$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a4b406c-5546-415b-a581-7d4fac440f72.roa File: 2a4b406c-5546-415b-a581-7d4fac440f72.roa (raw, json) Hash identifier: 80sOC4ivJPXkXDqfBKrZ6Ljw2ed7DkDusFyqiA8YZIY= Subject key identifier: 30:16:39:67:50:08:95:91:16:74:57:FF:B4:FC:30:4D:35:E1:7E:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 35FD82BBE4C4CCE8765327994F21500D87A2485F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a4b406c-5546-415b-a581-7d4fac440f72.roa Signing time: Mon 09 Jun 2025 15:01:26 +0000 ROA not before: Mon 09 Jun 2025 15:01:26 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:b080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:fd:82:bb:e4:c4:cc:e8:76:53:27:99:4f:21:50:0d:87:a2:48:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:01:26 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=178dc13c2cae8f6eb48ebd5e8a2192888bca02b0498cc36b9e1c48f25547f823, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:80:7e:2d:1a:79:e3:72:00:5d:81:a7:ff:e2: 30:13:d6:d5:15:cb:45:a1:62:44:e4:a0:af:17:ba: f8:a4:2f:a4:cb:38:9f:6a:4a:e3:de:a1:0b:35:7e: d5:a8:da:7d:b8:84:8e:a3:01:da:64:ca:69:72:e1: 80:76:47:ef:3c:93:33:af:a8:b7:fc:c2:58:d9:af: 26:25:b7:71:c7:2e:06:d1:3e:87:9f:b5:19:40:e3: bb:88:4b:ac:d3:3a:4a:f1:43:0b:b5:3e:3e:f9:22: e0:97:ea:35:e2:9a:0e:cd:43:ca:78:23:5e:e8:b4: 0b:26:fc:c5:a7:a8:2e:2a:4b:3c:57:2f:49:ff:49: 79:05:c0:71:14:3f:08:5d:28:c3:3a:98:ac:b2:0c: 57:68:4f:2e:57:22:bc:ca:f5:e4:d1:d3:2c:21:8c: 42:bb:3c:c1:25:5e:dd:16:4a:c8:d6:8c:15:84:90: e8:d1:b9:c8:e6:0d:d0:e0:f9:c4:44:c6:2e:00:dd: 79:d5:14:0d:1f:77:7d:a1:74:9f:b1:dc:82:9d:5b: 8d:e5:bd:d8:4d:af:71:41:4f:47:0b:b2:4f:92:cb: 3c:38:d2:8f:8c:dc:fa:c9:08:6e:63:ca:da:77:15: 97:bc:7f:cc:d9:d8:85:30:35:8e:b5:be:a8:36:b7: 0b:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:16:39:67:50:08:95:91:16:74:57:FF:B4:FC:30:4D:35:E1:7E:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a4b406c-5546-415b-a581-7d4fac440f72.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:b080::/48 Signature Algorithm: sha256WithRSAEncryption c1:dd:34:15:c6:14:3a:20:e1:55:f4:a0:3e:78:fb:81:24:7e: c0:c7:e4:e0:25:0e:32:2e:e6:22:82:6c:87:14:2e:2f:95:dc: 9c:d4:4e:29:7d:ad:94:e5:7f:a3:08:fe:83:96:29:b4:59:25: 88:0b:38:57:03:1a:90:b5:28:32:29:e8:33:87:45:48:26:54: 2a:8d:ec:a4:5f:5c:77:d4:10:95:64:25:c5:3d:0c:7d:e5:94: 5d:8c:1b:5e:a3:ef:84:47:c5:b7:65:2a:4f:e9:c4:99:19:8f: 34:44:f1:05:b4:97:36:3e:54:99:4e:99:77:0b:0f:cc:d4:e9: b4:ab:e6:1b:d3:d7:78:e1:ee:27:a2:41:10:26:67:18:41:d6: f2:fa:5d:33:e5:5e:36:c6:3f:1e:d6:71:c4:83:a0:b9:79:4a: 43:4e:f8:3d:07:40:37:5c:1c:1b:e0:5e:4f:c7:81:8d:c8:e2: bb:05:0a:28:24:36:82:6c:0c:21:74:48:b7:e5:e0:30:fc:27: f4:ac:cf:74:8f:54:a4:59:b0:fe:f3:74:e8:67:50:2f:c6:37: be:e3:9d:35:2e:94:98:76:f6:1a:b2:67:6a:79:14:1e:83:9e: 7f:b6:91:fd:15:f6:63:f1:74:03:a7:bf:fc:d7:b4:58:29:07: 32:8e:17:b2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNf2Cu+TEzOh2UyeZTyFQDYeiSF8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MDEyNloX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAMTc4ZGMxM2MyY2FlOGY2ZWI0OGVi ZDVlOGEyMTkyODg4YmNhMDJiMDQ5OGNjMzZiOWUxYzQ4ZjI1NTQ3ZjgyMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4B+LRp543IAXYGn/+IwE9bVFctF oWJE5KCvF7r4pC+kyzifakrj3qELNX7VqNp9uISOowHaZMppcuGAdkfvPJMzr6i3 /MJY2a8mJbdxxy4G0T6Hn7UZQOO7iEus0zpK8UMLtT4++SLgl+o14poOzUPKeCNe 6LQLJvzFp6guKks8Vy9J/0l5BcBxFD8IXSjDOpissgxXaE8uVyK8yvXk0dMsIYxC uzzBJV7dFkrI1owVhJDo0bnI5g3Q4PnERMYuAN151RQNH3d9oXSfsdyCnVuN5b3Y Ta9xQU9HC7JPkss8ONKPjNz6yQhuY8radxWXvH/M2diFMDWOtb6oNrcLBwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDAWOWdQCJWRFnRX/7T8ME014X4RMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJhNGI0MDZjLTU1NDYtNDE1Yi1hNTgxLTdkNGZhYzQ0MGY3Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/7CAMA0GCSqGSIb3DQEBCwUAA4IBAQDB3TQVxhQ6IOFV9KA+ ePuBJH7Ax+TgJQ4yLuYigmyHFC4vldyc1E4pfa2U5X+jCP6Dlim0WSWICzhXAxqQ tSgyKegzh0VIJlQqjeykX1x31BCVZCXFPQx95ZRdjBteo++ER8W3ZSpP6cSZGY80 RPEFtJc2PlSZTpl3Cw/M1Om0q+Yb09d44e4nokEQJmcYQdby+l0z5V42xj8e1nHE g6C5eUpDTvg9B0A3XBwb4F5Px4GNyOK7BQooJDaCbAwhdEi35eAw/Cf0rM90j1Sk WbD+83ToZ1Avxje+4501LpSYdvYasmdqeRQeg55/tpH9FfZj8XQDp7/817RYKQcy jhey -----END CERTIFICATE-----Generated at Sat Jun 14 06:29:20 2025 by rpki-client