$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27ffe405-af5c-4562-aa96-cff0cf796a1c.roa File: 27ffe405-af5c-4562-aa96-cff0cf796a1c.roa (raw, json) Hash identifier: lekRoGIrrpCv2nUQtKrtaFfwW9uDAttZKU38QkwN2Wc= Subject key identifier: 1B:BB:81:8C:25:22:A9:34:81:A8:9A:90:F9:53:11:31:0D:27:A7:38 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6685431D0A37542ADF1CEAFF54E4022B7B9E7767 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27ffe405-af5c-4562-aa96-cff0cf796a1c.roa Signing time: Mon 09 Jun 2025 15:40:57 +0000 ROA not before: Mon 09 Jun 2025 15:40:57 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:6020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:85:43:1d:0a:37:54:2a:df:1c:ea:ff:54:e4:02:2b:7b:9e:77:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:40:57 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=a74d7c325932e71f7b9c3c4dc4925392599f88ed4bf22feec510792b32256e56, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:58:d1:11:2d:e3:e8:10:95:b9:74:cf:25:81: ea:8d:4c:bc:4a:44:1f:3c:49:4b:1f:86:5d:76:f6: e7:ed:22:0d:54:e3:89:86:8b:98:c5:1b:c3:2d:ce: 58:46:aa:8c:1a:f4:0d:65:be:b6:36:a7:80:ce:e2: 98:73:42:57:7d:5c:e8:30:22:52:31:5b:ab:ac:d4: de:9e:a3:a8:60:26:f1:77:7b:6e:e3:22:10:9e:66: f9:ff:71:5c:3e:f5:7d:2e:85:ac:07:8c:22:01:22: 12:4a:53:8a:2e:a6:f3:3a:7a:73:53:5c:a0:56:6e: 89:1f:6d:90:b1:56:70:16:ed:b4:e6:53:df:25:a4: da:43:fa:93:04:e4:4a:c2:3d:98:b7:e1:a5:e2:41: 79:e3:f1:81:3b:68:7a:79:20:82:91:57:33:14:4b: 3b:21:23:44:6d:ea:0f:b2:ac:11:08:3f:2c:df:85: a6:17:a0:70:9e:38:76:74:cc:d4:51:92:3b:ab:5c: fd:65:0d:46:b8:51:8a:a3:e4:08:bc:73:3b:60:6d: 38:a3:cd:c5:a6:5e:e0:8d:3a:51:bf:e0:df:1f:e3: 15:7f:7d:70:86:b5:7a:82:36:1d:0c:1f:63:09:2a: 7f:25:e0:3b:ae:5c:d9:d8:97:d7:89:60:76:51:ef: bc:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:BB:81:8C:25:22:A9:34:81:A8:9A:90:F9:53:11:31:0D:27:A7:38 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27ffe405-af5c-4562-aa96-cff0cf796a1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:6020::/48 Signature Algorithm: sha256WithRSAEncryption ae:37:38:38:70:e5:4d:f0:ef:91:2f:a2:d1:d9:34:ac:f3:7c: de:1f:9d:b8:75:a0:6e:9c:56:9d:38:2c:35:2c:99:77:09:5c: ff:e4:d9:71:63:ab:f7:3b:55:e5:0b:74:1e:d0:1b:1b:98:af: 21:e0:10:8b:f0:ec:21:bf:69:a0:65:da:e3:ae:b6:ff:78:60: 0e:8a:bd:7d:cf:a9:00:ce:0d:71:97:cc:42:d3:fa:38:c2:38: 84:45:86:f3:ad:61:63:a1:19:02:df:cd:bb:b8:84:89:fc:5e: 80:d6:fa:7e:d3:1f:3f:fb:60:9b:6b:f1:25:7d:cf:c1:8e:4c: 94:cf:e4:61:09:b5:fe:6c:02:c4:77:bd:61:10:54:c3:2f:02: a5:56:c7:9e:59:5b:5b:23:67:31:79:4f:ae:cb:eb:7c:33:b2: e0:6a:0a:2a:81:ea:e1:92:1b:90:c3:7e:e7:a7:28:7f:62:ca: 88:a7:84:46:c1:2c:80:ef:39:99:1e:79:69:40:af:2c:d9:61: 2e:ee:6c:10:a1:ab:ab:5c:55:ef:08:bb:0a:f7:9b:ea:79:13: a0:0a:23:61:af:c4:94:e0:a4:b9:91:93:14:94:d2:3b:ae:8b: bd:85:62:1d:92:de:2d:49:d3:c3:4e:46:e7:e0:2a:04:45:ef: cb:c4:00:b9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZoVDHQo3VCrfHOr/VOQCK3ued2cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1NDA1N1oX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAYTc0ZDdjMzI1OTMyZTcxZjdiOWMz YzRkYzQ5MjUzOTI1OTlmODhlZDRiZjIyZmVlYzUxMDc5MmIzMjI1NmU1NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnljRES3j6BCVuXTPJYHqjUy8SkQf PElLH4Zddvbn7SINVOOJhouYxRvDLc5YRqqMGvQNZb62NqeAzuKYc0JXfVzoMCJS MVurrNTenqOoYCbxd3tu4yIQnmb5/3FcPvV9LoWsB4wiASISSlOKLqbzOnpzU1yg Vm6JH22QsVZwFu205lPfJaTaQ/qTBORKwj2Yt+Gl4kF54/GBO2h6eSCCkVczFEs7 ISNEbeoPsqwRCD8s34WmF6Bwnjh2dMzUUZI7q1z9ZQ1GuFGKo+QIvHM7YG04o83F pl7gjTpRv+DfH+MVf31whrV6gjYdDB9jCSp/JeA7rlzZ2JfXiWB2Ue+88QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBu7gYwlIqk0gaiakPlTETENJ6c4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI3ZmZlNDA1LWFmNWMtNDU2Mi1hYTk2LWNmZjBjZjc5NmExYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/2AgMA0GCSqGSIb3DQEBCwUAA4IBAQCuNzg4cOVN8O+RL6LR 2TSs83zeH524daBunFadOCw1LJl3CVz/5NlxY6v3O1XlC3Qe0BsbmK8h4BCL8Owh v2mgZdrjrrb/eGAOir19z6kAzg1xl8xC0/o4wjiERYbzrWFjoRkC3827uISJ/F6A 1vp+0x8/+2Cba/Elfc/BjkyUz+RhCbX+bALEd71hEFTDLwKlVseeWVtbI2cxeU+u y+t8M7LgagoqgerhkhuQw37npyh/YsqIp4RGwSyA7zmZHnlpQK8s2WEu7mwQoaur XFXvCLsK95vqeROgCiNhr8SU4KS5kZMUlNI7rou9hWIdkt4tSdPDTkbn4CoERe/L xAC5 -----END CERTIFICATE-----Generated at Sat Jun 14 06:17:23 2025 by rpki-client