$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa File: 1ef497a8-abd3-4d49-af13-215841ac320f.roa (raw, json) Hash identifier: jo7m4Mk+NofB7GnH7rTnogXyU9rU9a7dKwX7Q7iFRks= Subject key identifier: 35:9D:F1:43:67:43:9D:BE:A0:55:68:E8:FA:DD:CE:DE:3E:7F:06:A1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 021C6AA70AEE583DEBDDFE3B270C33B1D7F6A4B5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa Signing time: Fri 25 Apr 2025 00:00:47 +0000 ROA not before: Fri 25 Apr 2025 00:00:47 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:1c:6a:a7:0a:ee:58:3d:eb:dd:fe:3b:27:0c:33:b1:d7:f6:a4:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 25 00:00:47 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=115d04e83180bdde7c8d586ea0d526bdc940fc3dc15ba4b8523460466906bd4a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:66:1c:28:ae:f0:87:5e:13:8e:d5:e8:00:c2: 98:60:3c:bf:b9:81:58:94:d2:71:3e:f6:30:a6:c6: 91:42:ee:05:86:4c:6f:70:cb:25:41:4e:1a:3c:49: a9:80:5b:de:ec:d1:13:b4:37:04:e2:bf:b0:77:8d: e4:7d:ca:fb:03:77:32:7c:6a:53:26:7c:0f:32:d3: a7:b4:a0:69:a7:bd:1c:a8:7f:d1:90:51:62:f8:bc: c3:f4:1f:22:ff:4c:dd:bc:67:07:ae:1c:eb:3a:2f: 37:87:54:0c:e1:34:e0:3b:5c:8b:72:12:54:17:97: 9f:0b:22:dc:ee:eb:b2:09:56:f8:65:fe:19:27:c7: 4e:4f:11:da:da:03:9b:e1:f0:88:fe:7e:50:9d:d2: fd:87:66:25:43:ce:61:e4:58:0d:43:f2:c0:ab:fe: 8b:28:29:23:42:f4:c1:e9:9d:03:6f:39:a2:2a:75: 97:1d:a8:8f:54:8b:c4:97:9b:db:0b:32:2a:18:3f: 05:5f:40:cb:83:46:c6:ef:51:90:79:63:20:11:f5: 21:70:76:2b:3f:b1:c2:ed:85:79:85:b9:de:53:43: ef:c2:55:1f:cf:93:88:16:21:6b:f7:1a:19:78:e6: 82:9c:ba:98:cd:6c:7e:d4:fa:72:25:31:e6:cc:1d: ec:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:9D:F1:43:67:43:9D:BE:A0:55:68:E8:FA:DD:CE:DE:3E:7F:06:A1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:4000::/40 Signature Algorithm: sha256WithRSAEncryption 7a:50:3d:17:3d:a7:c6:5b:8d:51:05:04:f8:a2:03:72:7e:83: 6e:c1:e9:e5:6f:5e:48:bf:37:46:66:b4:7a:57:a4:3a:1a:ce: 95:f0:30:dd:bf:3b:f1:b5:ae:b9:15:d4:ae:53:62:83:9c:82: 69:cf:d7:67:3c:37:b1:dc:64:0d:ee:b9:32:94:4b:9c:d7:2e: 80:73:db:4c:d8:12:64:6a:61:9a:b7:32:10:04:1a:89:51:c2: de:5c:f6:9d:e3:7f:a4:08:77:36:b3:a6:dc:8e:47:89:cb:82: 99:1e:4a:6c:ec:6b:a9:22:82:c7:98:0d:db:ff:a4:5d:42:f0: be:20:de:88:11:4c:e0:45:40:6a:00:9f:85:bc:c8:88:2c:6c: bd:17:fe:b9:48:c3:f3:5e:05:df:fd:9a:75:bb:53:f0:3e:49: bf:cc:19:63:76:04:5c:ba:b3:05:5a:09:29:62:20:6f:6f:64: 80:4a:a5:74:de:1b:4c:69:00:b9:28:f4:ed:c8:cf:d9:a5:0e: 23:38:2b:5a:58:a2:00:00:50:ea:11:5c:fb:96:9b:11:ab:45: f9:7d:23:00:1b:a1:3f:ac:e8:86:f4:15:9f:1f:d6:1f:ad:f1: d6:d0:d6:ec:99:e9:e9:57:9c:71:3b:ee:f3:8f:70:5b:62:61: 20:ce:45:33 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAhxqpwruWD3r3f47Jwwzsdf2pLUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyNTAwMDA0N1oX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMTE1ZDA0ZTgzMTgwYmRkZTdjOGQ1 ODZlYTBkNTI2YmRjOTQwZmMzZGMxNWJhNGI4NTIzNDYwNDY2OTA2YmQ0YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWYcKK7wh14TjtXoAMKYYDy/uYFY lNJxPvYwpsaRQu4FhkxvcMslQU4aPEmpgFve7NETtDcE4r+wd43kfcr7A3cyfGpT JnwPMtOntKBpp70cqH/RkFFi+LzD9B8i/0zdvGcHrhzrOi83h1QM4TTgO1yLchJU F5efCyLc7uuyCVb4Zf4ZJ8dOTxHa2gOb4fCI/n5QndL9h2YlQ85h5FgNQ/LAq/6L KCkjQvTB6Z0DbzmiKnWXHaiPVIvEl5vbCzIqGD8FX0DLg0bG71GQeWMgEfUhcHYr P7HC7YV5hbneU0PvwlUfz5OIFiFr9xoZeOaCnLqYzWx+1PpyJTHmzB3sEQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDWd8UNnQ52+oFVo6Prdzt4+fwahMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFlZjQ5N2E4LWFiZDMtNGQ0OS1hZjEzLTIxNTg0MWFjMzIwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNkAwDQYJKoZIhvcNAQELBQADggEBAHpQPRc9p8ZbjVEFBPii A3J+g27B6eVvXki/N0ZmtHpXpDoazpXwMN2/O/G1rrkV1K5TYoOcgmnP12c8N7Hc ZA3uuTKUS5zXLoBz20zYEmRqYZq3MhAEGolRwt5c9p3jf6QIdzazptyOR4nLgpke Smzsa6kigseYDdv/pF1C8L4g3ogRTOBFQGoAn4W8yIgsbL0X/rlIw/NeBd/9mnW7 U/A+Sb/MGWN2BFy6swVaCSliIG9vZIBKpXTeG0xpALko9O3Iz9mlDiM4K1pYogAA UOoRXPuWmxGrRfl9IwAboT+s6Ib0FZ8f1h+t8dbQ1uyZ6elXnHE77vOPcFtiYSDO RTM= -----END CERTIFICATE-----Generated at Sat Apr 26 07:31:49 2025 by rpki-client