0:55:30:14:f5: 5f:83:19:c0:6f:48:af:53:7b:ba:a5:f6:5e:07:95: 1d:66:f7:07:d2:3a:22:8c:be:f0:fe:b7:80:d6:63: b2:0d:c7:1b:7f:30:42:96:56:0d:cc:3e:dd:57:03: 1c:54:05:ad:ae:c8:71:16:17:25:cc:8a:71:34:37: de:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:28:80:F3:FC:E8:3F:AD:8D:E1:61:85:8D:5E:FC:5E:88:39:5F:2A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd0ac6ba-e775-4f86-853e-f467879f4e6c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:9000::/40 Signature Algorithm: sha256WithRSAEncryption ae:86:e1:c7:4d:97:86:84:8b:93:a4:c9:e9:00:69:ca:ff:77: 52:75:2d:c1:fe:6a:3f:f5:79:7e:7f:99:34:46:17:8a:c3:ff: 14:dd:42:64:2d:8b:fd:59:fd:98:f0:8c:71:1d:4d:65:f9:37: 2c:5a:bd:e6:b6:a7:f4:5c:67:78:9b:e2:ec:56:43:94:8f:e8: bc:b3:13:60:2b:4a:45:ef:f2:7c:8d:86:5d:38:29:07:4a:bc: df:8e:ef:ca:51:11:74:5c:44:0c:35:aa:2e:2d:5c:e0:da:b4: 59:56:6e:e7:c2:74:89:23:84:ee:53:a3:2f:66:aa:1b:1f:e9: 93:3a:1e:74:b7:0f:62:9a:d7:78:01:2f:45:87:0b:b0:e1:28: 2b:6f:f2:40:6d:50:50:a9:23:c1:e8:ac:67:d3:0b:1c:21:14: 88:a1:cf:60:c3:8d:a7:df:4a:de:fa:b1:41:16:1d:dd:c4:7d: 53:7f:e6:d0:ee:57:90:64:25:58:8d:ef:69:b5:3f:a6:6b:30: 7d:51:1d:a9:46:cf:bb:6d:f4:5f:e3:aa:ed:65:09:59:aa:a0: e2:c1:97:dc:e0:fe:43:d1:22:ee:b6:ba:f4:a6:73:46:ff:de: e8:1e:3a:52:26:28:cc:18:ea:f7:cb:62:c0:d8:42:c5:3e:af: 5c:da:74:f8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCj1QD0DOZaP1r+75nHywft/779QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxNzE1MDA1N1oX DTI1MDQyMTIzNTk1OVowejFJMEcGA1UEBRNANzkxYzhiMjgxZWRhNTI3NTNkNmQ2 ZThiOTBiN2RmMjNiOTUwODRmYTU2YTlkOTE0NDYxZTZiZGVmMzVlOTU0NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGTq3joHMub7mQobXkTfLcdm9qua HH5BPpZyZeRMh/FGAwSU/P/WX+9v+T7P8zeDNGX1UhI2kEjoY2MGdCht9eqTP/HI DlGeom2eP1vG0YdKWr4n8wBriYpCJYXHFwWnMiv+T5Dt9oZ3ZKF16S0G9ZwEHh4D lCZxKv5CUAI2tQKxkAn3L/zlFLO9QsqTLYNwdL7exn/V+/GJlTk4/gAq8mczal8B J1qv4yxmBVB1DNQSyMtEPuePT6uRVBXm8FUwFPVfgxnAb0ivU3u6pfZeB5UdZvcH 0joijL7w/reA1mOyDccbfzBCllYNzD7dVwMcVAWtrshxFhclzIpxNDfekwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNEogPP86D+tjeFhhY1e/F6IOV8qMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZkMGFjNmJhLWU3NzUtNGY4Ni04NTNlLWY0Njc4NzlmNGU2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauJAwDQYJKoZIhvcNAQELBQADggEBAK6G4cdNl4aEi5OkyekA acr/d1J1LcH+aj/1eX5/mTRGF4rD/xTdQmQti/1Z/ZjwjHEdTWX5Nyxavea2p/Rc Z3ib4uxWQ5SP6LyzE2ArSkXv8nyNhl04KQdKvN+O78pREXRcRAw1qi4tXODatFlW bufCdIkjhO5Toy9mqhsf6ZM6HnS3D2Ka13gBL0WHC7DhKCtv8kBtUFCpI8HorGfT CxwhFIihz2DDjaffSt76sUEWHd3EfVN/5tDuV5BkJViN72m1P6ZrMH1RHalGz7tt 9F/jqu1lCVmqoOLBl9zg/kPRIu62uvSmc0b/3ugeOlImKMwY6vfLYsDYQsU+r1za dPg= -----END CERTIFICATE-----Generated at Sat Apr 5 12:10:03 2025 by rpki-client