$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/63206b2b-d620-415f-9dee-e3c63ab27be0.roa File: 63206b2b-d620-415f-9dee-e3c63ab27be0.roa (raw, json) Hash identifier: JVIOrKUFCPbJa9lgm4PYTl+Znn3fkUsxp0ZcerjzC8M= Subject key identifier: C2:37:02:4E:D3:7D:14:2C:B9:EF:EE:F5:1A:3D:8B:FB:3E:78:79:8E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 580446B4D78B93B2F151CA7C1A78643B21C286CB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/63206b2b-d620-415f-9dee-e3c63ab27be0.roa Signing time: Wed 16 Apr 2025 00:00:50 +0000 ROA not before: Wed 16 Apr 2025 00:00:50 +0000 ROA not after: Wed 21 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:8000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:04:46:b4:d7:8b:93:b2:f1:51:ca:7c:1a:78:64:3b:21:c2:86:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 16 00:00:50 2025 GMT Not After : May 21 23:59:59 2025 GMT Subject: serialNumber=5e3609d5f495deb5eb950796ff5002deb1b21d8e245a42b1b7e8e7f428a7b131, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:a4:52:be:d0:ab:b9:f2:b4:99:cf:05:9a:d6: 12:25:9f:ca:a8:10:76:2a:73:45:ff:f6:fe:05:a0: 02:96:a0:a2:56:32:ad:01:cb:fa:47:87:7c:95:0b: 78:3c:c7:5b:40:7c:c1:a1:b6:08:a8:ef:9d:2c:a1: 24:12:ef:16:20:0d:a1:b1:a1:e2:dd:da:ce:db:82: 5e:7e:df:43:f6:80:e5:a6:36:3c:a5:46:b7:d2:28: ab:a6:f5:a0:c6:8e:02:34:f4:fb:bd:a9:d1:8d:f5: c6:f3:47:b1:73:71:70:91:18:f6:38:13:5f:f7:0a: bc:da:43:66:83:c8:4c:6d:5d:4c:b3:e6:8e:0e:21: e4:97:eb:ad:2f:0d:c7:45:28:17:da:27:20:d1:d5: b5:50:c9:ce:29:1b:e9:4b:60:b0:cb:b6:c2:45:45: db:50:cd:74:2e:f0:4a:22:75:9b:d2:6c:e8:9b:d7: 7c:da:a9:3d:85:b4:7f:df:d9:04:03:4e:fa:03:fa: 98:8f:7e:12:fc:b5:64:c4:ed:49:ac:2b:cb:c6:d0: 37:72:ea:2d:65:77:33:25:98:1b:d0:c2:b3:76:b6: c4:1b:0f:48:1a:22:35:1a:e1:36:2c:9c:2a:d1:71: 6a:f7:bd:d5:77:74:78:fe:14:4a:53:c9:e1:9f:07: e7:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:37:02:4E:D3:7D:14:2C:B9:EF:EE:F5:1A:3D:8B:FB:3E:78:79:8E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/63206b2b-d620-415f-9dee-e3c63ab27be0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:8000::/48 Signature Algorithm: sha256WithRSAEncryption 2b:52:69:6c:f4:09:43:ff:c9:30:88:a2:d1:cb:0e:cc:0f:33: 43:67:d1:9e:65:9d:e1:8b:1e:8e:18:45:71:be:e9:e5:97:09: 29:99:f0:19:c2:46:c2:28:18:08:6a:b7:d4:73:28:5c:dd:2b: cf:84:16:d5:51:56:2d:b4:29:5f:ed:40:37:68:22:ea:a2:37: ff:4f:e1:c2:d0:a0:f8:1b:79:7b:7c:27:19:98:5d:07:e8:df: 8f:f7:8a:7f:cc:0c:77:61:b3:7a:77:76:91:d7:40:ba:b3:9a: f7:51:2d:2a:28:cc:07:32:ea:dc:d1:35:f6:7c:3d:09:03:de: 8d:29:bf:34:37:a7:d6:be:cb:9c:0c:72:d9:30:59:25:68:00: 38:0f:a2:f2:de:12:5f:6c:e5:1f:f4:61:fc:61:63:bd:6c:57: cb:01:10:70:9e:1f:57:d0:86:b3:51:af:6e:c4:7b:80:18:da: 61:e2:2b:58:a9:95:26:94:72:f7:64:de:24:3b:23:70:56:04: 76:7e:9f:ff:b5:9d:79:cb:93:49:65:64:7e:1c:ab:ca:e6:a8: 61:38:b9:e5:25:c7:76:32:91:ba:b6:6b:6c:1d:19:44:a2:f9: f3:ce:e6:fe:fc:39:2f:b9:3a:39:91:dd:3e:05:e8:49:83:5b: 29:99:eb:aa -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWARGtNeLk7LxUcp8GnhkOyHChsswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxNjAwMDA1MFoX DTI1MDUyMTIzNTk1OVowejFJMEcGA1UEBRNANWUzNjA5ZDVmNDk1ZGViNWViOTUw Nzk2ZmY1MDAyZGViMWIyMWQ4ZTI0NWE0MmIxYjdlOGU3ZjQyOGE3YjEzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KRSvtCrufK0mc8FmtYSJZ/KqBB2 KnNF//b+BaAClqCiVjKtAcv6R4d8lQt4PMdbQHzBobYIqO+dLKEkEu8WIA2hsaHi 3drO24Jeft9D9oDlpjY8pUa30iirpvWgxo4CNPT7vanRjfXG80exc3FwkRj2OBNf 9wq82kNmg8hMbV1Ms+aODiHkl+utLw3HRSgX2icg0dW1UMnOKRvpS2Cwy7bCRUXb UM10LvBKInWb0mzom9d82qk9hbR/39kEA076A/qYj34S/LVkxO1JrCvLxtA3cuot ZXczJZgb0MKzdrbEGw9IGiI1GuE2LJwq0XFq973Vd3R4/hRKU8nhnwfnmwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMI3Ak7TfRQsue/u9Ro9i/s+eHmOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYzMjA2YjJiLWQ2MjAtNDE1Zi05ZGVlLWUzYzYzYWIyN2JlMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9oAAMA0GCSqGSIb3DQEBCwUAA4IBAQArUmls9AlD/8kwiKLR yw7MDzNDZ9GeZZ3hix6OGEVxvunllwkpmfAZwkbCKBgIarfUcyhc3SvPhBbVUVYt tClf7UA3aCLqojf/T+HC0KD4G3l7fCcZmF0H6N+P94p/zAx3YbN6d3aR10C6s5r3 US0qKMwHMurc0TX2fD0JA96NKb80N6fWvsucDHLZMFklaAA4D6Ly3hJfbOUf9GH8 YWO9bFfLARBwnh9X0IazUa9uxHuAGNph4itYqZUmlHL3ZN4kOyNwVgR2fp//tZ15 y5NJZWR+HKvK5qhhOLnlJcd2MpG6tmtsHRlEovnzzub+/DkvuTo5kd0+BehJg1sp meuq -----END CERTIFICATE-----Generated at Sat Apr 26 07:33:02 2025 by rpki-client