$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2fa8e7a-5f8e-4d0e-901b-262d25f5dc1e.roa File: b2fa8e7a-5f8e-4d0e-901b-262d25f5dc1e.roa (raw, json) Hash identifier: nMFd0DjcoeLrrdDTUnWTmth8TWtrtIK8fwbiTPUZ56c= Subject key identifier: BF:83:FE:C1:75:3E:C2:AE:A4:8D:A6:29:8C:F7:95:EA:EF:B9:11:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 283ACE67D84DB4B8FA2BC25293D4D90D1CFFDE7F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2fa8e7a-5f8e-4d0e-901b-262d25f5dc1e.roa Signing time: Tue 08 Apr 2025 00:00:05 +0000 ROA not before: Tue 08 Apr 2025 00:00:05 +0000 ROA not after: Tue 13 May 2025 23:59:59 +0000 asID: 8987 IP address blocks: 2406:da30::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:3a:ce:67:d8:4d:b4:b8:fa:2b:c2:52:93:d4:d9:0d:1c:ff:de:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 8 00:00:05 2025 GMT Not After : May 13 23:59:59 2025 GMT Subject: serialNumber=464cb04377408b5e282d53fe3a3b807dc7aeb7209c7e7b8494f7b57b17da668a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:84:22:0e:a1:1f:1f:38:db:64:8b:8e:11:20: 65:58:d6:d3:36:84:4a:18:fe:f0:73:f5:b5:24:b4: 86:7d:c3:ca:f1:65:f3:c5:1f:83:ab:9b:8e:2d:95: dc:20:d8:cb:42:52:b0:ed:f3:00:41:1f:3e:17:03: 29:e7:79:1f:d2:e1:27:48:de:69:6a:ea:c4:35:cd: 6a:0a:9d:2a:41:c1:42:25:20:e2:3f:1e:b1:71:8c: 5a:6a:5a:51:1a:55:17:76:62:9b:4c:80:d4:9f:a4: cc:48:af:a7:16:9e:7b:b2:56:0f:01:af:e8:54:84: c5:74:90:c4:f8:e0:6f:66:21:5e:bc:42:f3:b1:96: 1d:98:f8:46:e5:f5:6b:e0:aa:7f:e4:34:a3:5d:e8: 00:aa:63:bd:ed:ab:68:b3:1a:94:da:a8:f4:31:e7: 20:17:24:91:44:89:f8:ca:75:d8:1a:5d:b6:16:7c: be:b1:27:6c:97:9c:90:6d:fa:a1:28:de:54:7c:f3: 05:a4:6a:17:ad:47:db:e4:e0:7a:9b:8b:a7:e4:90: da:3d:3d:44:a1:25:59:6b:0a:d0:7b:71:99:15:e9: 44:da:15:21:4f:eb:8b:b9:98:f1:cf:9d:c7:02:9f: 88:ba:72:73:c7:f2:d9:97:4b:ca:ee:64:bf:88:ad: e6:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:83:FE:C1:75:3E:C2:AE:A4:8D:A6:29:8C:F7:95:EA:EF:B9:11:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2fa8e7a-5f8e-4d0e-901b-262d25f5dc1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da30::/32 Signature Algorithm: sha256WithRSAEncryption 25:25:88:37:70:bc:52:05:45:e3:68:ee:84:c4:5b:0a:8b:8a: c7:98:26:60:12:3a:21:62:be:0f:28:63:64:1f:e3:3e:91:2b: 6a:2c:cf:1e:b6:2a:c3:1a:75:b0:7e:62:17:0a:88:2b:63:94: 4f:a0:84:6d:26:ad:ed:c7:f4:d0:7e:3f:70:54:a3:34:47:ec: 99:eb:39:89:30:b3:cf:16:53:ab:32:d9:1f:b9:bb:71:f9:31: 2a:83:e4:f8:d9:ca:8f:9f:e2:88:f5:20:b9:05:b2:b3:88:1b: b6:59:d2:62:c9:c6:a4:4b:c9:ea:cb:2c:da:41:24:7f:fa:c7: b5:b0:7e:48:27:ee:bc:f8:9a:7a:2f:6e:2a:3f:50:44:21:63: a7:87:a3:6e:01:76:fd:fd:b3:ac:35:40:99:a2:c1:13:c5:9e: 4b:5d:58:b4:04:94:62:9a:33:3c:a5:a9:29:10:5b:90:5c:61: ab:e5:56:62:a7:58:af:b4:53:62:52:07:ed:1f:f7:70:fc:17: fb:bb:fc:94:d0:c7:8a:c3:a3:a5:f5:f6:5e:6b:1e:98:83:68: bd:5c:fa:44:78:84:73:43:52:3b:2f:7a:65:fa:90:8f:c7:24: 96:fb:37:31:3f:68:be:5e:59:5c:ce:8d:dc:17:21:bf:0a:55: c4:0c:1b:b8 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUKDrOZ9hNtLj6K8JSk9TZDRz/3n8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQwODAwMDAwNVoX DTI1MDUxMzIzNTk1OVowejFJMEcGA1UEBRNANDY0Y2IwNDM3NzQwOGI1ZTI4MmQ1 M2ZlM2EzYjgwN2RjN2FlYjcyMDljN2U3Yjg0OTRmN2I1N2IxN2RhNjY4YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloQiDqEfHzjbZIuOESBlWNbTNoRK GP7wc/W1JLSGfcPK8WXzxR+Dq5uOLZXcINjLQlKw7fMAQR8+FwMp53kf0uEnSN5p aurENc1qCp0qQcFCJSDiPx6xcYxaalpRGlUXdmKbTIDUn6TMSK+nFp57slYPAa/o VITFdJDE+OBvZiFevELzsZYdmPhG5fVr4Kp/5DSjXegAqmO97atosxqU2qj0Mecg FySRRIn4ynXYGl22Fny+sSdsl5yQbfqhKN5UfPMFpGoXrUfb5OB6m4un5JDaPT1E oSVZawrQe3GZFelE2hUhT+uLuZjxz53HAp+IunJzx/LZl0vK7mS/iK3mQwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFL+D/sF1PsKupI2mKYz3lervuRFNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IyZmE4ZTdhLTVmOGUtNGQwZS05MDFiLTI2MmQyNWY1ZGMxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaMDANBgkqhkiG9w0BAQsFAAOCAQEAJSWIN3C8UgVF42juhMRb CouKx5gmYBI6IWK+DyhjZB/jPpEraizPHrYqwxp1sH5iFwqIK2OUT6CEbSat7cf0 0H4/cFSjNEfsmes5iTCzzxZTqzLZH7m7cfkxKoPk+NnKj5/iiPUguQWys4gbtlnS YsnGpEvJ6sss2kEkf/rHtbB+SCfuvPiaei9uKj9QRCFjp4ejbgF2/f2zrDVAmaLB E8WeS11YtASUYpozPKWpKRBbkFxhq+VWYqdYr7RTYlIH7R/3cPwX+7v8lNDHisOj pfX2XmsemINovVz6RHiEc0NSOy96ZfqQj8cklvs3MT9ovl5ZXM6N3BchvwpVxAwb uA== -----END CERTIFICATE-----Generated at Sat Apr 26 07:29:34 2025 by rpki-client