$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/30b671bd-156b-4a81-a500-a0a4b031317e.roa File: 30b671bd-156b-4a81-a500-a0a4b031317e.roa (raw, json) Hash identifier: QvnVSzgqvVADqQrF34tdP1rIyhrPR7SD8bbuna45iHs= Subject key identifier: C9:B1:8C:E2:35:94:94:69:08:6D:7A:AF:6A:1C:D7:DC:88:AB:B8:42 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 16782AD01DCDD6E525A4C3E2FC0C608F2B75EE8A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/30b671bd-156b-4a81-a500-a0a4b031317e.roa Signing time: Mon 09 Jun 2025 15:20:12 +0000 ROA not before: Mon 09 Jun 2025 15:20:12 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:78:2a:d0:1d:cd:d6:e5:25:a4:c3:e2:fc:0c:60:8f:2b:75:ee:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:20:12 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=18342f2304560d82b657c5aafe9a31deef3c6a204a4b41f841cf577431c5b1e9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fb:af:51:de:32:3e:ea:9d:19:31:50:c2:47: 34:c1:32:ff:f8:50:0a:3c:ab:fb:f9:60:38:ff:36: bf:83:19:01:61:c6:b3:83:30:2a:72:31:c4:84:f4: be:94:0f:8d:72:0b:4c:52:2f:9c:78:a0:19:20:67: 3b:83:de:e1:be:b9:07:c3:d4:c3:dd:1f:9e:a1:46: 08:23:ee:08:cb:f2:07:de:0f:22:7f:61:a6:ad:b2: 23:90:2f:44:a5:a3:dc:83:b5:f0:0f:e6:97:94:97: 6e:25:17:b4:8c:ca:2c:54:6a:c3:21:f9:32:4c:da: f8:de:05:7c:d4:57:50:55:2c:59:f7:9f:52:3a:b9: 23:fc:f4:45:7d:c1:48:b3:e4:66:1a:03:54:ce:12: 27:6b:bd:e7:63:3b:97:c5:70:17:b7:ee:2c:6f:dd: fb:eb:cd:e8:f8:01:39:ef:9e:0a:6d:3b:f0:be:4b: a2:30:14:6b:30:d7:17:a0:57:46:11:2b:8d:9d:9e: d3:dc:ec:84:af:aa:ad:9d:22:c6:79:b4:c2:af:b8: 57:13:0b:f6:96:cc:20:43:3e:d7:07:0c:5d:3c:2c: ab:32:26:7e:ed:6a:76:cf:9f:c6:de:d2:10:69:c6: 7d:4a:2c:a1:1a:6e:b3:29:1c:71:e3:e6:38:72:28: 8b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:B1:8C:E2:35:94:94:69:08:6D:7A:AF:6A:1C:D7:DC:88:AB:B8:42 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/30b671bd-156b-4a81-a500-a0a4b031317e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6020::/48 Signature Algorithm: sha256WithRSAEncryption 19:35:90:ea:74:8d:b2:25:70:45:7d:3c:e7:21:2a:bd:4d:05: 9f:8f:37:9c:6e:b2:ee:b0:3f:9c:70:6a:62:c8:8c:23:f1:32: ff:a7:4a:f7:52:4d:53:1c:cb:d1:0f:67:e2:35:99:17:b7:d4: 84:2b:ac:e1:e1:ca:8c:23:5e:94:14:03:b7:87:95:c6:2e:82: 38:a4:4e:59:fa:ab:ab:8d:c7:10:6b:d3:84:05:56:9b:84:98: b6:e7:2a:2a:19:14:7b:e5:08:1f:94:ec:f2:d6:2e:eb:97:65: 02:ef:24:a6:1b:b3:7e:d3:4e:97:23:ef:a3:e6:90:7a:a1:68: 04:47:1a:8b:10:5f:0d:e1:16:6e:21:ec:d3:b4:90:46:1e:b8: e6:ea:ee:3e:28:de:96:1d:c6:30:48:36:d1:67:88:f7:b9:50: 37:80:c2:7a:84:15:1d:5f:86:79:56:ab:af:37:af:c4:ad:e7: 73:ef:a3:73:77:f6:01:49:5a:ed:58:f2:5f:8a:0f:e1:33:2c: 08:4a:8e:58:0f:78:d5:9e:84:d1:60:fb:d4:b0:53:1a:8a:89: 6e:d8:ac:f4:1b:8d:ca:42:48:bc:ac:27:0e:71:b2:7b:53:d8: 93:9f:b9:ed:69:12:99:d7:6c:95:a7:80:bb:01:6f:25:f3:41: 94:f4:a6:64 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFngq0B3N1uUlpMPi/Axgjyt17oowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MjAxMloX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAMTgzNDJmMjMwNDU2MGQ4MmI2NTdj NWFhZmU5YTMxZGVlZjNjNmEyMDRhNGI0MWY4NDFjZjU3NzQzMWM1YjFlOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvuvUd4yPuqdGTFQwkc0wTL/+FAK PKv7+WA4/za/gxkBYcazgzAqcjHEhPS+lA+NcgtMUi+ceKAZIGc7g97hvrkHw9TD 3R+eoUYII+4Iy/IH3g8if2GmrbIjkC9EpaPcg7XwD+aXlJduJRe0jMosVGrDIfky TNr43gV81FdQVSxZ959SOrkj/PRFfcFIs+RmGgNUzhIna73nYzuXxXAXt+4sb937 683o+AE5754KbTvwvkuiMBRrMNcXoFdGESuNnZ7T3OyEr6qtnSLGebTCr7hXEwv2 lswgQz7XBwxdPCyrMiZ+7Wp2z5/G3tIQacZ9SiyhGm6zKRxx4+Y4ciiLRQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMmxjOI1lJRpCG16r2oc19yIq7hCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMwYjY3MWJkLTE1NmItNGE4MS1hNTAwLWEwYTRiMDMxMzE3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGAgMA0GCSqGSIb3DQEBCwUAA4IBAQAZNZDqdI2yJXBFfTzn ISq9TQWfjzecbrLusD+ccGpiyIwj8TL/p0r3Uk1THMvRD2fiNZkXt9SEK6zh4cqM I16UFAO3h5XGLoI4pE5Z+qurjccQa9OEBVabhJi25yoqGRR75QgflOzy1i7rl2UC 7ySmG7N+006XI++j5pB6oWgERxqLEF8N4RZuIezTtJBGHrjm6u4+KN6WHcYwSDbR Z4j3uVA3gMJ6hBUdX4Z5VquvN6/Eredz76Nzd/YBSVrtWPJfig/hMywISo5YD3jV noTRYPvUsFMaiolu2Kz0G43KQki8rCcOcbJ7U9iTn7ntaRKZ12yVp4C7AW8l80GU 9KZk -----END CERTIFICATE-----Generated at Sat Jun 14 06:39:34 2025 by rpki-client