$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa File: 24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa (raw, json) Hash identifier: c8yY9xffaHuM+xMhsIg7+OCgYjsum1KNIOWRXoNGp3w= Subject key identifier: 0E:5F:DF:F9:20:4C:1F:ED:A2:5E:68:32:31:AA:02:A1:E1:A3:B4:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5A89904443804E74D3A25032BBF5A466E357CB0E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa Signing time: Tue 10 Jun 2025 15:30:16 +0000 ROA not before: Tue 10 Jun 2025 15:30:16 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:89:90:44:43:80:4e:74:d3:a2:50:32:bb:f5:a4:66:e3:57:cb:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:30:16 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=9585887ade795d685e6d40ea3ebd24ef0224705fd51813b06e8c893d2084964e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:76:19:3b:ca:00:8a:89:39:68:12:69:b0:d1: 27:5b:ac:c4:cc:1b:e6:aa:ba:76:3c:c3:74:e4:c5: d2:e2:31:ac:2e:42:9b:61:f9:72:dd:98:de:66:14: 4e:3c:12:f0:f0:74:a0:59:f9:07:8f:e7:02:99:69: 6b:17:42:30:41:43:18:d8:fc:10:83:ef:53:73:79: 4b:4c:8f:b0:72:40:dd:03:0e:e6:ba:7c:c8:7a:0c: ce:53:d9:ba:e6:20:b0:9c:46:39:df:ff:81:23:60: 70:cc:45:93:9f:d6:b1:82:2b:69:de:5f:4b:15:98: 09:2f:cb:ee:03:f4:6b:5f:87:48:4b:61:c4:fc:87: 71:8f:c8:24:ff:6e:22:8c:7a:fb:27:db:95:82:84: 23:07:c1:85:2a:25:25:56:91:29:dd:cb:1e:0b:f0: 70:88:ae:d4:48:35:39:6a:b4:61:f1:ea:13:24:e4: 29:0d:f1:db:92:93:59:43:30:da:75:24:83:71:45: 88:d8:0e:22:29:d8:e8:e6:fc:97:10:17:d0:92:9c: 4c:3e:58:51:a7:39:ea:40:4b:4d:d5:87:a7:44:c6: e1:90:3f:1e:d2:fe:0c:27:0a:62:d7:b5:7e:d3:6b: 70:be:2b:a7:69:38:c4:d0:c3:7c:fd:af:a0:90:e4: 6f:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:5F:DF:F9:20:4C:1F:ED:A2:5E:68:32:31:AA:02:A1:E1:A3:B4:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:6000::/40 Signature Algorithm: sha256WithRSAEncryption 1a:b2:92:8d:65:39:e9:b5:58:dd:4b:34:20:3f:01:88:90:ff: 71:f9:4d:e0:b3:75:be:dd:9e:98:2b:2e:57:01:0b:42:4f:92: 0d:b7:f3:4c:42:93:3c:0d:ef:79:26:ac:9a:99:17:ef:69:e3: 6e:2b:4c:12:c5:48:92:89:28:61:a3:c0:b7:7d:66:8c:73:1a: 56:4e:fa:75:c3:2f:cb:e9:0a:09:a3:a7:73:7d:0f:a7:35:a5: 8b:f5:ed:32:c2:aa:a8:ee:65:25:a5:13:1d:8d:4d:be:c5:6b: da:ea:22:b3:2d:aa:42:3a:f6:af:51:7d:81:e6:45:38:da:a7: 79:4d:c5:ea:10:d6:05:f5:2b:00:99:c3:d9:0b:1e:ea:43:b1: 5d:3d:2d:fc:a9:89:4a:63:1d:60:aa:68:8c:e0:e7:8f:14:bf: d7:9d:f9:ab:cb:34:bf:94:ce:a2:20:61:97:7f:c6:22:c2:fb: 51:98:c7:fa:bb:0a:9b:1e:24:0d:40:90:f9:62:a6:c2:f2:45: 7c:c1:54:d1:16:3d:36:73:2f:dc:12:71:32:fd:91:b5:33:fb: ef:79:d6:50:76:91:01:5f:d8:ba:5d:fa:52:28:86:1c:2c:45: e9:9e:4d:63:d8:25:33:0f:86:0d:7a:2a:54:b8:9b:5e:20:bb: 9a:52:ca:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWomQREOATnTTolAyu/WkZuNXyw4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MzAxNloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAOTU4NTg4N2FkZTc5NWQ2ODVlNmQ0 MGVhM2ViZDI0ZWYwMjI0NzA1ZmQ1MTgxM2IwNmU4Yzg5M2QyMDg0OTY0ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHYZO8oAiok5aBJpsNEnW6zEzBvm qrp2PMN05MXS4jGsLkKbYfly3ZjeZhROPBLw8HSgWfkHj+cCmWlrF0IwQUMY2PwQ g+9Tc3lLTI+wckDdAw7munzIegzOU9m65iCwnEY53/+BI2BwzEWTn9axgitp3l9L FZgJL8vuA/RrX4dIS2HE/Idxj8gk/24ijHr7J9uVgoQjB8GFKiUlVpEp3cseC/Bw iK7USDU5arRh8eoTJOQpDfHbkpNZQzDadSSDcUWI2A4iKdjo5vyXEBfQkpxMPlhR pznqQEtN1YenRMbhkD8e0v4MJwpi17V+02twviunaTjE0MN8/a+gkORvzwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA5f3/kgTB/tol5oMjGqAqHho7QxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0Y2Q1ZWQ0LTNiMzUtNGQ5MC04ZTQ0LWQ3MmQyMTlkYzEyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMmAwDQYJKoZIhvcNAQELBQADggEBABqyko1lOem1WN1LNCA/ AYiQ/3H5TeCzdb7dnpgrLlcBC0JPkg2380xCkzwN73kmrJqZF+9p424rTBLFSJKJ KGGjwLd9ZoxzGlZO+nXDL8vpCgmjp3N9D6c1pYv17TLCqqjuZSWlEx2NTb7Fa9rq IrMtqkI69q9RfYHmRTjap3lNxeoQ1gX1KwCZw9kLHupDsV09LfypiUpjHWCqaIzg 548Uv9ed+avLNL+UzqIgYZd/xiLC+1GYx/q7CpseJA1AkPlipsLyRXzBVNEWPTZz L9wScTL9kbUz++951lB2kQFf2Lpd+lIohhwsRemeTWPYJTMPhg16KlS4m14gu5pS yvU= -----END CERTIFICATE-----Generated at Sat Jun 14 06:33:22 2025 by rpki-client