$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa File: 328cea91-878c-4f36-ad16-29b649a79487.roa (raw, json) Hash identifier: 4QsCgv6YQUIdpZCAdJ7ULCLjL518i4rbHl26JeHzgCI= Subject key identifier: 0E:83:86:6D:42:6B:97:E7:0D:E7:2B:46:8A:04:AD:5E:6B:6F:E0:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E8B722D00904E45CED8CD1294902C834CC327A1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa Signing time: Tue 10 Jun 2025 00:30:42 +0000 ROA not before: Tue 10 Jun 2025 00:30:42 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:8b:72:2d:00:90:4e:45:ce:d8:cd:12:94:90:2c:83:4c:c3:27:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:30:42 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=02ddc5cde2bd7bd561d13b6285b34fe7a722db8eea9986ee13000a9b8a00d589, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ab:50:cd:69:48:7e:29:7d:4e:fe:62:fb:03: db:95:74:07:6c:81:8d:a4:d1:4b:ad:6a:86:b8:22: 8c:fb:f1:c1:32:21:98:7a:d4:a4:09:f8:9f:d0:bb: cc:59:3d:cd:52:bf:0e:17:5b:a7:b9:0f:d6:25:f0: 8e:1f:e1:96:e4:b8:cc:e8:81:72:87:a6:87:42:2d: 10:ef:60:89:df:69:4b:59:1c:e3:9b:27:f8:fe:bd: ff:35:4d:af:cc:ed:63:eb:ee:34:af:66:f6:35:a9: 68:bf:21:b7:bd:eb:dc:00:28:9f:9e:e2:de:4f:3c: bb:f6:fb:c1:cc:e5:a0:38:e6:6c:ed:f8:3e:1a:62: 33:17:45:6c:fd:f5:41:ea:e2:c3:73:91:2e:07:86: e0:59:e7:78:32:8c:20:59:a3:64:6b:0a:26:5d:e1: 5e:bb:3a:b5:6b:4f:6e:3c:02:87:d7:82:2f:2e:75: 65:9f:0a:2a:3c:cf:90:a9:c9:a5:6b:1f:d7:cb:06: 84:c9:ad:eb:89:76:22:53:99:94:08:0b:52:88:4c: 02:cc:e9:fa:ad:32:d8:ee:c8:90:30:7e:0f:d8:91: a4:bf:28:88:bb:19:2a:a1:a5:6a:49:57:59:e2:12: 5c:94:3e:9a:b3:a3:80:d7:8f:61:6c:59:10:66:a7: 78:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:83:86:6D:42:6B:97:E7:0D:E7:2B:46:8A:04:AD:5E:6B:6F:E0:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption 2f:77:dd:6b:53:a8:1d:f2:7f:cc:34:d5:5b:f6:a1:62:e0:7f: 17:a8:0f:10:9b:14:2e:ba:ae:2e:05:f8:c3:fe:4a:d9:cd:f2: 6e:cc:3e:91:27:f2:f0:5b:63:27:ae:7d:58:4c:76:78:7c:e8: 46:35:9a:50:9a:02:9c:ef:a4:49:b5:ec:88:e1:8c:d6:23:df: 6b:3a:25:de:d1:ad:76:85:ea:90:25:d6:bc:5e:c7:95:a0:35: 57:d4:a3:6b:1e:a6:3f:49:56:32:31:c7:8d:e0:94:1f:48:83: 51:ea:92:f2:ce:36:2c:7a:83:75:8a:ba:36:66:18:0f:99:7c: 2d:f5:08:0b:7e:d2:9e:e4:c4:f0:83:22:38:09:ef:f1:9c:45: 78:b0:82:01:06:79:01:de:9e:12:b2:30:d2:24:48:27:6e:fd: a8:40:e9:9a:14:65:e8:b1:57:f9:5b:a5:77:9f:89:86:96:5b: f8:ee:cb:a7:93:ba:11:fb:c0:80:c5:a2:87:9f:e6:62:cb:b9: 19:08:c2:4b:1d:92:39:19:15:55:46:1b:91:cf:3e:bf:cb:7b: 91:be:15:dc:1c:e3:ea:85:a8:8e:94:d2:fd:99:71:32:d4:af: f8:9c:77:72:a0:f2:79:a0:3b:b5:14:b6:7e:e0:0a:29:b2:0e: 55:e0:87:bb -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHotyLQCQTkXO2M0SlJAsg0zDJ6EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMzA0MloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMDJkZGM1Y2RlMmJkN2JkNTYxZDEz YjYyODViMzRmZTdhNzIyZGI4ZWVhOTk4NmVlMTMwMDBhOWI4YTAwZDU4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKtQzWlIfil9Tv5i+wPblXQHbIGN pNFLrWqGuCKM+/HBMiGYetSkCfif0LvMWT3NUr8OF1unuQ/WJfCOH+GW5LjM6IFy h6aHQi0Q72CJ32lLWRzjmyf4/r3/NU2vzO1j6+40r2b2NalovyG3vevcACifnuLe Tzy79vvBzOWgOOZs7fg+GmIzF0Vs/fVB6uLDc5EuB4bgWed4MowgWaNkawomXeFe uzq1a09uPAKH14IvLnVlnwoqPM+Qqcmlax/XywaEya3riXYiU5mUCAtSiEwCzOn6 rTLY7siQMH4P2JGkvyiIuxkqoaVqSVdZ4hJclD6as6OA149hbFkQZqd4bwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFA6Dhm1Ca5fnDecrRooErV5rb+B0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyOGNlYTkxLTg3OGMtNGYzNi1hZDE2LTI5YjY0OWE3OTQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8jAMA0GCSqGSIb3DQEBCwUAA4IBAQAvd91rU6gd8n/MNNVb 9qFi4H8XqA8QmxQuuq4uBfjD/krZzfJuzD6RJ/LwW2Mnrn1YTHZ4fOhGNZpQmgKc 76RJteyI4YzWI99rOiXe0a12heqQJda8XseVoDVX1KNrHqY/SVYyMceN4JQfSINR 6pLyzjYseoN1iro2ZhgPmXwt9QgLftKe5MTwgyI4Ce/xnEV4sIIBBnkB3p4SsjDS JEgnbv2oQOmaFGXosVf5W6V3n4mGllv47sunk7oR+8CAxaKHn+Ziy7kZCMJLHZI5 GRVVRhuRzz6/y3uRvhXcHOPqhaiOlNL9mXEy1K/4nHdyoPJ5oDu1FLZ+4Aopsg5V 4Ie7 -----END CERTIFICATE-----Generated at Sat Jun 14 06:35:08 2025 by rpki-client