$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05228447-3f22-4780-bbc7-8543ea233efb.roa File: 05228447-3f22-4780-bbc7-8543ea233efb.roa (raw, json) Hash identifier: glBfWCB8PQbxssOHaXwItIzq7Pk0uhterls9Ou1dTVk= Subject key identifier: 19:A7:84:E4:FD:03:9E:1A:30:0F:7F:23:AB:E7:43:12:6F:2F:46:A8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 475F5279FF93021EA120AD66F265159F0FCB17DF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05228447-3f22-4780-bbc7-8543ea233efb.roa Signing time: Tue 17 Jun 2025 00:00:59 +0000 ROA not before: Tue 17 Jun 2025 00:00:59 +0000 ROA not after: Tue 22 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:5f:52:79:ff:93:02:1e:a1:20:ad:66:f2:65:15:9f:0f:cb:17:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 17 00:00:59 2025 GMT Not After : Jul 22 23:59:59 2025 GMT Subject: serialNumber=1521e80f0bb06f8714d4b710efca82b0384525e0c25d8db83ac377340a165067, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:4e:17:a0:28:e3:b7:d8:5d:01:aa:fb:ce:84: f0:ab:f4:3b:6d:15:a7:aa:15:bb:78:7d:17:9e:84: 4b:a1:25:94:21:5c:10:02:44:cd:3e:2f:01:a9:fc: 9a:77:24:55:f5:f4:8f:0f:77:27:d4:ba:d9:75:94: 2e:13:15:8e:93:a9:1a:c9:93:f3:8f:ed:37:55:35: 4d:c0:ad:ae:66:0a:64:5d:d7:8e:de:b1:a7:d6:10: 91:6b:77:96:f2:fd:7f:86:bd:7f:c6:53:69:29:f9: 2a:34:b4:2a:ed:fc:bd:44:aa:01:85:35:eb:44:11: 2e:da:9c:f4:41:a9:43:5e:94:af:62:dc:a5:52:c4: ae:3a:75:c5:ef:d4:2e:6c:32:83:04:c3:56:cb:c9: b8:86:b4:d6:e4:c8:79:2d:fb:c4:3b:bf:f4:89:2f: 3e:24:8a:30:ec:79:1a:62:d6:47:fb:4c:8e:ff:3a: e5:a5:e7:e2:cd:75:db:d2:2c:c6:43:bd:a1:ad:46: 17:19:1c:5b:96:0a:35:bf:66:ed:f2:1d:c6:0f:a6: d1:0b:e3:53:2d:a0:53:d6:bd:90:9d:71:c5:ce:78: c1:6a:cd:12:4c:21:18:67:df:6e:4c:77:a3:8c:a6: d7:ab:e2:c5:e5:62:c5:27:c4:74:80:3d:41:fa:f0: e6:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:A7:84:E4:FD:03:9E:1A:30:0F:7F:23:AB:E7:43:12:6F:2F:46:A8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05228447-3f22-4780-bbc7-8543ea233efb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:8800::/40 Signature Algorithm: sha256WithRSAEncryption b9:d0:27:bd:00:23:92:92:be:cc:35:42:dc:6d:3c:cc:4f:72: c1:d5:77:09:b7:74:bb:54:57:0c:b1:2e:30:16:c8:fc:c0:23: f3:66:3f:9a:44:81:28:18:94:c9:a6:12:44:a1:ec:04:f0:d9: 1a:47:45:a1:f1:1e:ed:31:db:54:5c:20:b8:70:26:bd:26:f2: d8:09:ab:bb:1a:56:f6:87:e0:d2:a5:f2:ee:38:f0:b2:13:4d: 1f:ad:7f:95:8e:97:19:e0:b6:36:8b:72:52:13:2f:17:46:d0: 2b:85:4e:18:32:1b:c2:d9:34:3d:30:6f:11:85:44:67:26:7c: 4f:b0:ee:5f:13:34:02:19:b1:f1:0a:80:c6:c5:d8:d0:ba:b6: fe:d9:86:7b:19:fd:23:e4:37:b9:1a:f7:aa:48:6c:65:1f:30: 3e:87:83:94:89:a4:35:08:e6:8a:e5:b7:8c:f1:69:7f:54:5f: e8:59:ca:67:f0:45:b3:53:34:58:4f:23:18:b6:f8:99:ac:a1: b5:c0:75:c7:b0:fe:1c:fb:e3:0d:d0:55:8c:16:2e:c2:5e:e8: aa:88:48:a6:98:55:de:cf:38:28:53:1e:af:72:eb:99:0b:ca: 1e:b1:b4:18:87:6f:89:82:94:f1:6b:5a:7b:06:03:7f:0b:e9: 45:40:13:b5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUR19Sef+TAh6hIK1m8mUVnw/LF98wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNzAwMDA1OVoX DTI1MDcyMjIzNTk1OVowejFJMEcGA1UEBRNAMTUyMWU4MGYwYmIwNmY4NzE0ZDRi NzEwZWZjYTgyYjAzODQ1MjVlMGMyNWQ4ZGI4M2FjMzc3MzQwYTE2NTA2NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU4XoCjjt9hdAar7zoTwq/Q7bRWn qhW7eH0XnoRLoSWUIVwQAkTNPi8BqfyadyRV9fSPD3cn1LrZdZQuExWOk6kayZPz j+03VTVNwK2uZgpkXdeO3rGn1hCRa3eW8v1/hr1/xlNpKfkqNLQq7fy9RKoBhTXr RBEu2pz0QalDXpSvYtylUsSuOnXF79QubDKDBMNWy8m4hrTW5Mh5LfvEO7/0iS8+ JIow7HkaYtZH+0yO/zrlpefizXXb0izGQ72hrUYXGRxblgo1v2bt8h3GD6bRC+NT LaBT1r2QnXHFznjBas0STCEYZ99uTHejjKbXq+LF5WLFJ8R0gD1B+vDm8wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBmnhOT9A54aMA9/I6vnQxJvL0aoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA1MjI4NDQ3LTNmMjItNDc4MC1iYmM3LTg1NDNlYTIzM2VmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba74gwDQYJKoZIhvcNAQELBQADggEBALnQJ70AI5KSvsw1Qtxt PMxPcsHVdwm3dLtUVwyxLjAWyPzAI/NmP5pEgSgYlMmmEkSh7ATw2RpHRaHxHu0x 21RcILhwJr0m8tgJq7saVvaH4NKl8u448LITTR+tf5WOlxngtjaLclITLxdG0CuF ThgyG8LZND0wbxGFRGcmfE+w7l8TNAIZsfEKgMbF2NC6tv7ZhnsZ/SPkN7ka96pI bGUfMD6Hg5SJpDUI5orlt4zxaX9UX+hZymfwRbNTNFhPIxi2+JmsobXAdcew/hz7 4w3QVYwWLsJe6KqISKaYVd7POChTHq9y65kLyh6xtBiHb4mClPFrWnsGA38L6UVA E7U= -----END CERTIFICATE-----Generated at Mon Jun 30 17:39:23 2025 by rpki-client