$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1da204b5-0e3f-4900-a99d-d43a795ecf89.roa File: 1da204b5-0e3f-4900-a99d-d43a795ecf89.roa (raw, json) Hash identifier: uLVC3XLmmpuuZe+NnK7hpLUv+ZNJTXX87qf8OP26J04= Subject key identifier: 6B:09:2F:6E:4D:17:80:04:AF:F2:C6:90:9E:1A:DE:4F:35:D4:59:C5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E98F1E4B104BE7647DBC29D197A5D5DD22E28F7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1da204b5-0e3f-4900-a99d-d43a795ecf89.roa Signing time: Tue 10 Jun 2025 15:50:14 +0000 ROA not before: Tue 10 Jun 2025 15:50:14 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:8400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:98:f1:e4:b1:04:be:76:47:db:c2:9d:19:7a:5d:5d:d2:2e:28:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:50:14 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=0690a507b74fb1543413adb9f5503277b85186783bd9910d8e8bb4ef6a87d2ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:80:38:2d:eb:06:0c:54:9f:93:e3:37:63:3b: 9d:0a:f7:ba:b8:d9:d0:90:03:0b:14:bf:bc:f1:2f: 11:1b:05:64:a2:cf:ce:d6:ec:ab:c4:37:2c:60:a0: 17:2f:bf:1e:13:bf:eb:6a:7d:d9:df:c0:28:3c:51: 54:d0:26:56:6d:5b:cd:9e:a9:09:d2:67:33:3b:6b: 16:4e:5a:57:98:4f:e9:f7:cc:09:38:26:de:8f:02: b8:88:9f:a9:40:04:b5:b1:b2:a4:e2:26:3b:ee:af: 55:23:b0:9d:fe:ed:03:7a:65:f5:d3:a2:ad:34:a6: 7a:7d:d6:32:3f:ad:99:3d:75:bc:97:8b:d9:d8:2a: 99:d8:06:a9:ef:d2:68:13:7b:d4:0e:24:58:db:0b: 25:f3:86:d7:0b:3d:c2:e6:1a:d4:ee:e9:04:56:72: 08:8b:00:f6:29:3c:98:de:c7:fc:d7:ac:e2:45:59: 35:5e:03:d6:d1:87:1b:4f:bc:e1:f7:74:fb:c5:c8: c2:d1:17:8a:b5:1d:25:c3:b5:d0:0e:5d:5d:0e:f5: d2:d3:51:de:64:97:b5:6a:f9:71:8f:72:94:b0:53: a9:f1:e4:96:54:20:54:ba:01:c6:c7:f1:4b:29:59: ac:3a:c1:84:40:db:29:26:0f:a6:55:09:db:9d:9c: 4f:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:09:2F:6E:4D:17:80:04:AF:F2:C6:90:9E:1A:DE:4F:35:D4:59:C5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1da204b5-0e3f-4900-a99d-d43a795ecf89.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:8400::/38 Signature Algorithm: sha256WithRSAEncryption 41:8b:2c:54:de:af:11:76:85:b9:37:b5:bf:3e:e1:40:6d:54: 3e:97:f1:2e:af:0a:c1:f9:5a:62:6f:98:01:f8:52:b3:68:4b: 17:fc:24:c2:74:43:43:05:ed:ab:6d:8a:01:e8:1a:c3:69:33: d1:5f:9e:7b:25:9e:d7:33:d6:e2:ae:f1:13:76:24:43:61:81: 81:37:a7:ce:f9:0e:be:80:a9:3f:da:86:ae:bb:20:42:9a:a1: 53:d6:fb:36:3d:ef:ca:71:be:04:08:2c:e8:24:f8:95:eb:6a: 72:5f:75:ae:83:bb:b7:df:f2:36:b8:d6:ff:91:8e:a1:69:58: 0c:70:ff:86:fb:0c:74:e7:0e:24:b5:70:8f:8e:2c:1e:fb:e0: e2:bf:c7:34:55:ea:a7:6e:62:7b:ef:8a:a5:d5:b9:69:c6:41: f4:a7:67:07:db:0c:fd:5e:d7:8c:17:5f:f2:7e:2c:08:a3:19: 0b:65:08:35:1a:ba:8e:fe:be:18:72:d1:c7:79:5b:0b:c7:81: 4b:ce:18:f6:5f:ae:a5:f8:36:ca:7d:b5:02:2f:e3:6d:64:50: ca:4a:2a:6c:d5:42:fb:ca:a5:11:09:88:9f:c9:ea:df:15:44: ab:82:f9:fe:e5:ea:d0:ff:de:d4:15:e9:81:49:e0:86:7c:17: 7f:5a:89:2b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHpjx5LEEvnZH28KdGXpdXdIuKPcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NTAxNFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMDY5MGE1MDdiNzRmYjE1NDM0MTNh ZGI5ZjU1MDMyNzdiODUxODY3ODNiZDk5MTBkOGU4YmI0ZWY2YTg3ZDJhYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4A4LesGDFSfk+M3YzudCve6uNnQ kAMLFL+88S8RGwVkos/O1uyrxDcsYKAXL78eE7/ran3Z38AoPFFU0CZWbVvNnqkJ 0mczO2sWTlpXmE/p98wJOCbejwK4iJ+pQAS1sbKk4iY77q9VI7Cd/u0DemX106Kt NKZ6fdYyP62ZPXW8l4vZ2CqZ2Aap79JoE3vUDiRY2wsl84bXCz3C5hrU7ukEVnII iwD2KTyY3sf816ziRVk1XgPW0YcbT7zh93T7xcjC0ReKtR0lw7XQDl1dDvXS01He ZJe1avlxj3KUsFOp8eSWVCBUugHGx/FLKVmsOsGEQNspJg+mVQnbnZxPAQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGsJL25NF4AEr/LGkJ4a3k811FnFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFkYTIwNGI1LTBlM2YtNDkwMC1hOTlkLWQ0M2E3OTVlY2Y4OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHIQwDQYJKoZIhvcNAQELBQADggEBAEGLLFTerxF2hbk3tb8+ 4UBtVD6X8S6vCsH5WmJvmAH4UrNoSxf8JMJ0Q0MF7attigHoGsNpM9Ffnnslntcz 1uKu8RN2JENhgYE3p875Dr6AqT/ahq67IEKaoVPW+zY978pxvgQILOgk+JXranJf da6Du7ff8ja41v+RjqFpWAxw/4b7DHTnDiS1cI+OLB774OK/xzRV6qduYnvviqXV uWnGQfSnZwfbDP1e14wXX/J+LAijGQtlCDUauo7+vhhy0cd5WwvHgUvOGPZfrqX4 Nsp9tQIv421kUMpKKmzVQvvKpREJiJ/J6t8VRKuC+f7l6tD/3tQV6YFJ4IZ8F39a iSs= -----END CERTIFICATE-----Generated at Sat Jun 14 06:08:41 2025 by rpki-client