$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa File: 2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa (raw, json) Hash identifier: gKsbnigGcTwsr+hsjF/n69AEJkmgJv7CglWGyviMJtI= Subject key identifier: D8:43:74:68:38:A2:6F:03:77:DD:BC:6B:93:3B:A2:A2:D9:22:40:55 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56CCD224DB22775EEAB4DF8928F20A2CE747E4C7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa Signing time: Sat 07 Jun 2025 00:11:00 +0000 ROA not before: Sat 07 Jun 2025 00:11:00 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:cc:d2:24:db:22:77:5e:ea:b4:df:89:28:f2:0a:2c:e7:47:e4:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:11:00 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=3817e1a9226b0cb5b2f8f1d53041ffadd94b83a8ad409d6d45a8149fdc871d10, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:14:2e:09:ba:2a:ac:1d:61:60:c0:06:37:ce: d9:0d:b4:a7:48:f0:f4:1d:b1:be:8f:32:2b:26:38: f6:03:00:6f:41:cf:0f:7e:96:cf:4a:a9:af:aa:73: 70:19:f0:a5:37:58:cc:bb:62:19:da:d2:b4:f0:12: 9b:38:58:54:52:4e:ff:21:64:ed:38:bc:e6:92:ae: 38:34:0d:c0:12:e8:66:c9:9a:d4:ed:33:1e:be:47: bb:40:14:d1:81:98:81:18:92:88:9c:95:04:13:4d: 3a:78:74:c9:6d:31:4c:14:10:93:13:af:0c:04:74: 38:00:ed:74:f0:d3:9e:4a:d0:28:5c:16:a8:e6:b4: 10:39:48:c4:0c:7f:35:e1:3a:08:ed:6c:c0:41:8a: d6:07:56:6b:5e:f3:d3:db:7c:89:df:d5:e6:64:5e: 59:09:b2:3b:64:a6:89:76:6f:0f:40:03:ea:f3:e6: 58:60:12:98:d2:8f:6d:f5:50:0b:a2:0c:dd:67:e4: d8:10:c2:a0:0d:47:47:6c:6c:2a:f4:ba:d9:0f:06: 9d:67:33:fd:e2:c9:26:42:c6:8e:c3:ae:cb:02:06: 09:be:cc:51:7b:e5:cd:12:ef:2f:8e:c5:cb:6d:a4: be:2f:b4:6c:e1:04:b7:fd:8e:6d:7a:fb:43:00:7d: c1:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:43:74:68:38:A2:6F:03:77:DD:BC:6B:93:3B:A2:A2:D9:22:40:55 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9040::/48 Signature Algorithm: sha256WithRSAEncryption 67:ff:3c:7b:b9:21:8f:3b:74:c8:be:dc:a4:d7:49:2b:13:b0: 76:33:4a:2f:20:d2:10:25:13:55:02:98:98:d8:97:e8:57:2f: 21:33:7f:81:e2:68:a1:14:b3:8f:73:e5:6f:2c:e5:2e:1e:56: f6:1d:17:e7:72:54:8e:04:ce:28:58:08:e3:de:f8:50:6b:5d: 98:b3:16:2c:82:4e:dc:b8:2a:68:3e:e7:db:6d:15:36:e0:42: 7a:e6:09:0d:18:e3:39:1b:18:16:74:17:3c:1c:9e:53:3b:c8: 90:a1:76:b4:8a:14:87:5e:35:bc:e7:2e:c6:f4:81:3b:17:84: 71:90:e1:c2:e9:9b:2e:db:ac:5b:4f:d1:e4:20:87:e2:d2:26: f2:27:f9:26:92:fb:71:15:0d:ea:61:78:4d:aa:c8:c2:aa:a7: 6c:19:ed:84:e6:80:a8:26:d1:f5:3d:16:8d:d1:a8:86:3f:17: f6:a4:cd:27:1d:4f:2e:61:b7:76:e4:5f:e4:cb:1b:21:60:ca: 60:27:ae:1c:df:d0:9a:0e:de:4e:b6:1e:40:b0:d2:a8:69:ab: c3:f7:2d:c5:c7:f6:be:4b:92:d1:94:ed:f7:7b:44:b2:08:a6: b5:6d:31:33:b7:51:ea:da:59:77:eb:14:46:6c:3f:30:cf:2c: cd:0a:1c:6c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUVszSJNsid17qtN+JKPIKLOdH5McwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMTEwMFoX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAMzgxN2UxYTkyMjZiMGNiNWIyZjhm MWQ1MzA0MWZmYWRkOTRiODNhOGFkNDA5ZDZkNDVhODE0OWZkYzg3MWQxMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RQuCboqrB1hYMAGN87ZDbSnSPD0 HbG+jzIrJjj2AwBvQc8PfpbPSqmvqnNwGfClN1jMu2IZ2tK08BKbOFhUUk7/IWTt OLzmkq44NA3AEuhmyZrU7TMevke7QBTRgZiBGJKInJUEE006eHTJbTFMFBCTE68M BHQ4AO108NOeStAoXBao5rQQOUjEDH814ToI7WzAQYrWB1ZrXvPT23yJ39XmZF5Z CbI7ZKaJdm8PQAPq8+ZYYBKY0o9t9VALogzdZ+TYEMKgDUdHbGwq9LrZDwadZzP9 4skmQsaOw67LAgYJvsxRe+XNEu8vjsXLbaS+L7Rs4QS3/Y5tevtDAH3B3QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNhDdGg4om8Dd928a5M7oqLZIkBVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJjNWNkZDQ5LWU5OGItNGUzZC04YTYxLTA5NGYzODFkMmZhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAJBAMA0GCSqGSIb3DQEBCwUAA4IBAQBn/zx7uSGPO3TIvtyk 10krE7B2M0ovINIQJRNVApiY2JfoVy8hM3+B4mihFLOPc+VvLOUuHlb2HRfnclSO BM4oWAjj3vhQa12YsxYsgk7cuCpoPufbbRU24EJ65gkNGOM5GxgWdBc8HJ5TO8iQ oXa0ihSHXjW85y7G9IE7F4RxkOHC6Zsu26xbT9HkIIfi0ibyJ/kmkvtxFQ3qYXhN qsjCqqdsGe2E5oCoJtH1PRaN0aiGPxf2pM0nHU8uYbd25F/kyxshYMpgJ64c39Ca Dt5Oth5AsNKoaavD9y3Fx/a+S5LRlO33e0SyCKa1bTEzt1Hq2ll36xRGbD8wzyzN Chxs -----END CERTIFICATE-----Generated at Sat Jun 14 06:20:19 2025 by rpki-client