$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/036dddcb-4f0b-406f-9899-f83b4c0da917.roa File: 036dddcb-4f0b-406f-9899-f83b4c0da917.roa (raw, json) Hash identifier: wMnCy2LwTz7uPneUd24wKZwmGy5Tu+5qZzdT9FCOBSI= Subject key identifier: D6:FF:56:A2:A1:E6:7C:97:A8:AA:EC:17:48:A8:2A:80:D2:8C:A8:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3F2AE984844A8E67DF4A3542081723C7C6B45EE1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/036dddcb-4f0b-406f-9899-f83b4c0da917.roa Signing time: Mon 09 Jun 2025 15:20:19 +0000 ROA not before: Mon 09 Jun 2025 15:20:19 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:7080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:2a:e9:84:84:4a:8e:67:df:4a:35:42:08:17:23:c7:c6:b4:5e:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:20:19 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=7f7cc38743e6ca81812ba01106ddb31a8e32c5f530060021fc455cb691460456, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:c6:07:1f:69:df:bf:1d:43:91:bf:cd:5d:88: 13:a3:f1:8c:e2:32:a4:0a:e7:eb:1d:7a:fe:15:f2: ec:d2:0d:db:9a:4b:ec:5f:9f:82:e8:62:30:9d:b2: 60:1a:f7:4d:ff:6b:b6:de:8b:81:03:5c:4d:fd:4a: a8:57:5b:7a:6f:7f:cb:8b:d7:33:0f:e7:5f:08:2a: 92:d4:f9:9d:e1:7b:e6:35:af:bd:8c:16:ed:83:a1: f8:d9:c3:4b:d8:36:d8:9a:aa:e9:3e:61:a0:30:1f: 6f:f9:52:21:3f:9f:de:1b:7e:b6:31:f0:23:dc:eb: f3:d4:d1:89:bc:75:b3:1f:14:f8:06:d4:13:27:77: 69:29:ae:d6:45:9e:73:dd:55:1a:08:cf:82:0b:8c: 83:5f:4f:fb:74:05:45:e8:36:1d:f4:97:9f:79:8a: f7:c3:e2:67:a7:47:22:b5:49:c0:c0:f5:cd:a0:99: d4:58:af:8c:fe:f4:5a:7a:12:f4:d6:b7:78:e3:c7: 63:ff:59:90:21:76:f3:22:ad:39:77:9c:80:c8:65: 76:c2:e5:14:73:08:f8:c7:5a:0c:da:ea:1d:66:e0: 1b:b3:7b:22:bf:2a:86:94:f2:b5:3e:a9:06:4b:82: 49:4b:2e:44:ba:51:db:7a:84:0b:dd:e6:d8:4b:10: 8a:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:FF:56:A2:A1:E6:7C:97:A8:AA:EC:17:48:A8:2A:80:D2:8C:A8:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/036dddcb-4f0b-406f-9899-f83b4c0da917.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:7080::/48 Signature Algorithm: sha256WithRSAEncryption 43:ea:36:de:ee:95:e3:eb:b1:48:b2:15:b3:af:da:7e:82:0a: 1f:eb:35:41:0b:76:d7:a7:78:f9:2b:4b:7d:ff:c9:f9:1d:b2: 51:7b:93:b3:2a:97:fc:df:7d:4e:1c:9d:45:b0:02:de:32:fa: 3b:02:66:a8:39:94:4f:c6:b9:f2:57:31:25:66:b0:e6:2f:59: 86:00:4c:60:4a:ff:e6:c0:db:95:f5:9d:7f:ce:65:2c:50:a7: 27:dc:bd:9f:7b:f5:bf:e3:dd:3d:fa:34:73:5b:29:b5:60:2f: e3:d6:0e:62:34:b1:1a:0b:b5:b7:eb:35:2d:6e:96:ef:ed:60: 5d:d5:1a:58:8c:cd:c0:0f:45:e9:f9:81:1a:8b:4e:66:39:ec: b6:f1:1e:4d:b8:a9:ca:33:aa:a1:84:50:3c:50:3b:e0:07:37: 24:42:7a:ea:6e:3c:59:ce:f6:0c:a0:02:81:fe:71:d6:34:92: 8a:08:f6:cf:68:2b:5c:af:be:05:d7:4f:e9:11:e7:20:15:d1: ef:f7:70:2f:24:7d:a3:03:0a:a7:e8:f6:5d:6d:78:8c:a4:ed: 83:57:60:6a:18:7a:36:25:ef:f3:7d:d0:0f:9c:5d:9e:5d:4c: 1c:e8:c3:23:2c:51:b7:28:68:96:ca:98:f8:7c:21:24:46:5c: 24:a3:7c:5f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPyrphIRKjmffSjVCCBcjx8a0XuEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MjAxOVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAN2Y3Y2MzODc0M2U2Y2E4MTgxMmJh MDExMDZkZGIzMWE4ZTMyYzVmNTMwMDYwMDIxZmM0NTVjYjY5MTQ2MDQ1NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMYHH2nfvx1Dkb/NXYgTo/GM4jKk CufrHXr+FfLs0g3bmkvsX5+C6GIwnbJgGvdN/2u23ouBA1xN/UqoV1t6b3/Li9cz D+dfCCqS1Pmd4XvmNa+9jBbtg6H42cNL2DbYmqrpPmGgMB9v+VIhP5/eG362MfAj 3Ovz1NGJvHWzHxT4BtQTJ3dpKa7WRZ5z3VUaCM+CC4yDX0/7dAVF6DYd9JefeYr3 w+Jnp0citUnAwPXNoJnUWK+M/vRaehL01rd448dj/1mQIXbzIq05d5yAyGV2wuUU cwj4x1oM2uodZuAbs3sivyqGlPK1PqkGS4JJSy5EulHbeoQL3ebYSxCKvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNb/VqKh5nyXqKrsF0ioKoDSjKhNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAzNmRkZGNiLTRmMGItNDA2Zi05ODk5LWY4M2I0YzBkYTkxNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYXCAMA0GCSqGSIb3DQEBCwUAA4IBAQBD6jbe7pXj67FIshWz r9p+ggof6zVBC3bXp3j5K0t9/8n5HbJRe5OzKpf8331OHJ1FsALeMvo7AmaoOZRP xrnyVzElZrDmL1mGAExgSv/mwNuV9Z1/zmUsUKcn3L2fe/W/4909+jRzWym1YC/j 1g5iNLEaC7W36zUtbpbv7WBd1RpYjM3AD0Xp+YEai05mOey28R5NuKnKM6qhhFA8 UDvgBzckQnrqbjxZzvYMoAKB/nHWNJKKCPbPaCtcr74F10/pEecgFdHv93AvJH2j Awqn6PZdbXiMpO2DV2BqGHo2Je/zfdAPnF2eXUwc6MMjLFG3KGiWypj4fCEkRlwk o3xf -----END CERTIFICATE-----Generated at Sat Jun 14 06:09:38 2025 by rpki-client