$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa File: 996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json) Hash identifier: 5YR+Ins14fDU5QUkiV12H7m9XL+4bJh00UI+33WGNVY= Subject key identifier: 97:19:3D:84:D5:A6:CD:DD:07:7E:14:2C:0D:84:68:3B:B3:CC:DD:DB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 14F3CCDFF285E65D490B02756199A75EBE58F0B9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa Signing time: Wed 30 Apr 2025 00:00:04 +0000 ROA not before: Wed 30 Apr 2025 00:00:04 +0000 ROA not after: Wed 04 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da00:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:f3:cc:df:f2:85:e6:5d:49:0b:02:75:61:99:a7:5e:be:58:f0:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 30 00:00:04 2025 GMT Not After : Jun 4 23:59:59 2025 GMT Subject: serialNumber=9883fd3ee963fc0b14e114709e66a27cf7de6e2e6584e9cfc81d1a5ec0dc80ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:52:a3:9f:b2:b6:99:3f:9d:0b:14:fb:76:e5: 25:4b:75:28:31:14:bd:ef:9e:df:bf:07:9a:d4:76: bf:74:8a:f2:75:f1:c7:13:1e:75:16:5b:39:4e:d7: e1:39:ff:fc:8d:97:11:51:32:f1:81:ec:4b:9c:05: a9:17:42:c2:2d:5a:b6:2a:97:a8:b6:cc:79:8f:7a: b6:0e:4f:e1:19:06:e3:fd:82:85:0e:8f:6f:e1:88: 2a:99:68:2a:5d:e5:1d:41:12:e2:fe:75:48:5d:b5: 9d:63:0b:5a:85:dd:36:5d:97:da:1a:8c:b9:3c:85: f8:96:eb:79:f9:f7:e1:b5:c8:a9:47:3d:95:8a:82: 9d:9a:a4:56:c8:0f:24:a6:37:91:13:f3:c4:41:ae: 65:8f:b5:22:a1:04:39:3d:27:56:a2:20:b1:f2:6f: f8:e9:c2:cb:3a:e6:dd:4d:cd:c6:f7:7a:ea:29:47: ae:6f:c1:f3:2a:9a:a8:a0:53:27:d9:00:ff:b2:b9: eb:55:c6:71:97:e6:79:8d:1c:e6:2d:f2:37:d3:eb: 6f:6e:f0:7e:d5:43:e4:a7:6e:c8:59:4f:2d:f8:e8: 63:8a:b6:41:1d:5d:50:db:72:bd:4a:ca:e0:fa:cf: d2:c8:ad:76:b2:47:ec:b5:3a:64:97:42:92:0a:4d: d9:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:19:3D:84:D5:A6:CD:DD:07:7E:14:2C:0D:84:68:3B:B3:CC:DD:DB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:ff00::/48 Signature Algorithm: sha256WithRSAEncryption af:a6:c4:37:53:9d:05:fa:d5:4b:6f:2d:f7:0a:cd:c5:58:ec: a0:98:7f:b8:c0:f5:8b:14:d1:6a:38:10:b0:7f:62:92:63:3f: de:45:8f:b3:32:70:4d:c0:1a:36:75:05:fd:f9:75:9f:29:14: 6d:a8:18:63:e1:11:92:97:77:78:32:0d:44:0c:45:70:d9:6f: 03:5e:a2:70:97:c9:87:fe:ed:22:c6:87:85:1e:20:bc:e3:b3: be:87:27:31:ea:bf:f7:af:c7:3b:cd:9d:b4:96:ae:d7:5e:83: 56:9b:95:d0:17:1f:73:46:d1:a3:e6:53:a9:b2:79:04:a2:03: e4:00:2c:5a:05:29:c8:d6:5e:78:9a:00:d2:d2:23:51:9b:2f: 63:4a:ea:74:da:25:f0:a0:d0:ed:26:70:bc:3f:2d:53:4b:c3: 93:a4:8a:a2:51:a8:3e:5e:fb:d1:7b:6e:8e:7e:9e:ac:cf:fe: 3d:29:08:f7:9e:90:dc:4a:95:4f:f9:ee:5c:ae:2b:60:df:4f: 6a:31:6f:5c:66:57:98:96:7e:99:f4:35:cf:bf:bd:b9:f2:1b: 40:3d:01:88:ce:f2:ed:c5:ac:b3:5e:bb:18:45:f2:11:ca:9e: 30:2b:68:a2:98:26:2f:17:9c:7e:5a:34:28:4f:e6:33:f1:cb: ff:74:9e:21 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFPPM3/KF5l1JCwJ1YZmnXr5Y8LkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQzMDAwMDAwNFoX DTI1MDYwNDIzNTk1OVowejFJMEcGA1UEBRNAOTg4M2ZkM2VlOTYzZmMwYjE0ZTEx NDcwOWU2NmEyN2NmN2RlNmUyZTY1ODRlOWNmYzgxZDFhNWVjMGRjODBhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslKjn7K2mT+dCxT7duUlS3UoMRS9 757fvwea1Ha/dIrydfHHEx51Fls5TtfhOf/8jZcRUTLxgexLnAWpF0LCLVq2Kpeo tsx5j3q2Dk/hGQbj/YKFDo9v4YgqmWgqXeUdQRLi/nVIXbWdYwtahd02XZfaGoy5 PIX4lut5+ffhtcipRz2VioKdmqRWyA8kpjeRE/PEQa5lj7UioQQ5PSdWoiCx8m/4 6cLLOubdTc3G93rqKUeub8HzKpqooFMn2QD/srnrVcZxl+Z5jRzmLfI30+tvbvB+ 1UPkp27IWU8t+OhjirZBHV1Q23K9Ssrg+s/SyK12skfstTpkl0KSCk3ZGwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJcZPYTVps3dB34ULA2EaDuzzN3bMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQCvpsQ3U50F+tVLby33 Cs3FWOygmH+4wPWLFNFqOBCwf2KSYz/eRY+zMnBNwBo2dQX9+XWfKRRtqBhj4RGS l3d4Mg1EDEVw2W8DXqJwl8mH/u0ixoeFHiC847O+hycx6r/3r8c7zZ20lq7XXoNW m5XQFx9zRtGj5lOpsnkEogPkACxaBSnI1l54mgDS0iNRmy9jSup02iXwoNDtJnC8 Py1TS8OTpIqiUag+XvvRe26Ofp6sz/49KQj3npDcSpVP+e5critg309qMW9cZleY ln6Z9DXPv7258htAPQGIzvLtxayzXrsYRfIRyp4wK2iimCYvF5x+WjQoT+Yz8cv/ dJ4h -----END CERTIFICATE-----Generated at Mon May 5 14:20:07 2025 by rpki-client