$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa File: 2b4adb97-a33f-485c-865b-badaa1f9c897.roa (raw, json) Hash identifier: VLAL4W+EON451LEtVMPfM+0YOZQyLbQod18nauBJJm4= Subject key identifier: 7A:34:AC:87:B1:79:BF:80:AC:2D:01:C8:A7:2C:26:AE:AC:29:FE:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 14E4896B10F8B64BBBFEECF896B1D3608E4A29E4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa Signing time: Tue 10 Jun 2025 00:21:21 +0000 ROA not before: Tue 10 Jun 2025 00:21:21 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:e4:89:6b:10:f8:b6:4b:bb:fe:ec:f8:96:b1:d3:60:8e:4a:29:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:21:21 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=4f56a496362377a4181947d4c708d41f796597c25101a4113d9db65b416a8bd9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:3f:66:31:1b:96:37:19:8a:09:c1:ae:c9:8f: fd:62:e9:47:9a:56:4a:d8:35:a7:a6:2e:34:8f:34: 51:60:70:5a:0a:fc:f1:ff:b1:21:db:e4:54:c1:68: 81:c6:74:d2:e4:93:f2:10:49:89:66:8e:c0:86:f1: 14:b2:dd:7d:3b:7f:dc:b8:ec:74:14:b1:3c:ca:1a: 30:59:0d:d5:cd:04:cb:56:17:ca:9e:80:3a:16:f8: 84:1a:8c:55:a3:b7:3c:ee:cd:6f:2f:d5:7a:76:61: 61:0b:22:5b:31:c7:c0:aa:da:26:d6:bf:b8:67:75: 09:a7:87:56:e3:75:9c:1d:a2:45:ac:5c:fd:3b:0d: f5:7f:d0:8c:e8:93:f7:7f:50:53:60:5d:e2:46:da: 90:70:78:7d:70:11:8e:c2:4f:0e:79:7e:c6:65:1b: a9:96:fa:1e:47:fb:89:b6:68:ca:2a:35:e8:48:c2: a9:b5:f0:24:17:e8:20:c2:d9:8d:0c:d0:96:1b:73: 31:ad:b4:21:37:09:c8:dd:9a:76:76:7b:f7:ca:e2: 3d:49:ce:8c:51:d7:3b:ad:45:8c:71:fb:75:1e:38: a6:c9:89:69:41:ca:45:0a:0c:bc:fe:93:91:3e:0c: bf:46:b2:dc:21:da:13:3b:c6:22:1e:1b:9e:61:81: 99:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:34:AC:87:B1:79:BF:80:AC:2D:01:C8:A7:2C:26:AE:AC:29:FE:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:b000::/40 Signature Algorithm: sha256WithRSAEncryption 46:54:b9:ad:09:cb:01:ac:02:5f:31:94:c1:71:af:e5:5e:f2: 59:06:e8:5d:79:4c:2f:d9:4e:9b:f8:f9:00:01:5d:9b:e9:ad: 8a:c2:4e:77:68:ff:16:ba:9e:7c:8b:9b:6b:0f:ca:0c:08:90: 26:69:fb:64:21:62:55:ca:fa:c0:76:67:a9:54:12:8e:48:68: 02:dc:6b:9b:23:0d:a5:f3:83:d9:7d:0b:de:10:94:69:09:20: e4:c7:97:ae:f2:3a:b0:b7:58:d3:c5:87:bf:04:b1:48:c3:bd: 4e:59:ce:d4:2f:62:cc:d7:5f:3d:2b:df:bf:4d:67:2c:e3:86: ee:ca:7f:65:cd:8e:aa:2b:e0:41:2f:90:41:fc:05:67:1b:91: 9d:68:95:79:c0:1c:8b:d7:fa:8f:82:b0:74:85:64:30:81:62: 72:12:95:1d:e7:c1:84:a5:55:11:05:68:0c:ba:c4:eb:46:b9: cc:65:28:ab:cb:f3:38:49:45:e9:d4:68:2a:47:56:9d:1b:6b: ac:a3:e9:19:fc:6c:a7:37:f4:f1:6e:7b:0a:ef:65:80:d3:0c: 4e:4d:5d:bf:71:30:99:46:99:7f:40:c0:12:27:5d:d5:db:ca: 8d:8c:71:c0:44:3d:18:46:ca:31:9d:3f:25:78:e3:c8:d5:32: c7:76:e2:ce -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFOSJaxD4tku7/uz4lrHTYI5KKeQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMjEyMVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANGY1NmE0OTYzNjIzNzdhNDE4MTk0 N2Q0YzcwOGQ0MWY3OTY1OTdjMjUxMDFhNDExM2Q5ZGI2NWI0MTZhOGJkOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD9mMRuWNxmKCcGuyY/9YulHmlZK 2DWnpi40jzRRYHBaCvzx/7Eh2+RUwWiBxnTS5JPyEEmJZo7AhvEUst19O3/cuOx0 FLE8yhowWQ3VzQTLVhfKnoA6FviEGoxVo7c87s1vL9V6dmFhCyJbMcfAqtom1r+4 Z3UJp4dW43WcHaJFrFz9Ow31f9CM6JP3f1BTYF3iRtqQcHh9cBGOwk8OeX7GZRup lvoeR/uJtmjKKjXoSMKptfAkF+ggwtmNDNCWG3MxrbQhNwnI3Zp2dnv3yuI9Sc6M Udc7rUWMcft1HjimyYlpQcpFCgy8/pORPgy/RrLcIdoTO8YiHhueYYGZFwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHo0rIexeb+ArC0ByKcsJq6sKf4YMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiNGFkYjk3LWEzM2YtNDg1Yy04NjViLWJhZGFhMWY5Yzg5Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaALAwDQYJKoZIhvcNAQELBQADggEBAEZUua0JywGsAl8xlMFx r+Ve8lkG6F15TC/ZTpv4+QABXZvprYrCTndo/xa6nnyLm2sPygwIkCZp+2QhYlXK +sB2Z6lUEo5IaALca5sjDaXzg9l9C94QlGkJIOTHl67yOrC3WNPFh78EsUjDvU5Z ztQvYszXXz0r379NZyzjhu7Kf2XNjqor4EEvkEH8BWcbkZ1olXnAHIvX+o+CsHSF ZDCBYnISlR3nwYSlVREFaAy6xOtGucxlKKvL8zhJRenUaCpHVp0ba6yj6Rn8bKc3 9PFuewrvZYDTDE5NXb9xMJlGmX9AwBInXdXbyo2MccBEPRhGyjGdPyV448jVMsd2 4s4= -----END CERTIFICATE-----Generated at Sat Jun 14 05:45:36 2025 by rpki-client