$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa File: d50e303a-6697-4780-b749-2eb970425fe8.roa (raw, json) Hash identifier: p3otnfxZKOB6tFDLWqq0qqAXhcKklEFWoydZuFHdYe0= Subject key identifier: E5:01:8D:6A:C4:C1:42:D5:1E:D9:2A:F5:AE:33:D9:D8:B3:61:50:C5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7DAB7783DA833B60DFCAC7924079A8102940C4AD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa Signing time: Sat 10 May 2025 00:01:41 +0000 ROA not before: Sat 10 May 2025 00:01:41 +0000 ROA not after: Sat 14 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 00:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:ab:77:83:da:83:3b:60:df:ca:c7:92:40:79:a8:10:29:40:c4:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 10 00:01:41 2025 GMT Not After : Jun 14 23:59:59 2025 GMT Subject: serialNumber=2b51b64de7d1697f034a809a10d48afcfd949484a2e7066b21ed7853a60a3fe9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:d6:b2:c0:5a:7e:1e:9f:f1:4d:59:e4:0f:91: 79:82:96:02:9b:03:1d:e9:a1:44:32:65:0e:77:c8: fb:12:c7:4a:5c:eb:c4:d0:dd:23:1d:1f:1d:64:12: dc:ff:f2:92:d1:5d:91:e1:0e:c6:18:70:33:64:38: 4c:41:5d:ec:e1:26:8b:69:4c:59:e0:2e:df:5a:34: 9a:02:cc:35:de:f9:6e:8f:82:0d:20:96:1a:0d:ff: aa:1e:fd:ed:52:4e:ed:c8:c9:07:91:d6:0c:ec:fe: ff:23:d9:d8:37:64:a5:4a:06:90:3b:a1:6d:0b:4b: 1a:a8:5c:e4:4c:a4:34:08:4e:a9:83:f3:e5:dd:09: 66:79:11:21:c8:36:9d:7f:2a:d9:a3:04:72:6e:d3: 87:2b:ac:25:82:d6:f6:7b:0a:d5:2a:76:85:9b:2e: 80:f2:f7:c4:51:ec:eb:6d:d9:c5:e2:3f:0a:2e:cf: 42:e8:5e:d1:d4:0b:85:08:91:19:e0:62:3a:65:1b: 62:31:93:7b:66:31:81:72:0c:eb:2b:2a:50:60:11: 5d:10:b5:8e:26:5d:61:43:cd:13:24:28:00:46:19: e5:c4:52:59:fa:06:17:cd:08:5f:1f:86:14:fa:ce: b5:a8:02:f6:26:bf:7c:23:5b:76:2d:76:91:39:14: ed:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:01:8D:6A:C4:C1:42:D5:1E:D9:2A:F5:AE:33:D9:D8:B3:61:50:C5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:7000::/40 Signature Algorithm: sha256WithRSAEncryption 86:f3:04:2a:34:b8:d0:70:7a:bf:0b:ee:b2:3f:21:15:65:6c: 78:ae:46:62:e7:5b:05:c9:3b:51:11:72:78:42:41:6e:ec:76: b4:1e:51:da:ca:0e:4b:99:67:be:57:d1:a6:d6:08:2a:4c:3a: 35:de:4b:13:02:63:86:d0:9e:93:b5:42:dc:d0:bf:28:7b:b9: af:7d:b0:d6:01:e7:d1:8c:6a:5c:4c:bb:cf:a5:23:17:fa:de: 71:c4:f5:8a:c0:4d:fd:51:0c:a0:b6:10:82:32:75:02:7a:4a: 4d:66:1e:34:08:ef:48:a7:46:dd:fc:c4:3b:79:cc:2d:c7:0c: 7e:9f:1f:68:6b:ef:ee:69:15:1e:01:4e:bf:c5:a7:52:18:5e: d1:90:6c:a7:d5:ee:dd:12:f3:78:97:7a:44:27:5a:ed:39:9e: f5:cf:f8:d1:25:46:52:8a:1a:1d:e9:2d:1d:97:f8:30:18:e1: 60:b7:bb:ec:27:1f:d9:d9:31:3a:df:2f:4a:ea:e9:23:37:72: de:fe:5b:e3:d1:c5:d4:fb:8d:e9:93:c2:f4:67:72:99:49:7a: 50:19:d1:4a:b9:6c:6c:2f:c9:c0:d7:36:42:8c:21:0d:9d:d2: 47:d7:a1:ca:20:db:d4:5e:5d:4f:27:ac:1a:73:7c:36:34:72: 61:89:f1:57 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfat3g9qDO2DfyseSQHmoEClAxK0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMDAwMDE0MVoX DTI1MDYxNDIzNTk1OVowejFJMEcGA1UEBRNAMmI1MWI2NGRlN2QxNjk3ZjAzNGE4 MDlhMTBkNDhhZmNmZDk0OTQ4NGEyZTcwNjZiMjFlZDc4NTNhNjBhM2ZlOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9aywFp+Hp/xTVnkD5F5gpYCmwMd 6aFEMmUOd8j7EsdKXOvE0N0jHR8dZBLc//KS0V2R4Q7GGHAzZDhMQV3s4SaLaUxZ 4C7fWjSaAsw13vluj4INIJYaDf+qHv3tUk7tyMkHkdYM7P7/I9nYN2SlSgaQO6Ft C0saqFzkTKQ0CE6pg/Pl3QlmeREhyDadfyrZowRybtOHK6wlgtb2ewrVKnaFmy6A 8vfEUezrbdnF4j8KLs9C6F7R1AuFCJEZ4GI6ZRtiMZN7ZjGBcgzrKypQYBFdELWO Jl1hQ80TJCgARhnlxFJZ+gYXzQhfH4YU+s61qAL2Jr98I1t2LXaRORTtZQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOUBjWrEwULVHtkq9a4z2dizYVDFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q1MGUzMDNhLTY2OTctNDc4MC1iNzQ5LTJlYjk3MDQyNWZlOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9nAwDQYJKoZIhvcNAQELBQADggEBAIbzBCo0uNBwer8L7rI/ IRVlbHiuRmLnWwXJO1ERcnhCQW7sdrQeUdrKDkuZZ75X0abWCCpMOjXeSxMCY4bQ npO1QtzQvyh7ua99sNYB59GMalxMu8+lIxf63nHE9YrATf1RDKC2EIIydQJ6Sk1m HjQI70inRt38xDt5zC3HDH6fH2hr7+5pFR4BTr/Fp1IYXtGQbKfV7t0S83iXekQn Wu05nvXP+NElRlKKGh3pLR2X+DAY4WC3u+wnH9nZMTrfL0rq6SM3ct7+W+PRxdT7 jemTwvRncplJelAZ0Uq5bGwvycDXNkKMIQ2d0kfXocog29ReXU8nrBpzfDY0cmGJ 8Vc= -----END CERTIFICATE-----Generated at Mon May 12 06:57:08 2025 by rpki-client