$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa File: 1ef497a8-abd3-4d49-af13-215841ac320f.roa (raw, json) Hash identifier: WKptuplCLExvf9I3+HBohmQ5+NfL5D+KK6wUsoU0gZ4= Subject key identifier: FA:FD:B8:F7:D3:49:E3:C5:49:73:8D:27:C4:5B:72:D4:0A:8A:7F:3C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0A7696D00CBAECB535FB4E435486E53EE3F59CC4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa Signing time: Sat 14 Jun 2025 00:00:14 +0000 ROA not before: Sat 14 Jun 2025 00:00:14 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:76:96:d0:0c:ba:ec:b5:35:fb:4e:43:54:86:e5:3e:e3:f5:9c:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 14 00:00:14 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=44ccb742a66f47b8c79b40052db664677ea652230d8e6298025b17e0098eeddd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:05:a8:ff:bd:39:12:f9:eb:8b:b4:5e:7a:63: ce:a2:17:77:f8:98:d3:4f:ad:94:a3:97:f8:99:e7: bd:f6:ac:dc:08:e6:5a:c5:c9:82:2d:90:95:6a:d2: 68:9a:74:9a:95:35:1d:f2:88:d8:4a:60:02:1c:08: 69:e6:8b:f9:83:00:d4:06:e0:27:62:e8:22:0e:f6: e4:22:05:20:d9:5b:7a:e3:69:87:58:2c:ad:41:fc: d2:ab:3d:34:1b:ac:69:5f:8d:65:b5:13:98:43:67: 95:21:19:a6:46:45:3c:a8:a8:3b:c7:c7:bc:d7:01: 7f:86:46:ec:3c:2a:f5:51:9f:b5:1a:37:3b:b0:e1: 3b:77:09:3f:bc:78:02:74:b0:10:63:66:5c:24:89: ea:fc:f1:39:32:05:c9:fb:53:a0:7d:0e:52:8b:b0: 4a:fe:b5:3e:0a:16:60:0b:a1:19:67:53:60:16:db: b1:d1:9f:20:90:dd:c1:8e:f0:59:dd:1f:e3:af:a4: ac:22:dd:30:8c:6a:5c:0c:e5:a1:13:cf:3e:c0:ab: 09:2b:15:d7:dd:80:23:9f:1a:df:df:1f:34:60:b4: 21:f7:aa:99:c0:35:da:8e:b4:1b:60:16:17:2a:ce: e4:30:97:7b:2d:6d:51:7e:f7:f1:41:ca:2f:25:73: ba:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:FD:B8:F7:D3:49:E3:C5:49:73:8D:27:C4:5B:72:D4:0A:8A:7F:3C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:4000::/40 Signature Algorithm: sha256WithRSAEncryption 05:ae:8c:33:63:5f:ad:a7:a9:59:c0:b6:bc:7e:55:47:9a:bb: e0:5e:ab:5d:63:b3:11:e2:a7:75:a2:c7:80:5e:7b:7e:3c:8d: 6c:6b:7c:2e:e0:d6:51:23:b5:6a:36:30:c3:c5:18:15:02:70: af:36:d7:66:bd:28:88:ad:1f:a9:64:5a:d1:71:62:01:41:f9: 5f:0a:72:07:47:eb:68:c9:41:c8:ba:0b:94:0b:c6:1c:a0:2a: 53:46:05:07:ad:a4:d5:30:3b:19:d8:0a:7b:44:2e:31:fb:37: 8e:4f:05:cf:7b:16:88:33:d8:e1:2d:a3:1a:2f:3f:b3:04:b9: f1:2c:fa:36:76:6b:d9:c9:6e:a2:33:1e:b7:90:fd:eb:e1:02: 28:b4:fa:be:6e:05:a9:66:3e:8d:98:f7:38:16:2e:ee:21:21: dd:53:22:84:92:e1:28:5d:42:5f:19:4c:e9:98:49:d4:9a:71: 1c:d9:18:aa:fc:62:86:11:55:ff:c8:13:72:06:af:fa:3c:48: 50:00:b6:17:7c:c2:c3:d0:30:12:af:3c:29:b6:94:34:57:16: 56:76:7e:77:89:47:cd:7c:21:34:bd:ca:7e:93:ab:05:38:7a: 5d:cb:64:e6:59:8e:21:b7:33:dc:6b:cc:fd:0e:7c:e7:a1:2c: 00:43:57:a0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCnaW0Ay67LU1+05DVIblPuP1nMQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNDAwMDAxNFoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNANDRjY2I3NDJhNjZmNDdiOGM3OWI0 MDA1MmRiNjY0Njc3ZWE2NTIyMzBkOGU2Mjk4MDI1YjE3ZTAwOThlZWRkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogWo/705Evnri7ReemPOohd3+JjT T62Uo5f4mee99qzcCOZaxcmCLZCVatJomnSalTUd8ojYSmACHAhp5ov5gwDUBuAn YugiDvbkIgUg2Vt642mHWCytQfzSqz00G6xpX41ltROYQ2eVIRmmRkU8qKg7x8e8 1wF/hkbsPCr1UZ+1Gjc7sOE7dwk/vHgCdLAQY2ZcJInq/PE5MgXJ+1OgfQ5Si7BK /rU+ChZgC6EZZ1NgFtux0Z8gkN3BjvBZ3R/jr6SsIt0wjGpcDOWhE88+wKsJKxXX 3YAjnxrf3x80YLQh96qZwDXajrQbYBYXKs7kMJd7LW1RfvfxQcovJXO6eQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPr9uPfTSePFSXONJ8RbctQKin88MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFlZjQ5N2E4LWFiZDMtNGQ0OS1hZjEzLTIxNTg0MWFjMzIwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNkAwDQYJKoZIhvcNAQELBQADggEBAAWujDNjX62nqVnAtrx+ VUeau+Beq11jsxHip3Wix4Bee348jWxrfC7g1lEjtWo2MMPFGBUCcK8212a9KIit H6lkWtFxYgFB+V8KcgdH62jJQci6C5QLxhygKlNGBQetpNUwOxnYCntELjH7N45P Bc97Fogz2OEtoxovP7MEufEs+jZ2a9nJbqIzHreQ/evhAii0+r5uBalmPo2Y9zgW Lu4hId1TIoSS4ShdQl8ZTOmYSdSacRzZGKr8YoYRVf/IE3IGr/o8SFAAthd8wsPQ MBKvPCm2lDRXFlZ2fneJR818ITS9yn6TqwU4el3LZOZZjiG3M9xrzP0OfOehLABD V6A= -----END CERTIFICATE-----Generated at Sat Jun 14 06:11:59 2025 by rpki-client