$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ee9fbda-9a9a-4e0b-9057-c318014d6ede.roa File: 1ee9fbda-9a9a-4e0b-9057-c318014d6ede.roa (raw, json) Hash identifier: tz5nptImyAadrYF2BMncoHt7x7l/KKCEnGBOYww83ww= Subject key identifier: D7:87:D1:5D:83:CE:B8:29:3A:DD:BB:00:37:31:A3:5C:A3:1F:52:DB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 283FC67B2AF897AC713690A2644285B3C1F22922 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ee9fbda-9a9a-4e0b-9057-c318014d6ede.roa Signing time: Tue 10 Jun 2025 15:41:50 +0000 ROA not before: Tue 10 Jun 2025 15:41:50 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da18:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:3f:c6:7b:2a:f8:97:ac:71:36:90:a2:64:42:85:b3:c1:f2:29:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:41:50 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=7d2c91553faa1a30bd45b2ec713450492ac15185dd8c7835368a3d65f1465e40, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:d4:44:f1:6f:ce:9d:a4:71:c3:14:ae:89:eb: 76:e5:1d:ca:52:ee:7f:3b:0e:d5:2d:af:90:20:a5: 00:3b:69:73:1f:e0:20:f7:9a:7d:d6:6a:91:69:ef: 94:ae:fa:93:53:bc:a3:1e:00:4e:aa:fc:82:6c:ad: 05:0a:aa:07:73:75:b6:35:a9:da:4d:8f:e5:dc:21: 7e:c8:de:bc:39:28:0e:41:25:ec:12:d6:6d:f9:a5: e6:8b:ec:6c:e3:7f:ca:04:49:97:18:c3:d3:74:45: 62:31:d1:9d:9d:ad:36:b1:fc:09:d6:fe:ab:a8:5f: a1:8d:f9:f1:6f:3b:5f:aa:ab:59:05:57:ed:50:68: 2d:ec:f4:8d:d0:3e:20:37:e7:c1:75:b4:43:75:0d: b1:1e:c6:83:af:e8:28:71:0e:56:de:ca:f9:09:a8: 53:27:95:0f:14:5c:a4:56:8d:12:a4:29:59:87:1f: c0:d3:53:8c:31:74:3b:29:2f:2d:90:d7:5f:66:c8: b0:55:65:54:70:d8:ea:7e:8c:3d:90:4f:85:03:d7: 84:a4:f9:04:60:ee:45:27:a5:a0:ca:b7:96:e7:8a: 80:60:23:98:ea:85:b7:b2:29:14:28:9c:b9:64:2d: d7:94:4f:ee:6b:c4:39:48:2b:86:94:23:fc:32:c2: 15:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:87:D1:5D:83:CE:B8:29:3A:DD:BB:00:37:31:A3:5C:A3:1F:52:DB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ee9fbda-9a9a-4e0b-9057-c318014d6ede.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da18:c00::/38 Signature Algorithm: sha256WithRSAEncryption 55:bc:e8:36:96:49:cc:97:f9:98:3a:27:a0:20:d5:80:8b:22: 73:5e:21:f8:a3:68:a0:18:2e:d9:02:81:ed:48:88:14:b9:f2: 60:e9:e8:0d:8b:68:c4:6d:d1:4a:96:d2:33:f5:be:dc:6a:7e: 2a:67:dc:50:91:43:9a:67:91:53:b4:45:dc:3d:ba:7b:54:98: 81:0f:f7:d7:90:91:4d:91:88:b0:8c:24:19:44:87:d4:5d:62: f7:24:78:cc:af:ca:d9:bf:b0:d6:cd:bd:ad:36:4d:cd:16:cd: 66:3d:a3:e7:3d:ef:32:c1:8a:fc:c7:90:fc:e8:08:c5:47:46: b4:3b:3d:72:d0:67:eb:92:d9:e9:0c:62:96:1f:84:ad:ce:6b: 30:c5:5b:84:4e:c2:6b:68:5c:b9:82:cc:4b:c4:07:24:66:cf: c2:f6:85:6c:4a:80:53:78:b0:89:07:08:3c:15:5a:92:f9:75: 98:e2:ca:07:bd:17:92:7a:e2:4f:48:51:9a:71:b6:f3:75:7d: 1e:64:8f:ee:40:7a:89:91:a2:e2:2b:a2:e2:0c:8a:f4:0d:52: 00:a2:74:a1:01:90:ad:a3:fb:e1:cf:ed:fa:c4:e0:c9:67:7a: 07:58:70:ec:19:33:51:76:04:c0:59:9f:e4:6e:66:b7:9b:cb: 6c:e6:2a:0d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKD/Geyr4l6xxNpCiZEKFs8HyKSIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NDE1MFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAN2QyYzkxNTUzZmFhMWEzMGJkNDVi MmVjNzEzNDUwNDkyYWMxNTE4NWRkOGM3ODM1MzY4YTNkNjVmMTQ2NWU0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndRE8W/OnaRxwxSuiet25R3KUu5/ Ow7VLa+QIKUAO2lzH+Ag95p91mqRae+UrvqTU7yjHgBOqvyCbK0FCqoHc3W2Nana TY/l3CF+yN68OSgOQSXsEtZt+aXmi+xs43/KBEmXGMPTdEViMdGdna02sfwJ1v6r qF+hjfnxbztfqqtZBVftUGgt7PSN0D4gN+fBdbRDdQ2xHsaDr+gocQ5W3sr5CahT J5UPFFykVo0SpClZhx/A01OMMXQ7KS8tkNdfZsiwVWVUcNjqfow9kE+FA9eEpPkE YO5FJ6WgyreW54qAYCOY6oW3sikUKJy5ZC3XlE/ua8Q5SCuGlCP8MsIVcwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNeH0V2DzrgpOt27ADcxo1yjH1LbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFlZTlmYmRhLTlhOWEtNGUwYi05MDU3LWMzMTgwMTRkNmVkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGAwwDQYJKoZIhvcNAQELBQADggEBAFW86DaWScyX+Zg6J6Ag 1YCLInNeIfijaKAYLtkCge1IiBS58mDp6A2LaMRt0UqW0jP1vtxqfipn3FCRQ5pn kVO0Rdw9untUmIEP99eQkU2RiLCMJBlEh9RdYvckeMyvytm/sNbNva02Tc0WzWY9 o+c97zLBivzHkPzoCMVHRrQ7PXLQZ+uS2ekMYpYfhK3OazDFW4ROwmtoXLmCzEvE ByRmz8L2hWxKgFN4sIkHCDwVWpL5dZjiyge9F5J64k9IUZpxtvN1fR5kj+5AeomR ouIrouIMivQNUgCidKEBkK2j++HP7frE4MlnegdYcOwZM1F2BMBZn+RuZreby2zm Kg0= -----END CERTIFICATE-----Generated at Sat Jun 14 06:15:12 2025 by rpki-client