$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa File: 1633925d-77e5-4142-aee7-593dea039740.roa (raw, json) Hash identifier: O4LuQWMsousXnkcdpo/NyjW+vVc7mK0vGI3N3G0QizI= Subject key identifier: CA:BE:D1:59:65:68:E1:A6:A2:12:AB:E4:76:D2:76:A9:CE:6F:41:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2950205F890DE751738EDF109E7DB6719A3C9C5A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa Signing time: Fri 06 Jun 2025 00:00:58 +0000 ROA not before: Fri 06 Jun 2025 00:00:58 +0000 ROA not after: Fri 11 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:50:20:5f:89:0d:e7:51:73:8e:df:10:9e:7d:b6:71:9a:3c:9c:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 6 00:00:58 2025 GMT Not After : Jul 11 23:59:59 2025 GMT Subject: serialNumber=d005b1491812fd4d3844d266432c48b09aa87fe43b65962b74f0236139458a52, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:fc:96:42:7d:a7:60:0c:43:40:26:22:b7:2d: a0:a6:d8:10:9c:19:95:7a:9e:1a:46:ac:43:5f:eb: 95:6c:7d:87:32:2a:60:11:8c:a6:5c:75:74:78:eb: 9e:86:45:1c:a8:4d:68:63:a7:5d:21:4e:db:b2:73: cd:1d:10:cd:d9:ac:e2:9c:9b:b1:88:76:96:e0:8b: c6:3a:d7:67:80:fa:46:2b:45:ae:30:a5:6b:be:01: 03:c6:ac:dc:36:ba:26:b8:76:57:db:1d:61:44:60: 57:22:69:1c:92:1c:fb:bf:5e:68:b6:ff:12:12:bc: c7:8f:98:da:54:5d:0b:a6:57:e1:57:b4:b0:1e:0e: 31:5a:19:5a:8b:54:7d:07:6e:cb:2d:0d:cb:bf:a1: 67:25:c8:9f:09:e9:6a:2f:40:ca:cf:90:5d:ea:58: 21:a3:19:f8:19:4b:3e:10:98:34:bd:ae:dc:22:ae: 4d:94:43:43:97:2d:a9:59:31:f8:16:72:91:81:c6: b4:7f:ae:65:90:d5:c7:94:5f:bf:a4:04:67:16:bf: 7d:9b:d2:ef:df:af:48:bb:a1:93:45:80:9e:4d:da: d4:5a:84:94:8b:de:51:88:0a:78:f2:02:40:8f:3c: b7:55:27:d8:68:6d:ec:32:b2:66:b2:4d:44:d5:bb: a3:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:BE:D1:59:65:68:E1:A6:A2:12:AB:E4:76:D2:76:A9:CE:6F:41:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:f000::/40 Signature Algorithm: sha256WithRSAEncryption 0b:25:02:05:e8:cb:c1:6d:b5:a9:27:9a:50:29:df:3d:77:52: a8:0a:36:9f:e3:ae:87:2d:64:c7:08:32:72:ad:4e:8e:5e:0d: 56:24:22:26:b6:57:8a:ba:61:f8:e0:fd:59:09:f8:c1:11:1f: 21:57:6c:b2:cd:00:ca:ac:49:a8:9c:8c:5d:1a:6d:28:bf:b5: 3f:b4:e1:49:88:f4:08:57:1f:4e:1b:cc:e0:43:29:57:f1:b7: 87:5e:d4:85:22:45:71:81:ca:ab:c8:0d:79:af:9d:84:74:53: eb:35:6c:0a:e4:b3:f8:f1:41:3f:d7:43:e3:c3:d7:27:7d:c5: fb:5e:e5:c9:77:b9:6e:cb:28:a4:8a:82:0d:52:b8:fd:50:37: 2b:1a:82:94:a4:78:52:04:24:cd:b0:b4:24:46:13:a1:2b:db: 6c:44:3d:1d:ec:23:f2:e6:9f:9a:7a:4b:ec:9d:e6:ab:79:4b: 87:a4:82:ca:f7:76:e9:93:eb:be:65:1d:95:d9:36:14:32:be: dd:4e:b9:5b:42:58:32:3c:3b:6e:de:36:2a:15:01:5b:d5:d9: ef:a3:68:17:67:ae:3e:2b:1a:4a:4d:ab:c8:10:d9:a0:6a:2f: 9a:fc:e2:97:cf:2b:c3:14:fe:ca:92:9a:7c:02:c3:86:76:93: 53:58:12:29 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKVAgX4kN51Fzjt8Qnn22cZo8nFowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNjAwMDA1OFoX DTI1MDcxMTIzNTk1OVowejFJMEcGA1UEBRNAZDAwNWIxNDkxODEyZmQ0ZDM4NDRk MjY2NDMyYzQ4YjA5YWE4N2ZlNDNiNjU5NjJiNzRmMDIzNjEzOTQ1OGE1MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/yWQn2nYAxDQCYity2gptgQnBmV ep4aRqxDX+uVbH2HMipgEYymXHV0eOuehkUcqE1oY6ddIU7bsnPNHRDN2azinJux iHaW4IvGOtdngPpGK0WuMKVrvgEDxqzcNromuHZX2x1hRGBXImkckhz7v15otv8S ErzHj5jaVF0LplfhV7SwHg4xWhlai1R9B27LLQ3Lv6FnJcifCelqL0DKz5Bd6lgh oxn4GUs+EJg0va7cIq5NlENDly2pWTH4FnKRgca0f65lkNXHlF+/pARnFr99m9Lv 369Iu6GTRYCeTdrUWoSUi95RiAp48gJAjzy3VSfYaG3sMrJmsk1E1bujhwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMq+0VllaOGmohKr5HbSdqnOb0F/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE2MzM5MjVkLTc3ZTUtNDE0Mi1hZWU3LTU5M2RlYTAzOTc0MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9vAwDQYJKoZIhvcNAQELBQADggEBAAslAgXoy8FttaknmlAp 3z13UqgKNp/jroctZMcIMnKtTo5eDVYkIia2V4q6Yfjg/VkJ+MERHyFXbLLNAMqs SaicjF0abSi/tT+04UmI9AhXH04bzOBDKVfxt4de1IUiRXGByqvIDXmvnYR0U+s1 bArks/jxQT/XQ+PD1yd9xfte5cl3uW7LKKSKgg1SuP1QNysagpSkeFIEJM2wtCRG E6Er22xEPR3sI/Lmn5p6S+yd5qt5S4ekgsr3dumT675lHZXZNhQyvt1OuVtCWDI8 O27eNioVAVvV2e+jaBdnrj4rGkpNq8gQ2aBqL5r84pfPK8MU/sqSmnwCw4Z2k1NY Eik= -----END CERTIFICATE-----Generated at Sat Jun 14 06:31:30 2025 by rpki-client