$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa File: 8167b956-49b6-4bfc-b015-6dcca357c141.roa (raw, json) Hash identifier: rTy7kj9UTI7GhEZqI7Keg3yfs3c7HoU0w857xfN6gto= Subject key identifier: CE:07:0D:28:AA:D4:64:37:E2:DB:A6:E1:9B:64:DC:12:A5:33:E7:1D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 767E25E16D23E4914691BE8610B6CF1338BF2211 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa Signing time: Mon 28 Apr 2025 15:00:11 +0000 ROA not before: Mon 28 Apr 2025 15:00:11 +0000 ROA not after: Mon 02 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 00:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:7e:25:e1:6d:23:e4:91:46:91:be:86:10:b6:cf:13:38:bf:22:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 28 15:00:11 2025 GMT Not After : Jun 2 23:59:59 2025 GMT Subject: serialNumber=bfe13caacea669b762fcd0c2bf3b7e26936a39a3cf20ed1d948112f3e3d9ad50, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:16:3e:6a:c7:71:a4:e4:97:f6:2d:62:3b:23: 23:40:2c:8f:b2:2f:cd:31:bd:38:65:0e:0b:eb:52: f6:1a:01:0c:02:6e:4c:7a:6b:b8:7f:7e:aa:8c:2d: b8:44:16:b1:b0:e5:68:a0:fe:8a:2f:1a:06:d8:d4: c4:e8:36:0a:80:23:db:15:32:30:10:3a:e9:2a:04: 68:1f:07:25:80:3f:62:42:7e:a9:e1:62:2c:c7:1f: 0e:7f:e9:c5:b3:79:16:84:85:19:df:27:5d:70:20: 0e:a5:25:e5:39:64:2b:25:67:cb:65:8d:0c:dc:d2: 6b:96:0f:ef:10:0b:b4:20:13:f8:e4:f4:a6:2a:10: 50:1f:b1:ca:5b:b9:e5:28:68:66:3c:df:45:72:78: f0:30:52:77:a7:16:e2:0a:ae:ea:4f:75:22:21:b8: bc:e9:17:4a:4e:31:cc:3a:8f:0d:05:2f:36:15:4e: 58:57:4d:b8:82:61:01:96:4c:af:cc:e5:1d:9b:d9: ad:4a:e1:85:69:ae:a7:a8:d7:f7:e7:39:6d:af:51: 53:ea:0a:c0:a1:bc:54:76:23:3b:27:cd:8e:ad:f0: 65:b3:b7:1a:3b:eb:0f:de:2f:9b:fd:de:be:4f:e1: 3b:b5:d4:3a:ad:8f:5a:26:f5:51:73:e2:84:94:f0: 5d:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:07:0D:28:AA:D4:64:37:E2:DB:A6:E1:9B:64:DC:12:A5:33:E7:1D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:7000::/40 Signature Algorithm: sha256WithRSAEncryption 5b:a6:18:8e:d8:2f:b4:b2:8f:bb:f8:d3:36:02:69:1b:6b:f7: 55:99:f6:58:1e:ca:7e:f8:80:97:ab:27:94:1f:b0:0d:ac:68: 2f:21:3f:c1:dc:28:6b:14:4d:e6:cb:6c:20:e2:1b:fe:cb:b4: 71:b4:d2:fd:1b:0a:e3:89:48:c9:d3:3d:a7:b6:39:88:15:b2: 3b:d7:27:dd:d7:71:f9:d4:06:5b:2d:75:90:ea:58:02:87:25: 4e:f3:3d:8c:79:82:f3:2e:6a:9b:b0:f8:7f:82:b5:2a:c9:2d: 56:47:fe:a5:3f:b9:d4:b0:3b:9f:99:49:7a:da:03:3d:53:51: 5d:fe:a6:fd:e0:de:1a:71:27:a5:5f:76:0a:ce:f4:47:3b:75: d8:1b:99:3b:22:b0:76:8f:f9:14:d5:6e:3a:61:e6:03:08:57: 25:d6:91:81:22:f2:32:4c:e5:15:39:5a:ea:ff:df:ad:32:3b: 74:a7:15:ca:49:30:4e:5c:4f:63:df:60:7e:00:61:e7:97:94: b6:68:d5:e7:93:f4:df:c8:63:4a:fc:37:99:1a:42:9f:ea:09: 8a:89:da:bc:9b:8b:eb:a7:25:e6:33:39:96:b4:ce:97:da:8f: e4:29:a3:4e:bb:b2:00:9c:b0:dc:19:51:e1:84:0f:79:84:9e: 9f:ec:77:84 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdn4l4W0j5JFGkb6GELbPEzi/IhEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyODE1MDAxMVoX DTI1MDYwMjIzNTk1OVowejFJMEcGA1UEBRNAYmZlMTNjYWFjZWE2NjliNzYyZmNk MGMyYmYzYjdlMjY5MzZhMzlhM2NmMjBlZDFkOTQ4MTEyZjNlM2Q5YWQ1MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhY+asdxpOSX9i1iOyMjQCyPsi/N Mb04ZQ4L61L2GgEMAm5Memu4f36qjC24RBaxsOVooP6KLxoG2NTE6DYKgCPbFTIw EDrpKgRoHwclgD9iQn6p4WIsxx8Of+nFs3kWhIUZ3yddcCAOpSXlOWQrJWfLZY0M 3NJrlg/vEAu0IBP45PSmKhBQH7HKW7nlKGhmPN9FcnjwMFJ3pxbiCq7qT3UiIbi8 6RdKTjHMOo8NBS82FU5YV024gmEBlkyvzOUdm9mtSuGFaa6nqNf35zltr1FT6grA obxUdiM7J82OrfBls7caO+sP3i+b/d6+T+E7tdQ6rY9aJvVRc+KElPBdIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM4HDSiq1GQ34tum4Ztk3BKlM+cdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxNjdiOTU2LTQ5YjYtNGJmYy1iMDE1LTZkY2NhMzU3YzE0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba73AwDQYJKoZIhvcNAQELBQADggEBAFumGI7YL7Syj7v40zYC aRtr91WZ9lgeyn74gJerJ5QfsA2saC8hP8HcKGsUTebLbCDiG/7LtHG00v0bCuOJ SMnTPae2OYgVsjvXJ93XcfnUBlstdZDqWAKHJU7zPYx5gvMuapuw+H+CtSrJLVZH /qU/udSwO5+ZSXraAz1TUV3+pv3g3hpxJ6VfdgrO9Ec7ddgbmTsisHaP+RTVbjph 5gMIVyXWkYEi8jJM5RU5Wur/360yO3SnFcpJME5cT2PfYH4AYeeXlLZo1eeT9N/I Y0r8N5kaQp/qCYqJ2rybi+unJeYzOZa0zpfaj+Qpo067sgCcsNwZUeGED3mEnp/s d4Q= -----END CERTIFICATE-----Generated at Fri May 9 02:42:11 2025 by rpki-client