$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/228a5e29-7426-476c-b778-2d402b2ed541.roa File: 228a5e29-7426-476c-b778-2d402b2ed541.roa (raw, json) Hash identifier: GCT/tjTpxErJMrB6GOs5tWKuprwsBRAdvvQQWPXeEWI= Subject key identifier: 35:1D:DE:48:4F:12:6C:86:B3:9F:27:02:2F:08:3C:39:7C:13:19:2F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11755166CE3C7DCFE78DCB7876C7A4D42B758951 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/228a5e29-7426-476c-b778-2d402b2ed541.roa Signing time: Wed 04 Jun 2025 00:00:14 +0000 ROA not before: Wed 04 Jun 2025 00:00:14 +0000 ROA not after: Wed 09 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:75:51:66:ce:3c:7d:cf:e7:8d:cb:78:76:c7:a4:d4:2b:75:89:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 4 00:00:14 2025 GMT Not After : Jul 9 23:59:59 2025 GMT Subject: serialNumber=7fce1a69685725377f8b16639ace0fb6c1cf3ac8a83f4a3bb19d987b188d73dd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a2:02:81:ef:50:fb:86:28:cb:0e:6d:f7:76: 9c:bb:bd:89:48:54:69:8b:94:42:35:98:40:ab:ea: 91:6c:d9:97:36:b5:52:c2:28:80:3a:1f:db:f6:57: bf:3d:70:d5:70:74:7d:27:e9:c0:ee:94:9e:8e:ac: 43:5b:fd:26:b0:1e:89:7e:e8:5a:aa:ae:f2:46:91: 71:2a:ee:34:8d:81:9f:5e:81:9c:83:70:e8:e9:82: 3e:65:0a:d9:6e:4e:c5:41:1a:55:08:46:ae:dd:19: b1:a8:5e:c6:ff:0c:71:2a:a1:15:f8:33:72:d6:83: 9b:74:8e:4b:13:2a:8b:90:5d:4e:47:d1:9f:f2:3c: 6a:10:d2:e6:9b:88:df:5a:b8:99:d7:63:6d:e9:a1: 2c:7a:13:c8:a6:a3:22:36:1c:15:5d:31:c9:cd:6c: ea:73:37:ad:78:e4:aa:47:6e:ca:ae:42:da:57:fb: db:e4:98:32:00:83:07:a6:cd:ec:d7:bc:f3:79:20: 7d:21:a0:30:e9:15:b1:43:6c:13:fd:51:12:69:20: 55:08:ba:43:e8:9c:e7:c4:2f:b4:a3:f3:d2:5f:62: 0c:4d:b9:6b:a1:48:e3:4a:af:ed:17:1d:a2:22:1f: ca:50:c2:80:90:43:f5:ba:3d:fa:01:cc:e5:3e:07: 3b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:1D:DE:48:4F:12:6C:86:B3:9F:27:02:2F:08:3C:39:7C:13:19:2F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/228a5e29-7426-476c-b778-2d402b2ed541.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:800::/40 Signature Algorithm: sha256WithRSAEncryption 01:00:1c:43:6a:2a:ad:a2:1a:52:5c:fa:19:b1:1d:a3:f2:c0: 13:5a:6f:09:06:cb:24:99:10:db:e7:f5:d9:93:6f:7b:95:6b: 02:10:44:17:ed:4a:bb:01:ea:c7:36:ce:89:a0:e8:58:a7:c5: 32:a5:61:0e:b6:ae:6a:4e:e0:72:6d:dd:c9:ce:3f:6f:55:0b: 57:f2:55:bd:88:9f:54:22:0b:09:56:b4:ef:bb:94:1f:04:57: 62:03:e0:7f:1b:4c:e0:b0:21:e0:ef:a8:38:7b:51:6b:bb:c6: e3:32:76:3b:a0:ad:2a:5b:cd:76:39:4f:d7:85:91:6e:cc:39: 96:f5:59:c1:bd:42:43:0a:f7:87:bb:63:72:52:e8:30:68:e9: af:7d:9e:3a:2b:79:db:a5:e8:df:55:0e:7e:c2:45:79:5a:da: c5:5f:a5:71:54:a2:a7:fa:66:61:f4:bf:cb:f3:49:ba:b0:1f: de:2c:76:62:e7:62:c5:b1:94:31:6a:32:6c:3f:b1:ae:72:21: 79:00:a9:6b:2f:f7:84:13:7d:e8:0c:f0:35:d0:7a:11:ab:ac: c5:cf:33:ff:ba:36:7f:53:3b:6c:06:48:9c:45:0d:31:b1:ba: 02:0e:f6:e5:1b:db:8b:15:c0:1e:5f:b8:06:36:a2:9f:c4:50: 57:df:7d:4c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEXVRZs48fc/njct4dsek1Ct1iVEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNDAwMDAxNFoX DTI1MDcwOTIzNTk1OVowejFJMEcGA1UEBRNAN2ZjZTFhNjk2ODU3MjUzNzdmOGIx NjYzOWFjZTBmYjZjMWNmM2FjOGE4M2Y0YTNiYjE5ZDk4N2IxODhkNzNkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqICge9Q+4Yoyw5t93acu72JSFRp i5RCNZhAq+qRbNmXNrVSwiiAOh/b9le/PXDVcHR9J+nA7pSejqxDW/0msB6Jfuha qq7yRpFxKu40jYGfXoGcg3Do6YI+ZQrZbk7FQRpVCEau3RmxqF7G/wxxKqEV+DNy 1oObdI5LEyqLkF1OR9Gf8jxqENLmm4jfWriZ12Nt6aEsehPIpqMiNhwVXTHJzWzq czeteOSqR27KrkLaV/vb5JgyAIMHps3s17zzeSB9IaAw6RWxQ2wT/VESaSBVCLpD 6JznxC+0o/PSX2IMTblroUjjSq/tFx2iIh/KUMKAkEP1uj36AczlPgc7nwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDUd3khPEmyGs58nAi8IPDl8ExkvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIyOGE1ZTI5LTc0MjYtNDc2Yy1iNzc4LTJkNDAyYjJlZDU0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYAgwDQYJKoZIhvcNAQELBQADggEBAAEAHENqKq2iGlJc+hmx HaPywBNabwkGyySZENvn9dmTb3uVawIQRBftSrsB6sc2zomg6FinxTKlYQ62rmpO 4HJt3cnOP29VC1fyVb2In1QiCwlWtO+7lB8EV2ID4H8bTOCwIeDvqDh7UWu7xuMy djugrSpbzXY5T9eFkW7MOZb1WcG9QkMK94e7Y3JS6DBo6a99njoredul6N9VDn7C RXla2sVfpXFUoqf6ZmH0v8vzSbqwH94sdmLnYsWxlDFqMmw/sa5yIXkAqWsv94QT fegM8DXQehGrrMXPM/+6Nn9TO2wGSJxFDTGxugIO9uUb24sVwB5fuAY2op/EUFff fUw= -----END CERTIFICATE-----Generated at Sat Jun 14 06:25:16 2025 by rpki-client