$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/909bb5d0-1a4f-4343-bc4a-c23a6a885c1e.roa File: 909bb5d0-1a4f-4343-bc4a-c23a6a885c1e.roa (raw, json) Hash identifier: dl9hrBjR5FOxY6XImaq1LBsoQ0rK8kwAagrPJ9JuLss= Subject key identifier: F0:89:C6:D4:2C:8E:E5:68:AD:EF:E4:E1:39:DE:61:41:70:7E:8B:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 64E370B14AC1247862432494EC00130CC85975F0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/909bb5d0-1a4f-4343-bc4a-c23a6a885c1e.roa Signing time: Sat 19 Apr 2025 00:41:02 +0000 ROA not before: Sat 19 Apr 2025 00:41:02 +0000 ROA not after: Sat 24 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:90c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:e3:70:b1:4a:c1:24:78:62:43:24:94:ec:00:13:0c:c8:59:75:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 19 00:41:02 2025 GMT Not After : May 24 23:59:59 2025 GMT Subject: serialNumber=73c994b481d51c9093170aa377219c920ad2a9671131d5800dece8a34ca602f9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:32:39:ae:0c:c3:16:a7:d7:7b:52:9d:c8:12: 9c:67:62:fc:cc:c0:13:69:9e:ea:9e:e0:58:ee:55: f4:c0:ea:2c:36:9e:94:ca:6c:9c:ef:c7:10:0d:de: 57:8d:30:a5:a0:cc:35:dd:4b:6c:38:a8:36:ec:a7: ba:09:74:a3:16:ff:9d:a5:0e:3d:10:dd:3c:76:8d: 88:eb:01:2b:21:50:90:ae:3f:ae:43:32:aa:7f:b0: d7:fa:00:f3:42:2d:22:13:87:61:ed:a1:13:46:50: 1a:59:91:ff:8a:de:a7:4f:28:2b:da:39:d4:1c:cd: a4:e2:ce:99:38:f4:4a:b1:b7:cc:d6:07:30:95:f1: dd:3d:aa:1c:cc:9e:7d:b8:ed:4b:ea:a5:cd:15:38: 1d:af:f2:05:77:5a:2f:af:4b:65:14:79:78:3e:81: ee:05:1c:fb:98:b8:fa:0c:e4:fc:45:b9:2c:1e:85: cb:6b:1e:7a:7a:0c:09:f3:ea:3b:9e:23:e8:80:2a: 16:f4:7c:ab:ff:b1:8e:a9:77:ce:e7:90:6b:f3:94: 0f:af:0e:1d:f9:3f:0e:5d:24:1d:5e:dd:2c:53:91: 51:eb:ba:c2:a2:48:f9:c9:e8:c8:7b:46:09:59:11: 52:2a:43:77:45:fa:6b:8c:83:c1:29:91:92:a2:24: b4:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:89:C6:D4:2C:8E:E5:68:AD:EF:E4:E1:39:DE:61:41:70:7E:8B:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/909bb5d0-1a4f-4343-bc4a-c23a6a885c1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:90c0::/48 Signature Algorithm: sha256WithRSAEncryption 36:1c:98:74:5a:7a:9d:75:6e:f2:de:bd:f6:16:69:5d:f5:f0: 8c:79:85:90:8d:81:40:a1:53:f6:65:49:c6:f2:e4:61:e1:e6: 2e:62:ba:f9:16:b2:54:7d:49:98:4d:c8:5e:c3:30:f8:66:df: f1:5f:5c:5f:71:1b:34:d9:3b:9f:d9:4e:b7:60:a2:6d:26:cc: 10:f3:21:e1:dc:e3:1f:e8:5b:15:bc:12:13:d6:82:89:f7:59: 8c:c5:b3:65:42:52:cc:fe:c2:ec:6f:97:00:e5:34:00:c8:9f: 97:69:5d:fd:5d:59:ce:73:7a:a5:8f:59:79:f8:b8:08:d5:f3: d0:9c:80:67:e2:dc:9e:64:84:04:f9:e6:8d:f9:c2:d0:29:fa: d5:ab:9d:f6:de:71:c9:71:65:26:a6:36:ab:50:d0:ad:69:db: 8c:af:ba:ac:b1:3d:22:5c:e8:9a:b9:bd:ec:3e:53:5c:78:f8: 82:c3:b9:51:70:ff:d3:7d:0b:12:70:c3:e1:b5:fd:95:61:3e: 83:7b:d0:06:4c:40:b2:e3:24:a9:95:b0:c5:0c:b3:5f:4a:f7: 6c:e9:43:59:03:81:80:ce:8b:5a:20:63:5d:0e:bf:95:7d:d2: bb:97:83:bf:96:12:8a:a3:19:9b:2c:11:ce:26:dc:83:48:96: 53:48:6d:a4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZONwsUrBJHhiQySU7AATDMhZdfAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxOTAwNDEwMloX DTI1MDUyNDIzNTk1OVowejFJMEcGA1UEBRNANzNjOTk0YjQ4MWQ1MWM5MDkzMTcw YWEzNzcyMTljOTIwYWQyYTk2NzExMzFkNTgwMGRlY2U4YTM0Y2E2MDJmOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTI5rgzDFqfXe1KdyBKcZ2L8zMAT aZ7qnuBY7lX0wOosNp6Uymyc78cQDd5XjTCloMw13UtsOKg27Ke6CXSjFv+dpQ49 EN08do2I6wErIVCQrj+uQzKqf7DX+gDzQi0iE4dh7aETRlAaWZH/it6nTygr2jnU HM2k4s6ZOPRKsbfM1gcwlfHdPaoczJ59uO1L6qXNFTgdr/IFd1ovr0tlFHl4PoHu BRz7mLj6DOT8RbksHoXLax56egwJ8+o7niPogCoW9Hyr/7GOqXfO55Br85QPrw4d +T8OXSQdXt0sU5FR67rCokj5yejIe0YJWRFSKkN3RfprjIPBKZGSoiS01wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPCJxtQsjuVore/k4TneYUFwfot0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwOWJiNWQwLTFhNGYtNDM0My1iYzRhLWMyM2E2YTg4NWMxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8pDAMA0GCSqGSIb3DQEBCwUAA4IBAQA2HJh0WnqddW7y3r32 Fmld9fCMeYWQjYFAoVP2ZUnG8uRh4eYuYrr5FrJUfUmYTchewzD4Zt/xX1xfcRs0 2Tuf2U63YKJtJswQ8yHh3OMf6FsVvBIT1oKJ91mMxbNlQlLM/sLsb5cA5TQAyJ+X aV39XVnOc3qlj1l5+LgI1fPQnIBn4tyeZIQE+eaN+cLQKfrVq5323nHJcWUmpjar UNCtaduMr7qssT0iXOiaub3sPlNcePiCw7lRcP/TfQsScMPhtf2VYT6De9AGTECy 4ySplbDFDLNfSvds6UNZA4GAzotaIGNdDr+VfdK7l4O/lhKKoxmbLBHOJtyDSJZT SG2k -----END CERTIFICATE-----Generated at Sat Apr 26 07:29:59 2025 by rpki-client