$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa File: 2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa (raw, json) Hash identifier: TOlgZZ5z5tAFUhL4k8NAElLcNa4Ihg7vwzH2yRV3jLM= Subject key identifier: 4C:5F:85:0C:3F:63:E6:77:B6:B5:3F:C1:A5:AE:7D:59:A5:47:47:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 431910E986C7EA2BDBF781F66CA37DA428BBC93E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa Signing time: Wed 04 Jun 2025 00:00:03 +0000 ROA not before: Wed 04 Jun 2025 00:00:03 +0000 ROA not after: Wed 09 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:19:10:e9:86:c7:ea:2b:db:f7:81:f6:6c:a3:7d:a4:28:bb:c9:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 4 00:00:03 2025 GMT Not After : Jul 9 23:59:59 2025 GMT Subject: serialNumber=7bf0962a252dd3353a72d5728d8749712ed7a50900052acb4d462a8649356546, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:5a:bd:f1:15:e7:f3:b8:bb:e4:6b:1f:f1:95: 65:f7:b6:1b:8c:a3:ae:f1:9c:b2:0c:4a:4a:d4:8c: 2e:75:7a:75:1e:12:26:45:02:56:e2:6a:7b:42:e3: 70:7a:c8:0b:0c:5d:c0:48:72:2a:a5:c6:e6:0e:5c: ef:49:d9:c7:92:1d:c8:5c:66:13:7c:8c:af:af:0b: 3a:65:0b:a6:d7:ec:29:b5:7f:9d:77:f2:12:85:fb: d3:2e:75:45:ff:30:69:27:b7:82:e1:cc:b3:30:8f: 99:cf:ee:50:5c:59:01:a4:b4:5b:4c:ad:4b:42:6e: a6:bb:f3:d1:22:ce:21:5d:45:c9:d0:35:e7:f7:f3: 00:ad:cd:33:21:05:e5:a3:b6:ce:86:91:40:ee:f3: 36:2d:1c:e1:f8:36:1d:17:a8:f3:c7:a0:91:ac:aa: 65:96:3b:8e:6d:d9:9c:83:5f:00:48:7e:53:f4:7d: 86:78:b3:40:15:06:b7:9a:d1:7f:d8:ff:2a:b4:92: 49:9c:96:75:09:c5:97:e3:94:fc:de:68:47:fa:58: 10:b5:80:35:4f:61:ef:27:21:15:c0:f0:e9:60:fa: 0d:48:a3:17:45:e8:3e:60:cd:97:6b:95:8c:b6:95: ef:9f:ea:8a:6f:04:d3:58:cd:3e:25:6e:75:ca:dd: a4:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:5F:85:0C:3F:63:E6:77:B6:B5:3F:C1:A5:AE:7D:59:A5:47:47:B7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:2000::/40 Signature Algorithm: sha256WithRSAEncryption 42:06:dd:c8:fa:b0:4a:37:ab:5f:76:71:05:b3:70:1b:cb:87: 33:96:1b:7d:bc:87:c9:ed:6a:3c:44:a9:5f:51:be:39:03:53: 4f:7a:19:c1:aa:41:9e:68:83:18:63:11:bc:70:3e:ef:a8:31: c0:d1:9d:3f:9a:6b:0c:0f:7c:c4:86:a1:cd:97:96:00:7e:08: 42:6d:02:e6:83:6e:89:ae:54:ee:5b:6e:13:7c:d6:eb:91:35: 76:ff:34:33:ae:03:9e:fe:9a:76:30:65:ab:fa:6d:75:bc:6c: 03:4d:70:57:4c:77:9b:04:8b:9e:8c:d2:a6:62:79:62:2b:07: 18:66:9c:d3:80:a4:85:e2:46:cd:38:ea:7f:63:e8:83:b2:38: fd:fc:6f:78:49:55:f1:1a:5d:ca:e7:e2:3a:91:15:e5:65:b5: fa:b7:1f:dd:0c:1f:1e:fa:30:17:6b:d8:0f:9c:91:ff:4d:2e: 11:07:12:87:16:f0:6c:e5:39:37:a7:c3:17:7f:99:fe:f8:3e: a3:7d:15:e6:26:39:73:e4:51:63:ab:bf:44:33:bd:8c:44:46: c4:eb:99:08:df:b2:ae:89:f5:2f:1b:83:6a:e8:eb:9c:74:ee: 0d:e6:3b:f2:63:50:a1:0c:73:a8:08:d9:72:d1:99:5e:9a:b8: b9:01:04:e8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQxkQ6YbH6ivb94H2bKN9pCi7yT4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNDAwMDAwM1oX DTI1MDcwOTIzNTk1OVowejFJMEcGA1UEBRNAN2JmMDk2MmEyNTJkZDMzNTNhNzJk NTcyOGQ4NzQ5NzEyZWQ3YTUwOTAwMDUyYWNiNGQ0NjJhODY0OTM1NjU0NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1q98RXn87i75Gsf8ZVl97YbjKOu 8ZyyDEpK1IwudXp1HhImRQJW4mp7QuNwesgLDF3ASHIqpcbmDlzvSdnHkh3IXGYT fIyvrws6ZQum1+wptX+dd/IShfvTLnVF/zBpJ7eC4cyzMI+Zz+5QXFkBpLRbTK1L Qm6mu/PRIs4hXUXJ0DXn9/MArc0zIQXlo7bOhpFA7vM2LRzh+DYdF6jzx6CRrKpl ljuObdmcg18ASH5T9H2GeLNAFQa3mtF/2P8qtJJJnJZ1CcWX45T83mhH+lgQtYA1 T2HvJyEVwPDpYPoNSKMXReg+YM2Xa5WMtpXvn+qKbwTTWM0+JW51yt2k0wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFExfhQw/Y+Z3trU/waWufVmlR0e3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkYmY4ZDYwLWY3ZTYtNDA0OS04ZTQ1LTljMDUxN2U1MDQ1ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYCAwDQYJKoZIhvcNAQELBQADggEBAEIG3cj6sEo3q192cQWz cBvLhzOWG328h8ntajxEqV9RvjkDU096GcGqQZ5ogxhjEbxwPu+oMcDRnT+aawwP fMSGoc2XlgB+CEJtAuaDbomuVO5bbhN81uuRNXb/NDOuA57+mnYwZav6bXW8bANN cFdMd5sEi56M0qZieWIrBxhmnNOApIXiRs046n9j6IOyOP38b3hJVfEaXcrn4jqR FeVltfq3H90MHx76MBdr2A+ckf9NLhEHEocW8GzlOTenwxd/mf74PqN9FeYmOXPk UWOrv0QzvYxERsTrmQjfsq6J9S8bg2ro65x07g3mO/JjUKEMc6gI2XLRmV6auLkB BOg= -----END CERTIFICATE-----Generated at Sat Jun 14 06:21:11 2025 by rpki-client