$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cfb406-d628-472a-94e3-493598a051d0.roa File: 07cfb406-d628-472a-94e3-493598a051d0.roa (raw, json) Hash identifier: 6rPoyoU0tFCuqh12dP8hInLGva6g85IbVGD5aKHGW/w= Subject key identifier: B6:EB:61:93:9E:E1:D0:C8:C3:CC:AE:D5:3B:41:DE:8D:00:3D:51:34 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 277904631D18DDA79229082F4BD90C94307DAEF5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cfb406-d628-472a-94e3-493598a051d0.roa Signing time: Mon 09 Jun 2025 15:20:05 +0000 ROA not before: Mon 09 Jun 2025 15:20:05 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:2040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:79:04:63:1d:18:dd:a7:92:29:08:2f:4b:d9:0c:94:30:7d:ae:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:20:05 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=873df9bb6359399d856f4d0ef943aa18379fd3fe923ceb954936a00bfd3705c6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:26:bd:f9:18:b0:58:c7:40:8a:94:3d:bc:ce: 24:14:1e:0e:c0:52:b0:58:95:61:66:5d:3b:55:d3: 36:7a:3b:48:75:99:8f:bf:99:08:63:e8:99:39:28: f2:be:5f:53:5c:4e:9a:de:ff:24:f0:63:c0:9a:50: 40:9b:cc:77:12:b7:6e:ec:d8:99:b6:53:95:83:34: 72:d0:b3:b8:1d:2d:c3:d5:e2:f4:7d:68:6c:4f:91: cf:f1:d1:9c:8c:39:bc:fa:a8:d4:42:e4:15:4e:44: c0:49:d7:e9:c6:90:7e:6c:3e:46:f8:83:9c:0e:02: e2:f9:83:34:62:cf:d3:c0:73:5d:d6:75:b7:52:3c: 0c:b8:d0:0d:e6:65:fc:24:d2:c4:8b:fe:18:9c:39: 12:3a:88:2a:7d:b7:82:4f:0a:5c:24:91:45:10:91: 82:af:82:1c:3a:5c:5d:56:b7:3d:08:33:04:21:f3: b5:23:9f:1e:1b:9d:b9:70:b2:55:b2:7a:2d:21:86: 1f:53:db:eb:c7:f6:5f:b6:4a:3a:fb:68:a8:ff:cd: ac:da:aa:9f:98:6d:61:d6:e7:05:c8:4d:76:b4:44: b6:40:ed:9e:92:f7:6f:61:e0:ff:11:dc:e0:ef:aa: a2:ba:8b:c5:7d:89:63:e8:8f:60:1c:d2:46:32:f6: 88:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:EB:61:93:9E:E1:D0:C8:C3:CC:AE:D5:3B:41:DE:8D:00:3D:51:34 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cfb406-d628-472a-94e3-493598a051d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:2040::/48 Signature Algorithm: sha256WithRSAEncryption 0f:ef:37:10:9a:a9:33:a0:a0:ec:7e:37:46:50:c0:98:d3:58: 49:80:ad:f3:e5:62:ec:d9:4d:29:82:8d:04:e7:e3:8b:9d:a6: 97:75:b5:e4:49:7a:b9:f5:08:05:68:5b:88:6d:c7:11:05:03: 8f:6c:0a:d4:0d:81:0e:61:8d:92:06:d5:57:0b:03:14:97:30: 50:03:5d:23:b4:27:91:3d:41:be:19:9f:39:a4:dd:dc:8f:ee: 19:64:c9:d2:64:09:80:72:d3:f5:82:72:da:72:1d:93:28:6f: 5e:0c:70:4c:b2:77:79:2f:b5:ff:5d:f2:7f:f4:b1:b4:ff:b0: 6d:75:23:07:7c:35:44:ca:04:77:73:e4:23:54:be:0e:e4:6b: b0:39:7f:66:3b:a6:80:e7:aa:8e:e2:f9:62:25:ed:29:b9:e9: 26:07:2c:92:61:32:35:39:a0:cc:17:26:d8:3d:b5:a5:7f:ec: 02:c1:6e:71:10:23:9e:ce:c3:37:54:fa:b3:94:c6:dd:0c:8b: 31:f8:81:d1:e5:01:12:e9:1b:db:7d:9d:ca:04:79:be:79:85: ce:6b:e4:68:fb:2e:b4:89:ea:a1:1a:8e:c0:d8:3a:b8:2a:f6: a4:97:d3:69:d1:75:73:c1:7c:87:09:2a:6c:33:8b:dd:c5:7c: 76:8e:2c:c2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJ3kEYx0Y3aeSKQgvS9kMlDB9rvUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MjAwNVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAODczZGY5YmI2MzU5Mzk5ZDg1NmY0 ZDBlZjk0M2FhMTgzNzlmZDNmZTkyM2NlYjk1NDkzNmEwMGJmZDM3MDVjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmia9+RiwWMdAipQ9vM4kFB4OwFKw WJVhZl07VdM2ejtIdZmPv5kIY+iZOSjyvl9TXE6a3v8k8GPAmlBAm8x3Erdu7NiZ tlOVgzRy0LO4HS3D1eL0fWhsT5HP8dGcjDm8+qjUQuQVTkTASdfpxpB+bD5G+IOc DgLi+YM0Ys/TwHNd1nW3UjwMuNAN5mX8JNLEi/4YnDkSOogqfbeCTwpcJJFFEJGC r4IcOlxdVrc9CDMEIfO1I58eG525cLJVsnotIYYfU9vrx/Zftko6+2io/82s2qqf mG1h1ucFyE12tES2QO2ekvdvYeD/Edzg76qiuovFfYlj6I9gHNJGMvaI4QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLbrYZOe4dDIw8yu1TtB3o0APVE0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA3Y2ZiNDA2LWQ2MjgtNDcyYS05NGUzLTQ5MzU5OGEwNTFkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaACBAMA0GCSqGSIb3DQEBCwUAA4IBAQAP7zcQmqkzoKDsfjdG UMCY01hJgK3z5WLs2U0pgo0E5+OLnaaXdbXkSXq59QgFaFuIbccRBQOPbArUDYEO YY2SBtVXCwMUlzBQA10jtCeRPUG+GZ85pN3cj+4ZZMnSZAmActP1gnLach2TKG9e DHBMsnd5L7X/XfJ/9LG0/7BtdSMHfDVEygR3c+QjVL4O5GuwOX9mO6aA56qO4vli Je0puekmByySYTI1OaDMFybYPbWlf+wCwW5xECOezsM3VPqzlMbdDIsx+IHR5QES 6RvbfZ3KBHm+eYXOa+Ro+y60ieqhGo7A2Dq4Kvakl9Np0XVzwXyHCSpsM4vdxXx2 jizC -----END CERTIFICATE-----Generated at Sat Jun 14 06:14:08 2025 by rpki-client