$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0439f997-2ab0-400d-bf76-71ab1d11d20b.roa File: 0439f997-2ab0-400d-bf76-71ab1d11d20b.roa (raw, json) Hash identifier: uw/bMXgAJarzKCQk04/MBk7UCH+ppJKj1GDdBaixSsA= Subject key identifier: E3:E3:71:DD:88:76:D9:E0:4E:4E:DB:64:8C:A0:22:EC:D7:9E:80:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1DB9F2B7C08997DF6163B27EB07665AF37F05FA6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0439f997-2ab0-400d-bf76-71ab1d11d20b.roa Signing time: Tue 10 Jun 2025 00:40:17 +0000 ROA not before: Tue 10 Jun 2025 00:40:17 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:6040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:b9:f2:b7:c0:89:97:df:61:63:b2:7e:b0:76:65:af:37:f0:5f:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:40:17 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=a406a7de4bd99ad04537f5b5569202b99d6b3a3bd7c09320affc6375a6077768, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:53:4f:7b:c3:e1:9f:77:f8:81:45:61:b6:71: 68:92:17:01:0c:bb:9f:a8:6c:5b:6c:87:09:b0:f8: 25:49:18:cf:96:88:35:c6:b5:60:58:99:40:c0:b3: b9:2b:e1:6d:4c:06:cc:91:a2:ee:53:c4:86:fc:75: e7:62:8c:35:53:06:a3:03:b0:65:b2:8b:cc:3e:1a: f1:a0:27:ff:0f:e9:78:73:d3:73:7e:72:f9:cc:50: 87:27:69:7d:ab:a0:51:2e:ff:f0:50:3e:1a:f0:d2: 20:77:3b:54:97:70:45:59:11:79:e4:ab:91:53:bd: bb:12:c1:c4:f6:4e:5c:d6:5b:90:d6:61:0d:12:42: 48:18:13:95:07:81:f2:c1:77:f5:42:36:7a:e8:0d: ed:3c:54:d2:66:94:3b:3e:74:ac:ab:c5:ed:18:51: d0:75:fa:5c:f4:71:ce:9e:d9:de:90:8d:97:89:e1: 38:79:aa:9a:92:20:ea:c6:66:91:a6:0e:0e:ce:2a: ae:8b:09:a0:89:19:66:a9:57:f7:48:a6:89:04:48: 35:ab:52:e3:2e:bf:5f:11:f6:b9:5a:f4:dd:34:7f: 74:28:31:27:75:24:06:0b:fd:7a:e1:8e:8b:96:6e: 92:1b:2e:f6:1f:10:1a:8e:33:ec:0a:21:a9:c6:aa: 4e:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:E3:71:DD:88:76:D9:E0:4E:4E:DB:64:8C:A0:22:EC:D7:9E:80:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0439f997-2ab0-400d-bf76-71ab1d11d20b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:6040::/46 Signature Algorithm: sha256WithRSAEncryption 17:1f:b1:64:62:52:f7:a2:3e:cb:62:fb:c6:6a:cc:19:fa:8f: 7c:7a:b8:18:80:5b:85:f4:d4:b6:7d:d6:41:42:65:a1:7d:83: 0e:f4:24:86:ee:64:71:37:bd:89:bf:4f:e2:b2:b3:bb:2f:ab: fb:1c:d3:35:e0:58:ea:80:7e:d9:c0:22:22:6e:70:e8:2e:eb: 78:a2:c0:b8:48:fc:32:72:92:b7:9a:4d:1b:4a:c8:f1:fe:0b: 4c:f6:d2:3d:89:1b:93:df:51:40:83:7f:3a:e0:bd:e7:8f:e1: 56:7c:d9:80:be:2b:c2:b7:5f:44:a6:46:56:1d:1a:67:a6:14: f9:1e:52:89:b7:ec:8a:8b:ff:ca:1d:40:43:0a:cc:64:01:e9: ba:b3:17:57:49:c0:e2:b7:0a:df:04:67:d9:7b:09:69:dc:f2: 75:ae:08:d8:a4:c1:b3:f1:f8:d0:da:08:ea:e2:5c:45:67:9a: d4:d4:28:a1:3b:28:29:29:7c:97:a4:5d:aa:41:a8:e3:f5:b0: da:e5:a8:82:80:37:60:e8:1c:4a:31:87:3f:bb:e2:fc:38:86: 7c:96:51:c5:49:94:7c:96:93:71:c5:42:da:b9:fd:e6:43:0c: d0:96:27:49:f4:41:71:71:c9:de:74:e5:d9:48:96:bf:f4:8d: 27:c9:9c:86 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHbnyt8CJl99hY7J+sHZlrzfwX6YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwNDAxN1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAYTQwNmE3ZGU0YmQ5OWFkMDQ1Mzdm NWI1NTY5MjAyYjk5ZDZiM2EzYmQ3YzA5MzIwYWZmYzYzNzVhNjA3Nzc2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlNPe8Phn3f4gUVhtnFokhcBDLuf qGxbbIcJsPglSRjPlog1xrVgWJlAwLO5K+FtTAbMkaLuU8SG/HXnYow1UwajA7Bl sovMPhrxoCf/D+l4c9NzfnL5zFCHJ2l9q6BRLv/wUD4a8NIgdztUl3BFWRF55KuR U727EsHE9k5c1luQ1mENEkJIGBOVB4HywXf1QjZ66A3tPFTSZpQ7PnSsq8XtGFHQ dfpc9HHOntnekI2XieE4eaqakiDqxmaRpg4OziquiwmgiRlmqVf3SKaJBEg1q1Lj Lr9fEfa5WvTdNH90KDEndSQGC/164Y6Llm6SGy72HxAajjPsCiGpxqpORQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOPjcd2IdtngTk7bZIygIuzXnoARMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA0MzlmOTk3LTJhYjAtNDAwZC1iZjc2LTcxYWIxZDExZDIwYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba92BAMA0GCSqGSIb3DQEBCwUAA4IBAQAXH7FkYlL3oj7LYvvG aswZ+o98ergYgFuF9NS2fdZBQmWhfYMO9CSG7mRxN72Jv0/isrO7L6v7HNM14Fjq gH7ZwCIibnDoLut4osC4SPwycpK3mk0bSsjx/gtM9tI9iRuT31FAg3864L3nj+FW fNmAvivCt19EpkZWHRpnphT5HlKJt+yKi//KHUBDCsxkAem6sxdXScDitwrfBGfZ ewlp3PJ1rgjYpMGz8fjQ2gjq4lxFZ5rU1CihOygpKXyXpF2qQajj9bDa5aiCgDdg 6BxKMYc/u+L8OIZ8llHFSZR8lpNxxULauf3mQwzQlidJ9EFxccnedOXZSJa/9I0n yZyG -----END CERTIFICATE-----Generated at Sat Jun 14 06:15:06 2025 by rpki-client