$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e07c6407-4a6d-4c72-8e3f-4f2d148c1b6d.roa File: e07c6407-4a6d-4c72-8e3f-4f2d148c1b6d.roa (raw, json) Hash identifier: YPELKw835/Vx1TrWIT/IpstK7kUsAllK1mpQy9+1Dfc= Subject key identifier: 62:72:FE:16:9D:8F:E1:5D:2E:E5:7F:22:C2:06:27:7A:70:D0:27:5F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11C01184DAA39202B04BB82C940FAFC15E5AC63A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e07c6407-4a6d-4c72-8e3f-4f2d148c1b6d.roa Signing time: Tue 06 May 2025 00:00:52 +0000 ROA not before: Tue 06 May 2025 00:00:52 +0000 ROA not after: Tue 10 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 10 May 2025 00:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:c0:11:84:da:a3:92:02:b0:4b:b8:2c:94:0f:af:c1:5e:5a:c6:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 6 00:00:52 2025 GMT Not After : Jun 10 23:59:59 2025 GMT Subject: serialNumber=2918a92f657361431e7ee1446ef3dc8ad2bb0ea35d1245fbe8ad7e9f19b5a30e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:4c:b8:9c:d0:fc:86:84:58:16:b0:13:56:93: d9:07:0a:71:13:bb:73:0e:3b:67:c0:62:1b:be:cc: fa:8b:04:03:77:8f:01:98:b3:ee:c5:35:71:13:65: 25:31:f0:64:58:c9:1e:26:c3:4f:23:13:94:d9:6c: ee:ef:63:50:d0:1b:bb:b5:63:4d:03:ee:02:18:a0: b1:bb:e3:bb:bc:7d:af:76:e9:ed:56:ea:e9:5b:2d: 76:60:94:ab:65:9a:e2:da:24:ec:b5:80:c7:9e:da: 09:7b:12:5c:bd:7c:bc:48:95:12:cf:bf:bd:35:fe: c0:40:68:a0:98:8f:cd:51:47:37:20:34:3f:6e:e2: cd:d2:8a:16:c4:8a:6c:a8:90:03:d1:71:8f:83:38: 03:83:8f:4f:36:33:ef:81:6b:44:04:7b:94:82:56: bd:b1:56:4b:9c:62:8a:17:e5:08:b2:09:bf:99:0b: 03:68:80:e2:56:ad:6d:ca:4f:58:2b:bd:bc:62:d3: da:62:89:db:c1:07:63:e9:93:0f:0a:0a:96:c3:bf: 94:99:c1:0a:bd:21:2e:22:9c:7b:8d:f8:62:11:d4: be:1b:96:5a:15:88:32:3f:b3:16:44:e3:39:34:05: fd:8c:7c:28:ea:f6:51:3a:71:68:34:5d:ec:1c:15: b6:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:72:FE:16:9D:8F:E1:5D:2E:E5:7F:22:C2:06:27:7A:70:D0:27:5F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e07c6407-4a6d-4c72-8e3f-4f2d148c1b6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:1000::/40 Signature Algorithm: sha256WithRSAEncryption 06:15:3d:f1:81:b2:08:68:68:c5:5f:ab:26:2b:84:4a:a8:2a: 6d:ab:84:01:82:6a:e9:32:39:fc:7e:16:72:f5:32:3d:c0:ad: fb:15:34:f5:b0:54:d0:13:71:9a:d7:48:c7:6d:dc:e5:74:20: c6:49:2a:d6:2e:ad:dd:a4:28:c8:e2:42:1a:89:87:8f:25:d2: 65:3c:01:11:a6:74:9e:2d:6f:c8:85:ca:42:72:3c:41:f6:da: 0d:72:08:35:97:1a:74:e7:57:ed:81:5a:da:af:aa:74:8a:ce: 5f:a6:7e:5c:92:d1:4f:a0:74:91:bb:d3:e8:c0:20:44:0a:ff: e5:ce:4b:cc:c7:47:d6:ab:a1:43:4a:55:78:e5:ea:15:7d:ce: b2:c9:6d:a2:c0:c7:6b:33:bc:cf:2d:f2:8a:1f:32:72:ba:b3: 4c:d7:6c:9f:35:17:c0:e5:dd:4e:30:bf:18:b8:d9:df:e1:22: 19:99:b8:02:3b:01:5b:5a:f9:8d:ad:db:99:c2:a4:0e:bc:20: de:3c:25:7d:19:b7:1d:b7:3a:93:18:35:32:1c:2a:c4:7e:69: 97:ff:40:47:56:ee:89:53:94:bb:22:21:26:fa:89:d5:4c:70: 4e:43:9e:4a:b3:12:03:4d:2e:51:4a:d3:7e:f2:64:a3:03:56: 77:89:cb:ed -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEcARhNqjkgKwS7gslA+vwV5axjowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUwNjAwMDA1MloX DTI1MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAMjkxOGE5MmY2NTczNjE0MzFlN2Vl MTQ0NmVmM2RjOGFkMmJiMGVhMzVkMTI0NWZiZThhZDdlOWYxOWI1YTMwZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0y4nND8hoRYFrATVpPZBwpxE7tz DjtnwGIbvsz6iwQDd48BmLPuxTVxE2UlMfBkWMkeJsNPIxOU2Wzu72NQ0Bu7tWNN A+4CGKCxu+O7vH2vduntVurpWy12YJSrZZri2iTstYDHntoJexJcvXy8SJUSz7+9 Nf7AQGigmI/NUUc3IDQ/buLN0ooWxIpsqJAD0XGPgzgDg49PNjPvgWtEBHuUgla9 sVZLnGKKF+UIsgm/mQsDaIDiVq1tyk9YK728YtPaYonbwQdj6ZMPCgqWw7+UmcEK vSEuIpx7jfhiEdS+G5ZaFYgyP7MWROM5NAX9jHwo6vZROnFoNF3sHBW2FQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGJy/hadj+FdLuV/IsIGJ3pw0CdfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwN2M2NDA3LTRhNmQtNGM3Mi04ZTNmLTRmMmQxNDhjMWI2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauBAwDQYJKoZIhvcNAQELBQADggEBAAYVPfGBsghoaMVfqyYr hEqoKm2rhAGCaukyOfx+FnL1Mj3ArfsVNPWwVNATcZrXSMdt3OV0IMZJKtYurd2k KMjiQhqJh48l0mU8ARGmdJ4tb8iFykJyPEH22g1yCDWXGnTnV+2BWtqvqnSKzl+m flyS0U+gdJG70+jAIEQK/+XOS8zHR9aroUNKVXjl6hV9zrLJbaLAx2szvM8t8oof MnK6s0zXbJ81F8Dl3U4wvxi42d/hIhmZuAI7AVta+Y2t25nCpA68IN48JX0Ztx23 OpMYNTIcKsR+aZf/QEdW7olTlLsiISb6idVMcE5DnkqzEgNNLlFK037yZKMDVneJ y+0= -----END CERTIFICATE-----Generated at Tue May 6 22:24:39 2025 by rpki-client