$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/671d95a3-c003-4a86-88c6-405cd8ceff9e.roa File: 671d95a3-c003-4a86-88c6-405cd8ceff9e.roa (raw, json) Hash identifier: RoQVBFqgFdzgR+mboi3mDtxsc0ZXSinkaAJ8EDwo2kQ= Subject key identifier: 8F:A5:7E:02:AC:7B:D2:02:B8:E0:E3:F2:41:C5:BF:E1:A4:DD:A9:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19FC2C4791D0EDE71D088D690694767F7CF8877A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/671d95a3-c003-4a86-88c6-405cd8ceff9e.roa Signing time: Mon 28 Apr 2025 15:01:01 +0000 ROA not before: Mon 28 Apr 2025 15:01:01 +0000 ROA not after: Mon 02 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:fc:2c:47:91:d0:ed:e7:1d:08:8d:69:06:94:76:7f:7c:f8:87:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 28 15:01:01 2025 GMT Not After : Jun 2 23:59:59 2025 GMT Subject: serialNumber=452172a4c804600b17495076c643fe76355b6cd09447f7a3378d9216d327d6d9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e8:20:e1:0c:fa:e0:7e:2a:2c:6e:80:d4:ff: 78:dc:38:3e:f0:9d:fe:75:ba:42:b3:d5:0d:09:7a: 17:07:3a:70:54:39:e1:8b:e6:b2:71:31:7b:81:44: e5:a6:c6:e8:dd:21:be:03:96:c3:8e:90:d1:1f:99: 21:65:99:b3:da:03:cb:dd:03:33:fc:05:50:3a:02: 9d:c1:6c:5f:76:ed:96:55:71:85:1b:d4:c8:cd:39: 7b:ba:f6:90:35:54:99:30:ed:33:72:55:37:21:c2: fc:3a:54:6b:ff:1a:08:f4:a6:23:3c:34:ce:46:af: ef:86:ed:9e:82:e7:b8:2f:98:0c:12:57:50:1b:f8: b6:71:31:83:af:0e:17:6e:fa:41:1d:06:e2:73:29: 71:4b:84:b1:8f:65:f4:5e:aa:c0:8b:bf:a0:46:a1: 55:07:9f:22:2e:15:9a:cc:a0:4f:fc:4d:f8:29:57: f4:d2:d2:0a:ec:25:0f:14:b8:b3:c9:7f:47:7b:16: fc:2c:3d:f0:8b:99:a1:fd:d8:54:d7:4f:d1:32:ec: 93:eb:7e:f6:9f:a1:1f:df:29:ec:84:de:b9:a4:2d: de:d9:45:5d:59:e0:f7:3e:00:db:8c:d7:c2:a0:00: 85:3f:fc:7d:0c:be:dc:16:71:a0:9b:6e:e0:c2:5c: 2c:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:A5:7E:02:AC:7B:D2:02:B8:E0:E3:F2:41:C5:BF:E1:A4:DD:A9:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/671d95a3-c003-4a86-88c6-405cd8ceff9e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:c800::/40 Signature Algorithm: sha256WithRSAEncryption 0e:71:70:06:3b:eb:62:bd:f5:e7:5d:04:68:3f:92:11:9f:51: 2e:d8:7f:17:e7:2c:1d:e0:bb:ba:20:f0:9a:e2:5b:be:b4:d9: d5:71:f7:66:73:dc:4a:3f:6b:b9:26:a7:cb:e2:a6:c6:68:96: 63:59:b7:06:96:71:eb:eb:c7:d0:1b:2b:a4:7f:bc:93:e4:eb: 31:77:65:18:cb:46:bd:fa:8d:d4:40:c7:0b:b8:d2:c1:02:45: 78:df:9c:4f:1b:a6:ae:8b:83:66:68:1a:91:24:20:4c:c1:b2: f3:ea:dd:f3:91:77:84:59:3e:da:ed:0c:50:98:e7:50:d7:d4: ad:fc:3a:57:b4:6a:b7:db:b7:66:df:7d:4a:d5:af:c5:34:e9: 79:c0:36:3a:39:e4:8e:51:b4:f7:0d:68:b4:19:35:42:f7:c6: da:0a:74:a4:5c:3e:ec:17:a9:f0:32:92:53:36:2d:4f:8c:bb: f0:6e:34:15:97:59:9b:88:38:84:e8:59:29:6e:ab:fc:05:43: d3:bb:74:a4:52:9a:59:2d:d4:50:23:cc:5d:86:fd:56:d9:78: 22:d0:ec:f5:fc:cc:e6:b6:9a:b3:53:36:73:70:83:25:e5:80: 70:d5:00:b4:b8:cd:3d:6a:2a:e5:de:11:01:ea:e8:3b:22:a0: aa:fa:da:41 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGfwsR5HQ7ecdCI1pBpR2f3z4h3owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyODE1MDEwMVoX DTI1MDYwMjIzNTk1OVowejFJMEcGA1UEBRNANDUyMTcyYTRjODA0NjAwYjE3NDk1 MDc2YzY0M2ZlNzYzNTViNmNkMDk0NDdmN2EzMzc4ZDkyMTZkMzI3ZDZkOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApugg4Qz64H4qLG6A1P943Dg+8J3+ dbpCs9UNCXoXBzpwVDnhi+aycTF7gUTlpsbo3SG+A5bDjpDRH5khZZmz2gPL3QMz /AVQOgKdwWxfdu2WVXGFG9TIzTl7uvaQNVSZMO0zclU3IcL8OlRr/xoI9KYjPDTO Rq/vhu2egue4L5gMEldQG/i2cTGDrw4XbvpBHQbicylxS4Sxj2X0XqrAi7+gRqFV B58iLhWazKBP/E34KVf00tIK7CUPFLizyX9Hexb8LD3wi5mh/dhU10/RMuyT6372 n6Ef3ynshN65pC3e2UVdWeD3PgDbjNfCoACFP/x9DL7cFnGgm27gwlwsGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI+lfgKse9ICuODj8kHFv+Gk3alTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3MWQ5NWEzLWMwMDMtNGE4Ni04OGM2LTQwNWNkOGNlZmY5ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba78gwDQYJKoZIhvcNAQELBQADggEBAA5xcAY762K99eddBGg/ khGfUS7YfxfnLB3gu7og8JriW7602dVx92Zz3Eo/a7kmp8vipsZolmNZtwaWcevr x9AbK6R/vJPk6zF3ZRjLRr36jdRAxwu40sECRXjfnE8bpq6Lg2ZoGpEkIEzBsvPq 3fORd4RZPtrtDFCY51DX1K38Ole0arfbt2bffUrVr8U06XnANjo55I5RtPcNaLQZ NUL3xtoKdKRcPuwXqfAyklM2LU+Mu/BuNBWXWZuIOIToWSluq/wFQ9O7dKRSmlkt 1FAjzF2G/VbZeCLQ7PX8zOa2mrNTNnNwgyXlgHDVALS4zT1qKuXeEQHq6DsioKr6 2kE= -----END CERTIFICATE-----Generated at Mon May 5 09:04:58 2025 by rpki-client