$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa File: 005a9212-fea0-4bc0-be12-084b81124b8f.roa (raw, json) Hash identifier: 04YzZbffjSX5s6Nqawffv242M8tBdNeKDrnT0EaPDzQ= Subject key identifier: C7:75:C2:51:D9:65:58:B0:DA:97:D3:00:87:D6:F4:7F:22:3D:C8:44 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09EACAFC509CB4EBABC6FE8942EF5CB0F10CE4A4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa Signing time: Fri 18 Apr 2025 00:01:31 +0000 ROA not before: Fri 18 Apr 2025 00:01:31 +0000 ROA not after: Fri 23 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:7040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:ea:ca:fc:50:9c:b4:eb:ab:c6:fe:89:42:ef:5c:b0:f1:0c:e4:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 18 00:01:31 2025 GMT Not After : May 23 23:59:59 2025 GMT Subject: serialNumber=9d797e9a3222b5cac9a9a3c6bda9d4f0cb6fdf8dfbee24f75c8beafc17a5045f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d1:ed:6b:a3:6a:79:c4:c5:29:43:97:8c:04: a2:81:81:b9:20:8d:d4:28:a3:4f:8a:e2:9d:02:4e: 07:a3:eb:cd:d7:52:e8:7d:51:5f:3a:17:0c:4a:40: 5e:12:88:76:58:0b:e1:3b:07:17:cb:7f:67:a4:5a: 1c:61:6b:68:c0:7f:44:40:f9:57:ee:91:7c:7a:15: 76:ec:99:02:aa:7f:96:e4:36:70:0f:ef:0d:2c:4d: 5d:b4:9d:d1:9a:73:63:7b:2c:c2:b2:17:1d:45:5a: 7e:fc:d8:0a:78:15:e6:87:7e:55:1a:68:c8:89:2a: 08:68:d4:9e:d2:ae:de:88:e2:a6:49:bb:cf:51:3f: f3:4f:fe:6a:0a:f8:27:03:24:b8:6d:9c:64:20:35: be:29:71:54:ea:a0:3f:71:a5:da:f5:ff:19:db:18: 39:a5:85:6c:34:63:8e:f3:5e:58:18:08:2f:9e:2c: ca:3e:ca:c1:05:6e:0c:c0:ae:3a:30:3a:e7:72:a2: 22:7a:3f:29:4c:5c:31:8a:f3:63:e9:e4:b9:f5:b6: be:51:23:66:f5:cf:0c:b4:43:33:f8:40:74:0e:59: 51:62:32:ee:9a:18:27:04:7b:34:32:69:33:65:c5: 24:14:91:35:30:cb:c8:32:62:5b:7d:d2:3e:fd:52: b7:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:75:C2:51:D9:65:58:B0:DA:97:D3:00:87:D6:F4:7F:22:3D:C8:44 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:7040::/48 Signature Algorithm: sha256WithRSAEncryption 0f:30:59:0e:70:75:1d:e7:23:5c:b2:f0:ad:b7:db:78:70:dc: 43:ad:52:98:e8:07:f3:e6:08:9a:d7:be:1e:a9:13:fb:fb:76: b2:a5:09:c1:ef:bf:89:5f:21:8d:ea:1d:00:01:39:a6:45:c5: 73:ca:c4:7f:88:17:05:77:65:8d:32:69:30:d6:83:8f:89:98: 44:bd:ca:07:eb:2f:76:fb:38:f3:e8:86:2c:c0:61:f8:85:cf: d8:52:6f:64:bc:85:88:68:d7:f6:0a:9c:33:53:a6:0c:35:1b: 58:e7:e2:56:70:89:51:08:2e:0b:ce:f0:e8:34:44:09:6f:9e: 9e:3a:10:47:28:f7:5c:20:f3:3b:6b:5b:1d:d7:d3:a2:db:5e: 47:31:5a:2e:82:c5:76:75:31:b7:3d:22:f7:aa:70:5a:e0:0a: ad:4f:60:7e:25:f2:88:42:d7:42:a3:42:df:a3:81:f6:8f:d1: 83:a4:9a:a8:89:8a:97:de:53:40:67:a2:a7:be:e3:1d:ff:c2: c3:38:d2:1d:5b:8b:cc:d3:73:00:00:0d:bd:eb:60:0a:e9:50: 51:4b:11:39:23:8c:5d:5b:8a:d7:04:3b:9d:35:a8:af:55:6e: 56:3c:d4:bd:45:7a:0e:1e:ad:75:d9:fa:97:88:07:81:40:db: a8:55:76:5a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCerK/FCctOurxv6JQu9csPEM5KQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxODAwMDEzMVoX DTI1MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAOWQ3OTdlOWEzMjIyYjVjYWM5YTlh M2M2YmRhOWQ0ZjBjYjZmZGY4ZGZiZWUyNGY3NWM4YmVhZmMxN2E1MDQ1ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdHta6NqecTFKUOXjASigYG5II3U KKNPiuKdAk4Ho+vN11LofVFfOhcMSkBeEoh2WAvhOwcXy39npFocYWtowH9EQPlX 7pF8ehV27JkCqn+W5DZwD+8NLE1dtJ3RmnNjeyzCshcdRVp+/NgKeBXmh35VGmjI iSoIaNSe0q7eiOKmSbvPUT/zT/5qCvgnAyS4bZxkIDW+KXFU6qA/caXa9f8Z2xg5 pYVsNGOO815YGAgvnizKPsrBBW4MwK46MDrncqIiej8pTFwxivNj6eS59ba+USNm 9c8MtEMz+EB0DllRYjLumhgnBHs0MmkzZcUkFJE1MMvIMmJbfdI+/VK3rQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMd1wlHZZViw2pfTAIfW9H8iPchEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwNWE5MjEyLWZlYTAtNGJjMC1iZTEyLTA4NGI4MTEyNGI4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAHBAMA0GCSqGSIb3DQEBCwUAA4IBAQAPMFkOcHUd5yNcsvCt t9t4cNxDrVKY6Afz5gia174eqRP7+3aypQnB77+JXyGN6h0AATmmRcVzysR/iBcF d2WNMmkw1oOPiZhEvcoH6y92+zjz6IYswGH4hc/YUm9kvIWIaNf2CpwzU6YMNRtY 5+JWcIlRCC4LzvDoNEQJb56eOhBHKPdcIPM7a1sd19Oi215HMVougsV2dTG3PSL3 qnBa4AqtT2B+JfKIQtdCo0Lfo4H2j9GDpJqoiYqX3lNAZ6KnvuMd/8LDONIdW4vM 03MAAA2962AK6VBRSxE5I4xdW4rXBDudNaivVW5WPNS9RXoOHq112fqXiAeBQNuo VXZa -----END CERTIFICATE-----Generated at Sat Apr 26 07:35:17 2025 by rpki-client