$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa File: dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa (raw, json) Hash identifier: eV58lq7XmlRzryiQ961ecDR5GvRyu9s8VWYgecqr3Bk= Subject key identifier: 31:5F:2E:14:CA:01:70:88:2C:DF:9C:2B:62:D9:D2:6E:17:BA:1C:8D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 16B85E6DD5583041C1F0A34FFAC63A4B5F48A632 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa Signing time: Sat 19 Apr 2025 00:40:55 +0000 ROA not before: Sat 19 Apr 2025 00:40:55 +0000 ROA not after: Sat 24 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:b8:5e:6d:d5:58:30:41:c1:f0:a3:4f:fa:c6:3a:4b:5f:48:a6:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 19 00:40:55 2025 GMT Not After : May 24 23:59:59 2025 GMT Subject: serialNumber=cc9bfcc354a28a25672d113ad9d4eb88d783f3ea0b226a3c7b3aae82fe988890, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9b:b9:82:f2:cd:4d:18:ec:8d:9a:7d:a6:69: d4:00:b2:36:3c:39:8d:2c:1a:4b:a7:30:22:cb:90: be:ac:d1:9b:fb:33:55:46:dc:11:59:88:6a:03:28: 20:ab:06:9d:bf:cb:77:56:97:c8:63:dd:d2:52:a1: 63:5e:e3:17:fa:21:cf:ad:1e:ae:ad:44:8b:d4:cf: f5:40:0b:94:a6:c6:9c:59:e7:58:c0:78:23:28:6b: 85:b2:a7:7b:a0:84:62:a4:be:ba:c9:dc:63:3d:2e: 4a:07:f3:97:91:e6:2a:0d:14:4c:c0:d1:f8:61:fe: ce:40:b7:13:d3:80:8b:58:be:7a:95:dc:ea:9a:db: 5b:a6:61:89:6e:9b:8b:6f:d7:4d:c8:82:9f:d7:b0: 50:1c:51:a8:12:ed:c3:27:89:b6:b2:d8:83:d3:dc: d1:91:37:ca:eb:91:d2:2e:9c:cf:93:8f:49:41:7f: d9:90:ef:51:0a:a9:e6:8a:c1:4d:0c:5b:1c:1d:63: 49:de:c9:4e:0e:29:7f:2c:6d:93:be:53:25:b9:82: 35:fb:93:72:17:bc:55:00:0e:ff:0b:22:33:0c:cc: d2:6b:98:c9:1c:4e:0f:1f:9d:71:a5:b2:50:20:ea: 77:6a:68:97:c7:17:68:80:13:65:e7:83:20:a1:f8: d5:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:5F:2E:14:CA:01:70:88:2C:DF:9C:2B:62:D9:D2:6E:17:BA:1C:8D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:10c0::/48 Signature Algorithm: sha256WithRSAEncryption 31:33:8b:5b:95:66:c9:1c:38:26:e2:f3:c3:ed:31:47:2b:f7: 94:96:7f:33:e1:6e:22:36:f3:86:75:c4:ef:9d:05:22:8b:e7: f4:2e:44:c2:80:49:69:4e:5b:13:5d:3a:ba:fa:70:be:c1:56: be:9e:d3:45:61:22:5c:f2:f9:c0:3e:9b:7a:cb:fa:80:ca:7b: ac:f2:a4:f6:1d:47:b1:36:9f:34:b8:6f:6f:a9:5e:08:b0:3b: ae:68:8e:39:b9:34:df:e7:6f:16:77:e5:7c:44:91:7b:cf:2b: 53:74:13:73:7b:01:df:5a:40:16:fa:b1:83:fc:63:61:be:24: 27:c4:1b:cf:48:6c:0b:9e:6c:b1:a7:da:1b:86:82:07:5b:ab: 06:a3:d1:11:51:cc:f7:2b:d0:9f:7d:d9:2c:d0:39:fa:1c:7e: 78:b4:ee:59:0d:95:9c:de:6e:fd:35:e3:0e:31:df:95:d5:bc: 4c:3f:0a:c2:f6:26:3a:fa:59:d5:f5:5a:9a:16:41:95:a5:21: 3d:15:f8:77:af:d8:2c:77:8e:69:c7:bb:96:51:a0:90:62:d7: 82:47:5f:5b:5a:2a:e7:9a:b1:5e:d6:e5:66:80:00:91:2c:0a: 44:6f:f4:c0:cb:56:e7:a5:d7:13:de:65:1f:16:76:ef:eb:da: ca:f8:a5:16 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFrhebdVYMEHB8KNP+sY6S19IpjIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxOTAwNDA1NVoX DTI1MDUyNDIzNTk1OVowejFJMEcGA1UEBRNAY2M5YmZjYzM1NGEyOGEyNTY3MmQx MTNhZDlkNGViODhkNzgzZjNlYTBiMjI2YTNjN2IzYWFlODJmZTk4ODg5MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJu5gvLNTRjsjZp9pmnUALI2PDmN LBpLpzAiy5C+rNGb+zNVRtwRWYhqAyggqwadv8t3VpfIY93SUqFjXuMX+iHPrR6u rUSL1M/1QAuUpsacWedYwHgjKGuFsqd7oIRipL66ydxjPS5KB/OXkeYqDRRMwNH4 Yf7OQLcT04CLWL56ldzqmttbpmGJbpuLb9dNyIKf17BQHFGoEu3DJ4m2stiD09zR kTfK65HSLpzPk49JQX/ZkO9RCqnmisFNDFscHWNJ3slODil/LG2TvlMluYI1+5Ny F7xVAA7/CyIzDMzSa5jJHE4PH51xpbJQIOp3amiXxxdogBNl54MgofjVAwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDFfLhTKAXCILN+cK2LZ0m4XuhyNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RmZWIzOWFkLTI2NDQtNGYyYS1iMjNlLTE4ZjUxY2NkNDllMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYRDAMA0GCSqGSIb3DQEBCwUAA4IBAQAxM4tblWbJHDgm4vPD 7TFHK/eUln8z4W4iNvOGdcTvnQUii+f0LkTCgElpTlsTXTq6+nC+wVa+ntNFYSJc 8vnAPpt6y/qAynus8qT2HUexNp80uG9vqV4IsDuuaI45uTTf528Wd+V8RJF7zytT dBNzewHfWkAW+rGD/GNhviQnxBvPSGwLnmyxp9obhoIHW6sGo9ERUcz3K9Cffdks 0Dn6HH54tO5ZDZWc3m79NeMOMd+V1bxMPwrC9iY6+lnV9VqaFkGVpSE9Ffh3r9gs d45px7uWUaCQYteCR19bWirnmrFe1uVmgACRLApEb/TAy1bnpdcT3mUfFnbv69rK +KUW -----END CERTIFICATE-----Generated at Sat Apr 26 07:31:54 2025 by rpki-client