$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0ab9cffb-50eb-4196-a4b2-e63a4da14c5c.roa File: 0ab9cffb-50eb-4196-a4b2-e63a4da14c5c.roa (raw, json) Hash identifier: KiySwOSG6XUFypvDFopE38zM0qliZ6MxGeUuz8caNQM= Subject key identifier: 6B:82:FE:51:14:0E:EC:EB:E0:72:56:11:6A:09:28:53:83:38:EF:6D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 05A313B9EBC17CAE87034CB08B558D15C43A1F93 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0ab9cffb-50eb-4196-a4b2-e63a4da14c5c.roa Signing time: Wed 04 Jun 2025 00:01:13 +0000 ROA not before: Wed 04 Jun 2025 00:01:13 +0000 ROA not after: Wed 09 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:a3:13:b9:eb:c1:7c:ae:87:03:4c:b0:8b:55:8d:15:c4:3a:1f:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 4 00:01:13 2025 GMT Not After : Jul 9 23:59:59 2025 GMT Subject: serialNumber=1c505f5f48b460d49f09861f00b1d79935501be8f5da13fb4273c480ab3f47de, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:fb:1e:a9:9c:c9:22:45:32:16:4b:c5:84:c6: 92:fa:6a:39:92:d3:3f:46:96:56:8d:a1:7c:15:76: a7:ed:90:68:24:d1:40:35:0e:2d:10:aa:07:66:ce: d2:5c:66:43:c8:a3:10:9c:3e:b7:5c:cc:1d:a2:a8: 33:04:fc:29:5f:e1:49:32:cc:7d:a4:83:33:ce:6d: f1:33:c2:4b:dd:cd:e1:40:36:ac:f6:7b:43:97:74: ae:78:4c:83:d9:a2:84:7b:ca:d4:ea:9b:d4:a4:49: c0:88:e9:dc:7d:18:7d:5e:9b:1b:35:d8:a3:39:89: ab:3b:10:2c:3d:40:a9:b8:f4:3f:e2:24:81:37:9f: 32:8e:54:20:cd:34:77:55:d0:b4:5d:38:fb:f3:ce: 10:1f:27:b1:23:ce:a4:ff:58:49:90:6c:50:36:5d: 00:67:1e:fa:c1:2c:ae:45:20:d8:a7:5c:4d:c8:bd: 6f:09:85:eb:1c:7e:eb:a2:0f:22:d1:2b:ee:d2:a5: 99:88:83:5e:11:8f:bb:20:b2:35:63:0f:c4:54:5c: f6:97:b7:25:e9:25:76:bd:33:d6:97:e8:87:d6:05: 32:8a:95:26:5e:d8:92:8d:22:21:31:c2:39:20:42: 1f:ff:28:44:2d:97:98:dd:c8:62:10:a8:e7:f8:5e: 71:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:82:FE:51:14:0E:EC:EB:E0:72:56:11:6A:09:28:53:83:38:EF:6D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0ab9cffb-50eb-4196-a4b2-e63a4da14c5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:1000::/48 Signature Algorithm: sha256WithRSAEncryption 51:cb:0c:52:8e:91:db:a0:f3:d3:b6:00:85:36:b2:a4:0d:4e: 17:d8:80:5a:8b:2f:a2:5a:20:d6:17:60:ba:9b:24:71:ad:6e: f5:48:5f:10:f7:9d:78:e7:67:d7:5b:87:27:27:0e:bd:67:8e: 31:08:1a:2b:89:09:9d:0e:22:60:ad:4a:82:2d:79:f0:74:ff: 0e:f9:1e:29:6a:cb:d6:27:10:5e:2b:bb:ff:a2:f9:b7:82:85: 62:c3:ea:f2:10:3f:29:3b:11:1a:e9:ba:73:b5:3c:0a:6e:c2: 48:59:00:3c:4b:b8:08:26:54:55:50:71:03:2f:fc:c0:bb:43: cb:10:66:cf:2a:0a:a4:8b:5b:af:06:88:31:28:39:d6:b2:1f: ee:ac:9d:4e:8e:78:36:cc:fc:43:1c:7f:b4:3c:9b:b6:46:b5: 87:63:d0:e4:f0:56:b9:2e:68:8b:d5:95:24:97:ea:ec:0d:1b: ac:2d:aa:38:46:7f:42:4a:1d:b4:d5:94:58:46:89:33:1d:84: 47:9e:b2:ef:bf:f8:18:c3:7a:5b:81:6f:82:99:1e:ce:40:05: ad:e8:d5:f6:50:c9:5c:a8:01:29:9d:50:c6:6d:bd:67:13:2f: 77:d9:c7:07:36:46:51:ce:ea:01:f3:a0:60:c3:ea:92:26:1b: 66:c9:82:47 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBaMTuevBfK6HA0ywi1WNFcQ6H5MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNDAwMDExM1oX DTI1MDcwOTIzNTk1OVowejFJMEcGA1UEBRNAMWM1MDVmNWY0OGI0NjBkNDlmMDk4 NjFmMDBiMWQ3OTkzNTUwMWJlOGY1ZGExM2ZiNDI3M2M0ODBhYjNmNDdkZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPseqZzJIkUyFkvFhMaS+mo5ktM/ RpZWjaF8FXan7ZBoJNFANQ4tEKoHZs7SXGZDyKMQnD63XMwdoqgzBPwpX+FJMsx9 pIMzzm3xM8JL3c3hQDas9ntDl3SueEyD2aKEe8rU6pvUpEnAiOncfRh9XpsbNdij OYmrOxAsPUCpuPQ/4iSBN58yjlQgzTR3VdC0XTj7884QHyexI86k/1hJkGxQNl0A Zx76wSyuRSDYp1xNyL1vCYXrHH7rog8i0Svu0qWZiINeEY+7ILI1Yw/EVFz2l7cl 6SV2vTPWl+iH1gUyipUmXtiSjSIhMcI5IEIf/yhELZeY3chiEKjn+F5xeQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGuC/lEUDuzr4HJWEWoJKFODOO9tMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBhYjljZmZiLTUwZWItNDE5Ni1hNGIyLWU2M2E0ZGExNGM1Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9hAAMA0GCSqGSIb3DQEBCwUAA4IBAQBRywxSjpHboPPTtgCF NrKkDU4X2IBaiy+iWiDWF2C6myRxrW71SF8Q951452fXW4cnJw69Z44xCBoriQmd DiJgrUqCLXnwdP8O+R4pasvWJxBeK7v/ovm3goViw+ryED8pOxEa6bpztTwKbsJI WQA8S7gIJlRVUHEDL/zAu0PLEGbPKgqki1uvBogxKDnWsh/urJ1Ojng2zPxDHH+0 PJu2RrWHY9Dk8Fa5LmiL1ZUkl+rsDRusLao4Rn9CSh201ZRYRokzHYRHnrLvv/gY w3pbgW+CmR7OQAWt6NX2UMlcqAEpnVDGbb1nEy932ccHNkZRzuoB86Bgw+qSJhtm yYJH -----END CERTIFICATE-----Generated at Sat Jun 14 05:59:04 2025 by rpki-client