$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0a8c2302-d303-43ad-9cc6-28d515a9b892.roa File: 0a8c2302-d303-43ad-9cc6-28d515a9b892.roa (raw, json) Hash identifier: Tk8bhBAAgAqInT3kpmxpRVZWpOgjjV3u9Glt1kqifbY= Subject key identifier: C7:A4:9C:94:26:08:33:0A:63:29:37:1C:5F:DD:48:5E:33:95:FA:54 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 65186333CFEEBCC13E89A1D97E7DD932EFA22971 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0a8c2302-d303-43ad-9cc6-28d515a9b892.roa Signing time: Tue 10 Jun 2025 15:02:12 +0000 ROA not before: Tue 10 Jun 2025 15:02:12 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:18:63:33:cf:ee:bc:c1:3e:89:a1:d9:7e:7d:d9:32:ef:a2:29:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:02:12 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=4a5f5d87bee40ca3a5b53ddf13fc6bd575cbbad3b15760456a6059c911200f4b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c5:f8:aa:de:23:66:08:1d:cb:16:5e:ff:f9: 19:94:9d:e8:da:32:76:f5:cb:9a:27:d7:ee:9d:44: 3c:54:83:b3:fb:76:b9:9c:3c:9f:8d:69:86:da:b9: a9:78:cc:2d:08:24:e2:84:87:66:d6:be:42:2d:b5: 4c:cf:b7:f2:cd:45:65:59:38:c4:82:fe:ed:a7:64: 6e:ab:47:91:2f:8a:a7:38:31:f2:08:71:23:e5:b9: 93:e3:ac:c1:ba:00:fe:30:f5:20:5b:82:39:7a:3c: d0:68:cd:fa:6c:bd:96:e6:fe:42:13:e4:c8:71:36: a9:c3:42:9a:8f:df:f8:6d:ef:42:f5:3b:e8:cf:50: 61:59:32:ed:9d:b3:a4:df:ff:30:37:ee:87:0b:48: 0f:5a:cb:44:e6:ff:ab:66:81:ba:26:ce:52:5c:5b: 3a:7e:70:e2:e0:09:5c:20:96:ac:7f:64:37:8e:34: b9:f8:46:cc:26:ef:64:93:b6:ea:8c:fd:da:0f:ae: 59:d8:99:a7:5e:1c:aa:ee:74:a0:a8:a9:f2:13:55: ca:56:6a:d0:fa:8e:5a:cf:b7:fd:2a:92:2e:5a:9b: 41:6a:c2:50:39:8c:02:46:65:be:a4:c8:d3:69:1e: 48:e3:49:37:2d:cd:24:93:70:57:bd:7f:a9:b2:2a: ac:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:A4:9C:94:26:08:33:0A:63:29:37:1C:5F:DD:48:5E:33:95:FA:54 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0a8c2302-d303-43ad-9cc6-28d515a9b892.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:f000::/40 Signature Algorithm: sha256WithRSAEncryption 6c:db:8d:43:8a:0a:8d:65:c7:7c:b6:e0:e5:3f:a3:21:d8:5a: 7e:3c:6e:c8:44:f5:1b:e4:87:f1:44:58:e4:cc:a0:3a:34:77: b8:ad:9c:62:3e:05:39:6e:15:af:67:ae:db:31:59:c8:8d:7b: 29:1d:06:b1:5a:77:4c:61:ed:8b:2c:65:29:7d:99:12:c7:ff: 17:5b:93:c2:21:94:70:c8:b9:b3:fc:6b:8a:3a:bc:c9:fe:62: 4c:c0:bc:ac:54:04:6b:bf:c4:86:db:62:31:62:9e:af:35:05: 72:bf:2a:c8:24:4b:e0:33:c1:db:4d:28:2b:37:93:b3:d5:f8: ca:59:ee:44:5d:4c:7d:46:bf:48:3e:ca:9a:32:83:35:49:c3: f4:38:86:cf:f2:92:78:51:43:60:f0:3f:e9:97:16:10:5a:ac: d6:3e:7e:56:58:38:99:4a:d3:48:07:28:be:0f:92:7f:45:a2: 96:10:51:bf:05:0d:78:d3:84:70:81:59:74:91:5e:98:36:e1: d3:fe:c3:e3:27:9c:31:a4:48:5d:ed:c1:d6:ee:b7:3c:bc:41: c3:7d:c1:56:a3:a7:56:5b:ee:31:0a:80:62:17:cb:d8:03:50: ea:3f:39:2e:11:21:58:a8:a9:f4:5d:49:cd:a7:ef:8d:3f:17: 56:26:34:e3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZRhjM8/uvME+iaHZfn3ZMu+iKXEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MDIxMloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANGE1ZjVkODdiZWU0MGNhM2E1YjUz ZGRmMTNmYzZiZDU3NWNiYmFkM2IxNTc2MDQ1NmE2MDU5YzkxMTIwMGY0YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MX4qt4jZggdyxZe//kZlJ3o2jJ2 9cuaJ9funUQ8VIOz+3a5nDyfjWmG2rmpeMwtCCTihIdm1r5CLbVMz7fyzUVlWTjE gv7tp2Ruq0eRL4qnODHyCHEj5bmT46zBugD+MPUgW4I5ejzQaM36bL2W5v5CE+TI cTapw0Kaj9/4be9C9Tvoz1BhWTLtnbOk3/8wN+6HC0gPWstE5v+rZoG6Js5SXFs6 fnDi4AlcIJasf2Q3jjS5+EbMJu9kk7bqjP3aD65Z2JmnXhyq7nSgqKnyE1XKVmrQ +o5az7f9KpIuWptBasJQOYwCRmW+pMjTaR5I40k3Lc0kk3BXvX+psiqs5wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMeknJQmCDMKYyk3HF/dSF4zlfpUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBhOGMyMzAyLWQzMDMtNDNhZC05Y2M2LTI4ZDUxNWE5Yjg5Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/vAwDQYJKoZIhvcNAQELBQADggEBAGzbjUOKCo1lx3y24OU/ oyHYWn48bshE9Rvkh/FEWOTMoDo0d7itnGI+BTluFa9nrtsxWciNeykdBrFad0xh 7YssZSl9mRLH/xdbk8IhlHDIubP8a4o6vMn+YkzAvKxUBGu/xIbbYjFinq81BXK/ KsgkS+AzwdtNKCs3k7PV+MpZ7kRdTH1Gv0g+ypoygzVJw/Q4hs/yknhRQ2DwP+mX FhBarNY+flZYOJlK00gHKL4Pkn9FopYQUb8FDXjThHCBWXSRXpg24dP+w+MnnDGk SF3twdbutzy8QcN9wVajp1Zb7jEKgGIXy9gDUOo/OS4RIVioqfRdSc2n740/F1Ym NOM= -----END CERTIFICATE-----Generated at Sat Jun 14 06:34:19 2025 by rpki-client