$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0af814db-c2b2-4898-91a6-126fc85c2a16.roa File: 0af814db-c2b2-4898-91a6-126fc85c2a16.roa (raw, json) Hash identifier: nlzkil6Yqw3YNBK4ilL6VAQX4XPRzVzGwWE9CKK/Ahg= Subject key identifier: 60:F0:08:E6:B6:90:43:DC:5F:C2:42:DF:5E:09:1C:3F:50:AD:39:2E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7AD2B883918C8F554451EC9B03644C86317A8E0F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0af814db-c2b2-4898-91a6-126fc85c2a16.roa Signing time: Tue 10 Jun 2025 00:30:50 +0000 ROA not before: Tue 10 Jun 2025 00:30:50 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:d2:b8:83:91:8c:8f:55:44:51:ec:9b:03:64:4c:86:31:7a:8e:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:30:50 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=53871657bedd3aa9e8c275e7b607ac168e5f6c8a242757153bce2c69b91ec5ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:b8:07:ed:ed:d1:e4:cf:9f:ba:de:60:51:8f: 34:be:fb:21:c9:bc:8f:5b:5c:d5:10:e2:72:bd:39: 19:48:f0:9c:d3:83:fa:41:18:c8:e6:73:cd:1f:9b: 54:cf:f7:4e:cc:ff:9d:7d:a2:be:58:d9:e3:52:1c: c9:fa:1e:7d:b3:cb:9d:99:44:d9:a0:f8:e6:20:00: 15:45:51:f3:bb:b2:2b:97:9c:51:4e:2b:37:8f:87: 46:89:4e:d0:81:ce:43:fa:b2:1f:97:1c:4b:4c:cf: d3:28:fa:59:54:55:e0:ba:18:9a:5d:37:14:eb:d0: 75:0b:f2:02:76:bd:4f:f6:99:60:bb:b7:df:33:88: 9f:b1:81:b5:2c:72:ff:ea:16:a7:c5:ab:a6:5c:3a: 2d:b0:af:d0:0e:27:7a:60:57:f5:4f:b8:8b:b1:67: 71:b3:09:eb:8f:c7:02:7a:65:5c:25:5b:fd:41:2f: 91:da:c4:3a:b9:84:9a:fc:05:63:82:21:d3:8a:ab: 05:7a:f7:12:d9:ef:77:2b:3b:f4:e0:6d:a1:69:d6: 4c:4a:40:71:60:aa:75:f5:af:86:26:bd:6b:ad:67: 77:fc:e3:2c:d0:69:bd:7b:a5:a3:99:8a:d0:3e:69: 11:db:96:02:c1:08:5a:f9:e0:8f:d9:1a:ef:e3:bd: 2d:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:F0:08:E6:B6:90:43:DC:5F:C2:42:DF:5E:09:1C:3F:50:AD:39:2E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0af814db-c2b2-4898-91a6-126fc85c2a16.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:20c0::/48 Signature Algorithm: sha256WithRSAEncryption c6:cf:b3:f8:8e:79:99:cf:51:84:ee:c9:45:cd:b8:dc:3a:25: 66:a3:bd:fe:d0:6c:bb:c3:8e:ed:f9:ad:3d:84:de:f1:74:79: f0:fe:b4:e3:7b:fe:fb:a7:31:1a:19:41:5b:31:88:35:2f:c5: 6d:0f:11:50:a2:f2:21:0e:6d:4c:f3:96:2d:62:65:68:50:cc: 64:7e:99:d0:71:5b:e3:ba:3b:f4:22:a7:42:07:9e:97:45:47: 32:ab:86:7a:65:a2:f9:f2:0e:0e:8c:50:c2:08:1e:4c:a8:f3: ff:ca:09:57:7f:41:a6:ba:b4:a0:c5:cd:e8:9c:93:e8:2c:04: fe:b6:52:31:49:02:66:72:f4:39:84:f7:2a:7f:0c:00:43:eb: eb:61:13:7e:cc:7b:de:6e:40:1e:d5:a4:47:63:24:14:52:2e: cd:b0:67:c7:2c:2f:98:eb:82:80:fa:5c:c4:ff:58:64:1a:6f: 3a:0c:5d:ae:04:6b:65:2b:f6:f0:6d:54:20:e8:3f:b4:16:07: 73:69:f8:62:57:92:47:f4:3e:71:18:3a:98:af:72:e5:8a:b6: 12:85:53:b7:34:a9:bb:71:da:a1:7c:75:d7:78:6b:e2:ef:04: 00:bf:37:70:d8:c0:e0:4d:a1:7b:e4:73:5e:b3:12:c4:d9:59: de:67:54:05 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUetK4g5GMj1VEUeybA2RMhjF6jg8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMzA1MFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANTM4NzE2NTdiZWRkM2FhOWU4YzI3 NWU3YjYwN2FjMTY4ZTVmNmM4YTI0Mjc1NzE1M2JjZTJjNjliOTFlYzVhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67gH7e3R5M+fut5gUY80vvshybyP W1zVEOJyvTkZSPCc04P6QRjI5nPNH5tUz/dOzP+dfaK+WNnjUhzJ+h59s8udmUTZ oPjmIAAVRVHzu7Irl5xRTis3j4dGiU7Qgc5D+rIflxxLTM/TKPpZVFXguhiaXTcU 69B1C/ICdr1P9plgu7ffM4ifsYG1LHL/6hanxaumXDotsK/QDid6YFf1T7iLsWdx swnrj8cCemVcJVv9QS+R2sQ6uYSa/AVjgiHTiqsFevcS2e93Kzv04G2hadZMSkBx YKp19a+GJr1rrWd3/OMs0Gm9e6WjmYrQPmkR25YCwQha+eCP2Rrv470tHwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGDwCOa2kEPcX8JC314JHD9QrTkuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBhZjgxNGRiLWMyYjItNDg5OC05MWE2LTEyNmZjODVjMmExNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaACDAMA0GCSqGSIb3DQEBCwUAA4IBAQDGz7P4jnmZz1GE7slF zbjcOiVmo73+0Gy7w47t+a09hN7xdHnw/rTje/77pzEaGUFbMYg1L8VtDxFQovIh Dm1M85YtYmVoUMxkfpnQcVvjujv0IqdCB56XRUcyq4Z6ZaL58g4OjFDCCB5MqPP/ yglXf0GmurSgxc3onJPoLAT+tlIxSQJmcvQ5hPcqfwwAQ+vrYRN+zHvebkAe1aRH YyQUUi7NsGfHLC+Y64KA+lzE/1hkGm86DF2uBGtlK/bwbVQg6D+0FgdzafhiV5JH 9D5xGDqYr3LlirYShVO3NKm7cdqhfHXXeGvi7wQAvzdw2MDgTaF75HNesxLE2Vne Z1QF -----END CERTIFICATE-----Generated at Sat Jun 14 06:00:58 2025 by rpki-client