$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f73380f-754f-44ae-afb9-d5a558467bca.roa File: 0f73380f-754f-44ae-afb9-d5a558467bca.roa (raw, json) Hash identifier: t2Ml1c0/aK43tPTe+Mab9LCoBTaK9GKBknv0Xr8kEyg= Subject key identifier: 1C:91:56:EC:97:AD:63:C7:30:A1:07:14:49:0C:1A:2B:35:7A:7E:4F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0E871AF4DC52057412DB513B3A8E05AA0316EB78 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f73380f-754f-44ae-afb9-d5a558467bca.roa Signing time: Fri 06 Jun 2025 00:00:57 +0000 ROA not before: Fri 06 Jun 2025 00:00:57 +0000 ROA not after: Fri 11 Jul 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daf4:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 00:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:87:1a:f4:dc:52:05:74:12:db:51:3b:3a:8e:05:aa:03:16:eb:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 6 00:00:57 2025 GMT Not After : Jul 11 23:59:59 2025 GMT Subject: serialNumber=e1a07615a8bb48dec82412519b18324d5346c8d4b3b3db8a9b4b300e88954d60, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:08:14:bf:c3:15:7b:80:8e:4a:ac:90:64:91: 64:be:fc:16:4a:d0:e6:ed:90:19:82:5e:f7:72:c8: 5d:bc:96:6c:e1:d2:f4:a5:d2:fe:46:46:34:c1:56: 2e:50:a9:0f:3d:23:a6:51:58:08:93:f6:4c:67:7a: d1:ab:37:91:6a:c8:a6:2d:15:d5:42:03:9f:08:a5: 0a:11:c9:2d:23:fe:54:3a:7e:09:a3:b3:ad:e4:67: 9f:45:21:0b:0a:e3:e1:52:66:05:e9:92:f3:d0:49: 9b:10:8d:54:12:d9:7c:db:b6:c8:f6:fd:02:5c:41: c5:2c:f9:1b:43:f2:d7:53:b0:91:3f:e9:07:f2:c8: 20:02:92:5d:b0:2f:c2:f9:31:1f:88:10:7f:2b:e4: 11:90:e7:c7:32:64:34:e1:c1:49:59:7e:df:0f:a7: 2d:b1:0d:3d:e0:d0:51:3b:46:e3:0c:80:2e:c5:57: f8:e9:ef:fa:fd:45:e2:2f:59:a2:4a:1c:af:e0:1b: b7:35:d3:8e:44:6a:44:74:47:7c:54:fc:de:ba:97: 27:33:75:f6:d8:8d:ac:42:aa:d5:37:27:9c:a2:6d: 8d:75:58:9b:76:27:88:ca:9c:32:7e:25:2d:bc:a8: fb:97:ac:47:a5:a8:9b:73:28:df:48:b0:f9:a7:a3: 1d:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:91:56:EC:97:AD:63:C7:30:A1:07:14:49:0C:1A:2B:35:7A:7E:4F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f73380f-754f-44ae-afb9-d5a558467bca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:1000::/40 Signature Algorithm: sha256WithRSAEncryption 85:82:05:5f:cb:c9:ea:5b:e5:e3:78:2d:2d:cc:2c:97:65:58: fc:5b:0a:b8:6b:f7:40:1e:5d:86:88:7f:33:22:ca:13:9c:20: 59:09:a8:b2:49:30:2d:6d:9f:a5:ae:1c:d5:d4:e0:18:ce:b9: 88:f8:37:17:cc:d4:98:9d:24:23:d1:2b:f2:f6:46:b7:35:af: d0:5e:9e:84:38:a3:b2:7a:b4:19:97:7c:7c:e9:77:12:df:c7: 46:80:89:3d:44:c6:b7:93:a9:bd:4d:a0:59:b7:ec:42:da:05: 0c:a8:09:f5:c7:f9:56:d9:d2:80:55:c6:0b:99:56:ea:54:62: 5d:b2:3b:91:8b:5b:97:08:08:1c:4b:77:46:c8:9d:1a:b0:6a: 2c:de:bb:3a:8f:41:a3:6f:7c:ae:54:43:66:ab:13:88:c7:47: 1f:14:e5:e6:d0:61:29:4a:41:42:23:9f:4d:1f:47:e3:b1:25: 7b:fe:16:99:21:82:c3:a9:48:c5:68:fe:e3:bb:cb:e7:a7:63: 9a:74:87:ae:a9:41:4d:2f:48:5f:b3:1f:78:e2:ba:52:10:6a: 34:92:a5:ce:32:2c:28:0a:9d:95:43:64:6d:bc:b2:0e:05:5f: 75:60:87:7e:95:ba:70:34:68:a4:7b:9d:24:dd:0e:af:18:64: e7:bf:83:dd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDoca9NxSBXQS21E7Oo4FqgMW63gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNjAwMDA1N1oX DTI1MDcxMTIzNTk1OVowejFJMEcGA1UEBRNAZTFhMDc2MTVhOGJiNDhkZWM4MjQx MjUxOWIxODMyNGQ1MzQ2YzhkNGIzYjNkYjhhOWI0YjMwMGU4ODk1NGQ2MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtggUv8MVe4COSqyQZJFkvvwWStDm 7ZAZgl73cshdvJZs4dL0pdL+RkY0wVYuUKkPPSOmUVgIk/ZMZ3rRqzeRasimLRXV QgOfCKUKEcktI/5UOn4Jo7Ot5GefRSELCuPhUmYF6ZLz0EmbEI1UEtl827bI9v0C XEHFLPkbQ/LXU7CRP+kH8sggApJdsC/C+TEfiBB/K+QRkOfHMmQ04cFJWX7fD6ct sQ094NBRO0bjDIAuxVf46e/6/UXiL1miShyv4Bu3NdOORGpEdEd8VPzeupcnM3X2 2I2sQqrVNyecom2NdVibdieIypwyfiUtvKj7l6xHpaibcyjfSLD5p6MdnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFByRVuyXrWPHMKEHFEkMGis1en5PMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBmNzMzODBmLTc1NGYtNDRhZS1hZmI5LWQ1YTU1ODQ2N2JjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9BAwDQYJKoZIhvcNAQELBQADggEBAIWCBV/Lyepb5eN4LS3M LJdlWPxbCrhr90AeXYaIfzMiyhOcIFkJqLJJMC1tn6WuHNXU4BjOuYj4NxfM1Jid JCPRK/L2Rrc1r9BenoQ4o7J6tBmXfHzpdxLfx0aAiT1ExreTqb1NoFm37ELaBQyo CfXH+VbZ0oBVxguZVupUYl2yO5GLW5cICBxLd0bInRqwaizeuzqPQaNvfK5UQ2ar E4jHRx8U5ebQYSlKQUIjn00fR+OxJXv+FpkhgsOpSMVo/uO7y+enY5p0h66pQU0v SF+zH3jiulIQajSSpc4yLCgKnZVDZG28sg4FX3Vgh36VunA0aKR7nSTdDq8YZOe/ g90= -----END CERTIFICATE-----Generated at Sun Jun 15 11:41:16 2025 by rpki-client