$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13a746d5-ac02-412a-8a63-918cac6ecda2.roa File: 13a746d5-ac02-412a-8a63-918cac6ecda2.roa (raw, json) Hash identifier: Mi+m8lf1ZOBpQbGUASkUCBt4HpIEyAfw09naB3XONmc= Subject key identifier: 61:83:E9:51:09:D7:91:D6:28:FD:7D:EA:3F:A3:D5:07:BE:9E:6B:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24CC316E133B7ECC0221489CC32D00BF09C80A77 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13a746d5-ac02-412a-8a63-918cac6ecda2.roa Signing time: Mon 09 Jun 2025 15:10:20 +0000 ROA not before: Mon 09 Jun 2025 15:10:20 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:cc:31:6e:13:3b:7e:cc:02:21:48:9c:c3:2d:00:bf:09:c8:0a:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:10:20 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=fe61dfe5ced223ffb03724e6f36a00d6a6fa280107b075d879e0441c3cf72a44, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:d9:ad:be:ec:9b:3b:70:ba:51:26:2e:a2:f5: 7b:aa:4c:fe:48:c5:13:78:48:3b:88:3d:a3:58:62: 1c:79:a2:30:79:47:c5:e1:6b:4a:08:7d:cb:f0:c3: 77:e6:d0:4c:5f:46:3e:ef:4c:db:eb:37:34:79:3d: df:73:76:7c:27:7b:b2:f2:aa:72:a9:3e:89:8a:cd: 7c:99:76:35:66:a0:8a:69:87:17:e8:a1:6c:e5:ee: 4f:92:cd:0c:0e:f9:2e:8a:0a:dd:e0:06:71:6c:b1: f5:ae:9c:3d:00:f6:91:6c:77:26:15:65:a2:29:16: 23:04:b7:e1:ba:91:65:fe:cf:a5:27:8d:8f:f0:11: 72:35:d8:52:ef:b2:58:76:b6:ca:6c:1a:43:57:a8: dc:89:31:1d:97:e0:c3:ee:52:aa:2d:72:28:1d:25: 9f:f0:89:fd:38:4f:1d:e2:00:90:e6:f1:38:f9:ee: 2c:7c:18:77:80:8b:83:96:84:6f:f1:84:82:97:73: 13:fd:30:b7:f4:c6:1e:3e:96:6f:52:d6:ac:79:84: 97:9a:3a:f9:66:d3:b8:1b:3d:2a:30:61:a7:93:9a: 0e:76:81:8b:95:0c:cc:00:b5:06:3b:a6:b7:52:24: 2d:19:10:74:7f:bc:51:f6:72:e4:fd:19:19:01:73: 00:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:83:E9:51:09:D7:91:D6:28:FD:7D:EA:3F:A3:D5:07:BE:9E:6B:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13a746d5-ac02-412a-8a63-918cac6ecda2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:2800::/40 Signature Algorithm: sha256WithRSAEncryption 2e:fb:87:b7:63:a3:16:3b:ef:96:4a:e1:ea:8d:bc:29:37:b6: fd:9d:14:a3:5b:f1:5b:65:0d:cb:5c:7d:d1:6d:21:21:b1:f1: 5c:bc:dc:b2:71:be:b3:d2:08:37:3e:71:32:f7:e8:b2:c3:86: 79:e5:f4:12:6b:a4:1f:2a:f1:5c:2f:67:01:65:4c:7e:2c:6b: 34:ba:dc:73:7e:25:fe:bc:45:31:c1:80:c5:c8:84:40:58:48: 27:2c:b3:f6:3b:fc:d7:67:dd:c8:a8:40:4a:60:b4:dd:5b:b5: 69:a0:ee:d5:47:c3:e8:bd:e5:68:0e:ea:94:1c:d7:a9:9e:23: 7d:7b:1d:da:3d:e4:97:42:d2:f0:a6:ec:9e:dc:ff:27:09:e1: e5:fa:c8:fd:ed:25:28:8f:88:89:57:8a:c0:87:12:2b:9b:fb: 76:6e:b8:49:f8:85:bd:c0:19:e1:a3:2d:20:d7:70:54:d5:9a: f4:b6:a8:70:87:a6:a0:c2:9d:aa:a0:ac:5e:71:34:78:fe:70: 4a:ae:55:43:65:ed:b3:1d:c7:a1:b7:4d:60:27:cc:03:28:73: 06:f6:12:7c:3b:6f:6e:95:06:72:86:b1:1f:33:06:16:d2:12: f3:92:04:63:b4:d8:17:63:3f:ed:74:0c:dd:2c:c1:ea:fd:cf: fd:49:e1:de -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJMwxbhM7fswCIUicwy0AvwnICncwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MTAyMFoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAZmU2MWRmZTVjZWQyMjNmZmIwMzcy NGU2ZjM2YTAwZDZhNmZhMjgwMTA3YjA3NWQ4NzllMDQ0MWMzY2Y3MmE0NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtmtvuybO3C6USYuovV7qkz+SMUT eEg7iD2jWGIceaIweUfF4WtKCH3L8MN35tBMX0Y+70zb6zc0eT3fc3Z8J3uy8qpy qT6Jis18mXY1ZqCKaYcX6KFs5e5Pks0MDvkuigrd4AZxbLH1rpw9APaRbHcmFWWi KRYjBLfhupFl/s+lJ42P8BFyNdhS77JYdrbKbBpDV6jciTEdl+DD7lKqLXIoHSWf 8In9OE8d4gCQ5vE4+e4sfBh3gIuDloRv8YSCl3MT/TC39MYePpZvUtaseYSXmjr5 ZtO4Gz0qMGGnk5oOdoGLlQzMALUGO6a3UiQtGRB0f7xR9nLk/RkZAXMAWwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGGD6VEJ15HWKP196j+j1Qe+nmt0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEzYTc0NmQ1LWFjMDItNDEyYS04YTYzLTkxOGNhYzZlY2RhMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOCgwDQYJKoZIhvcNAQELBQADggEBAC77h7djoxY775ZK4eqN vCk3tv2dFKNb8VtlDctcfdFtISGx8Vy83LJxvrPSCDc+cTL36LLDhnnl9BJrpB8q 8VwvZwFlTH4sazS63HN+Jf68RTHBgMXIhEBYSCcss/Y7/Ndn3cioQEpgtN1btWmg 7tVHw+i95WgO6pQc16meI317Hdo95JdC0vCm7J7c/ycJ4eX6yP3tJSiPiIlXisCH Eiub+3ZuuEn4hb3AGeGjLSDXcFTVmvS2qHCHpqDCnaqgrF5xNHj+cEquVUNl7bMd x6G3TWAnzAMocwb2Enw7b26VBnKGsR8zBhbSEvOSBGO02BdjP+10DN0swer9z/1J 4d4= -----END CERTIFICATE-----Generated at Sat Jun 14 06:00:01 2025 by rpki-client