$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05228447-3f22-4780-bbc7-8543ea233efb.roa File: 05228447-3f22-4780-bbc7-8543ea233efb.roa (raw, json) Hash identifier: vKh+1d5Xd9CaFq5g/wKMVz3ItP0gE+0CQ3xJsEsiuSE= Subject key identifier: CD:AA:48:FE:2B:E9:6B:27:9A:29:4D:BF:53:4C:E1:C6:02:A0:7C:90 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0739CCA9A7B531AC9D61FC917712AB755052451E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05228447-3f22-4780-bbc7-8543ea233efb.roa Signing time: Mon 28 Apr 2025 15:00:57 +0000 ROA not before: Mon 28 Apr 2025 15:00:57 +0000 ROA not after: Mon 02 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 14 May 2025 00:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:39:cc:a9:a7:b5:31:ac:9d:61:fc:91:77:12:ab:75:50:52:45:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 28 15:00:57 2025 GMT Not After : Jun 2 23:59:59 2025 GMT Subject: serialNumber=65fc0a342b649d9c53d26041b6129a1cc3071dbc8d63d58ad366869198dfc11b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:07:76:59:10:57:e8:b5:79:e7:60:d5:67:5e: 90:21:21:43:51:4f:a0:b0:63:c2:39:bb:64:7c:c8: ea:5a:93:02:a5:0a:45:a8:3c:32:3a:95:3f:c0:f1: 97:49:08:d4:40:f5:5c:d9:89:48:57:d2:25:a4:50: 76:8f:6d:73:7a:65:4a:71:d5:bc:7a:82:1a:ab:7b: be:70:db:f6:4e:f1:dd:cf:1c:99:29:d4:41:eb:cc: 6e:19:e5:29:de:3d:28:52:d2:c2:1b:7a:6c:5e:01: 52:09:8b:4d:01:37:35:2f:e1:c8:84:36:3d:ca:db: 95:93:5d:8d:d1:f2:31:e5:71:91:80:ec:ee:fe:ed: c8:6c:d8:d2:c0:73:da:cd:d1:89:2a:7c:29:46:0d: a7:83:9b:28:55:57:a1:d5:ef:77:8a:f6:e2:f3:dd: ec:95:04:c1:65:43:16:77:4a:f1:d0:90:4e:01:ef: 0d:b1:7a:1a:d3:70:ec:d4:dc:b3:24:29:d9:26:48: 65:ab:fe:6e:4a:42:6f:6a:62:d8:da:ca:0f:ea:0c: 1b:65:90:4e:5f:bb:68:81:42:4d:ad:d1:1c:d8:bc: ff:b9:b3:2e:4e:87:92:04:18:3e:fd:30:81:19:02: ce:33:77:79:1d:e0:84:f1:57:99:64:f1:8b:fa:9b: ea:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:AA:48:FE:2B:E9:6B:27:9A:29:4D:BF:53:4C:E1:C6:02:A0:7C:90 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05228447-3f22-4780-bbc7-8543ea233efb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:8800::/40 Signature Algorithm: sha256WithRSAEncryption 80:5d:f8:e4:a8:3c:2c:ce:37:31:d6:33:b9:fa:06:5a:53:39: 27:24:04:71:73:c4:72:84:78:38:ef:de:f6:9a:3e:79:67:00: 25:80:7e:96:c6:c5:b6:15:ee:90:2e:48:1f:e2:81:79:34:1e: 76:c2:a5:11:ec:d1:99:32:81:89:9e:0b:97:16:08:2a:0f:69: 42:a2:a2:37:31:a7:59:fb:8a:ce:03:a7:09:d0:06:c7:58:aa: b2:01:e7:36:d6:01:15:c3:07:72:4b:83:0e:60:3c:a4:c9:67: 9f:10:d1:8e:63:ec:22:e7:ef:6a:3b:79:48:57:d8:34:f2:11: e0:d4:4b:b5:f1:f0:cd:de:84:68:8d:03:e6:4a:1b:f5:be:b6: 52:24:fe:a8:81:f4:81:fd:fc:cf:02:39:37:6e:99:1f:a6:4d: 1c:6a:69:69:ef:40:42:5d:c0:d4:09:68:c2:ec:c0:97:a5:cc: 27:b0:f5:7a:f9:8e:88:5f:5a:87:d8:1f:6f:89:c2:59:d0:33: 19:5a:38:54:4d:ac:72:79:8d:d9:6a:65:ac:5b:e2:1d:a3:be: e2:8f:c6:10:4f:46:2b:f0:64:82:4f:c5:40:13:31:bd:93:f8: bc:3c:9a:77:8d:ca:e8:5f:7d:6a:79:a5:14:77:45:8b:1d:7b: c9:e6:ac:ae -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBznMqae1MaydYfyRdxKrdVBSRR4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyODE1MDA1N1oX DTI1MDYwMjIzNTk1OVowejFJMEcGA1UEBRNANjVmYzBhMzQyYjY0OWQ5YzUzZDI2 MDQxYjYxMjlhMWNjMzA3MWRiYzhkNjNkNThhZDM2Njg2OTE5OGRmYzExYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgd2WRBX6LV552DVZ16QISFDUU+g sGPCObtkfMjqWpMCpQpFqDwyOpU/wPGXSQjUQPVc2YlIV9IlpFB2j21zemVKcdW8 eoIaq3u+cNv2TvHdzxyZKdRB68xuGeUp3j0oUtLCG3psXgFSCYtNATc1L+HIhDY9 ytuVk12N0fIx5XGRgOzu/u3IbNjSwHPazdGJKnwpRg2ng5soVVeh1e93ivbi893s lQTBZUMWd0rx0JBOAe8NsXoa03Ds1NyzJCnZJkhlq/5uSkJvamLY2soP6gwbZZBO X7togUJNrdEc2Lz/ubMuToeSBBg+/TCBGQLOM3d5HeCE8VeZZPGL+pvqIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM2qSP4r6WsnmilNv1NM4cYCoHyQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA1MjI4NDQ3LTNmMjItNDc4MC1iYmM3LTg1NDNlYTIzM2VmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba74gwDQYJKoZIhvcNAQELBQADggEBAIBd+OSoPCzONzHWM7n6 BlpTOSckBHFzxHKEeDjv3vaaPnlnACWAfpbGxbYV7pAuSB/igXk0HnbCpRHs0Zky gYmeC5cWCCoPaUKiojcxp1n7is4DpwnQBsdYqrIB5zbWARXDB3JLgw5gPKTJZ58Q 0Y5j7CLn72o7eUhX2DTyEeDUS7Xx8M3ehGiNA+ZKG/W+tlIk/qiB9IH9/M8COTdu mR+mTRxqaWnvQEJdwNQJaMLswJelzCew9Xr5johfWofYH2+JwlnQMxlaOFRNrHJ5 jdlqZaxb4h2jvuKPxhBPRivwZIJPxUATMb2T+Lw8mneNyuhffWp5pRR3RYsde8nm rK4= -----END CERTIFICATE-----Generated at Sat May 10 07:55:15 2025 by rpki-client