$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1f0c58f3-95ea-40f6-ad92-e52e7261f262.roa File: 1f0c58f3-95ea-40f6-ad92-e52e7261f262.roa (raw, json) Hash identifier: zTtysVgXq8iknxD/wucxgS5P0d78UsIrlM+iyQ4CAB0= Subject key identifier: 06:EA:4B:62:F3:33:A8:59:F7:BD:37:3A:A0:8A:EE:7A:43:AC:39:77 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3817CDCC9F338ABA1FE1084B5343A9F2EF3B7196 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1f0c58f3-95ea-40f6-ad92-e52e7261f262.roa Signing time: Mon 09 Jun 2025 15:10:10 +0000 ROA not before: Mon 09 Jun 2025 15:10:10 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:7040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:17:cd:cc:9f:33:8a:ba:1f:e1:08:4b:53:43:a9:f2:ef:3b:71:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:10:10 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=88619fd9819efd17c8ad849d7d7e858d70548dc40e0de356b6f4468e3eb65c19, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:da:5f:80:e2:66:e3:88:b7:33:aa:66:d1:c0: 11:af:d5:74:79:c5:f9:48:cd:eb:9a:a1:a4:76:cb: a3:f2:c7:94:fa:fe:d9:43:dc:f1:c6:c6:41:e5:f4: 33:3d:5b:48:5d:26:02:98:f4:23:fb:81:5f:3e:97: b1:4a:8d:1d:79:ea:ec:a2:2a:28:62:da:11:42:42: d3:2e:29:bb:df:44:33:2d:40:36:1d:1d:3b:80:d9: 0c:37:4f:39:75:eb:81:c6:1f:9e:80:6d:b8:ba:b9: 0f:8a:8f:88:5d:d6:14:48:5f:a8:98:16:b8:cb:e2: 2f:fb:83:4e:ac:ed:2b:3d:e5:be:dc:eb:d6:b2:53: ca:f5:2d:27:28:2b:ad:fe:c1:8c:18:a6:4d:8e:2b: d6:a7:90:98:16:36:53:94:51:78:bb:23:f2:91:b1: 05:a3:89:a8:9f:25:01:90:a8:8b:f6:f6:33:f7:48: 3e:53:5b:5a:68:60:88:67:57:d1:85:14:54:19:9c: 10:60:4c:fe:a7:d6:15:0d:ca:56:7e:d9:bb:a8:36: c8:ad:6b:33:34:cc:f7:c2:6c:37:31:2e:6e:27:85: b0:55:c0:3c:f4:6d:25:b4:28:f0:c2:9d:e9:94:54: c0:06:7f:8e:e4:67:2a:b6:b4:86:5e:68:27:41:9e: bd:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:EA:4B:62:F3:33:A8:59:F7:BD:37:3A:A0:8A:EE:7A:43:AC:39:77 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1f0c58f3-95ea-40f6-ad92-e52e7261f262.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:7040::/48 Signature Algorithm: sha256WithRSAEncryption 32:5a:6a:93:e4:18:b3:a6:fa:bd:57:d5:4f:97:b4:d7:fa:ee: e7:52:5c:1a:62:e8:01:26:34:fd:b9:12:85:a2:d2:01:89:39: b0:f6:fc:7a:2f:c5:2c:18:56:d0:68:38:fa:7d:70:e1:b1:1a: 69:f3:cf:d6:00:a0:97:9d:f2:52:5e:1f:c0:44:11:68:f9:e0: d9:1a:0e:8d:e0:8a:41:5a:fc:bf:b1:79:99:27:00:14:12:08: 2c:6e:c0:78:3e:df:54:af:d7:a5:6e:c6:23:87:e5:dd:c6:be: 0e:2a:3f:72:0a:ed:a4:70:81:54:c3:f5:52:10:b3:c1:d5:ed: 19:5a:22:d1:22:b1:c5:5a:8e:ad:65:52:b6:32:b2:78:ef:39: fc:eb:dc:a2:9f:dd:ed:b7:e5:0e:c9:76:92:9d:37:56:0d:16: 28:38:3f:19:3e:0e:3a:43:f0:02:51:ff:68:c1:03:bf:bd:44: 62:c4:1f:12:81:7a:fd:0e:9d:e6:85:c9:7e:cc:2b:9a:de:24: f9:98:4d:80:e7:bf:51:63:9a:50:ff:b3:28:e8:10:b0:1f:1c: 19:a1:32:f3:1a:92:e6:ec:c6:a4:66:7e:f1:90:f2:ea:49:a2: c9:ac:06:b8:f4:e0:cf:7c:d2:b7:6b:5f:7e:f8:b9:7b:46:67: 3d:26:bc:cf -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOBfNzJ8zirof4QhLU0Op8u87cZYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MTAxMFoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAODg2MTlmZDk4MTllZmQxN2M4YWQ4 NDlkN2Q3ZTg1OGQ3MDU0OGRjNDBlMGRlMzU2YjZmNDQ2OGUzZWI2NWMxOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdpfgOJm44i3M6pm0cARr9V0ecX5 SM3rmqGkdsuj8seU+v7ZQ9zxxsZB5fQzPVtIXSYCmPQj+4FfPpexSo0deersoioo YtoRQkLTLim730QzLUA2HR07gNkMN085deuBxh+egG24urkPio+IXdYUSF+omBa4 y+Iv+4NOrO0rPeW+3OvWslPK9S0nKCut/sGMGKZNjivWp5CYFjZTlFF4uyPykbEF o4monyUBkKiL9vYz90g+U1taaGCIZ1fRhRRUGZwQYEz+p9YVDcpWftm7qDbIrWsz NMz3wmw3MS5uJ4WwVcA89G0ltCjwwp3plFTABn+O5GcqtrSGXmgnQZ69zwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAbqS2LzM6hZ9703OqCK7npDrDl3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFmMGM1OGYzLTk1ZWEtNDBmNi1hZDkyLWU1MmU3MjYxZjI2Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/3BAMA0GCSqGSIb3DQEBCwUAA4IBAQAyWmqT5Bizpvq9V9VP l7TX+u7nUlwaYugBJjT9uRKFotIBiTmw9vx6L8UsGFbQaDj6fXDhsRpp88/WAKCX nfJSXh/ARBFo+eDZGg6N4IpBWvy/sXmZJwAUEggsbsB4Pt9Ur9elbsYjh+Xdxr4O Kj9yCu2kcIFUw/VSELPB1e0ZWiLRIrHFWo6tZVK2MrJ47zn869yin93tt+UOyXaS nTdWDRYoOD8ZPg46Q/ACUf9owQO/vURixB8SgXr9Dp3mhcl+zCua3iT5mE2A579R Y5pQ/7Mo6BCwHxwZoTLzGpLm7MakZn7xkPLqSaLJrAa49ODPfNK3a19++Ll7Rmc9 JrzP -----END CERTIFICATE-----Generated at Sat Jun 14 06:30:25 2025 by rpki-client