$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa File: 35c40aab-f83d-41b2-947a-e29a7ed6818f.roa (raw, json) Hash identifier: AeomW8WeauZ/j+vHfw+uLg4+xiqHpfFYzjr5nvp+nI8= Subject key identifier: F9:3E:0E:13:5E:02:06:AA:8B:BA:39:89:D0:26:19:82:39:59:1F:D7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 01CE2ECEB8FCBB135FF78781563659FE8B513B69 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa Signing time: Fri 13 Jun 2025 00:00:04 +0000 ROA not before: Fri 13 Jun 2025 00:00:04 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:ce:2e:ce:b8:fc:bb:13:5f:f7:87:81:56:36:59:fe:8b:51:3b:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:00:04 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=c96a33c47c5b21af03c51412ed07ebbe2d00186872d65444ead05d5c4f2f74ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:85:3a:90:4c:3e:4d:26:23:e3:2b:51:2e:75: e8:93:e6:8a:cb:6f:ac:47:18:47:df:f2:20:30:54: bb:30:6f:ba:43:22:3d:fc:d2:d3:b2:f4:11:e0:45: b5:ae:c8:00:7f:56:54:ec:fa:d2:00:77:0e:54:83: 87:bc:9c:5d:73:10:12:9f:b2:e7:cd:40:bb:20:67: 21:16:84:32:ed:8e:cc:42:d4:2a:97:a0:b9:15:9d: 90:dc:d0:d6:f1:e1:17:6a:f1:9c:04:43:d1:24:20: c0:08:76:fd:b5:92:20:d0:d2:00:a9:85:84:17:09: 11:97:1f:81:b4:38:f7:3a:2b:5c:14:35:b4:d7:35: 28:b2:34:93:1e:0f:7e:f5:fe:f2:50:1f:c2:c6:2e: 9c:c9:5b:75:dd:64:46:ae:45:ed:24:29:d9:c3:dc: 67:21:be:af:90:07:6d:e1:70:af:8b:16:34:a6:4d: cf:5d:03:16:b1:2e:74:11:3a:97:13:ba:98:80:57: 89:81:5d:c7:2f:7d:35:5a:86:51:fa:f9:e8:a0:9c: df:a0:d3:83:c2:ee:4d:b4:dd:12:d9:d1:cb:1b:5f: e6:ae:f1:8c:35:c3:c0:6a:1c:b8:ec:f0:18:0f:00: fd:71:31:2c:fc:50:99:cf:71:fe:60:37:4a:1f:5c: 82:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:3E:0E:13:5E:02:06:AA:8B:BA:39:89:D0:26:19:82:39:59:1F:D7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8::/32 Signature Algorithm: sha256WithRSAEncryption ae:ae:70:9f:7b:b9:e6:3e:05:b6:1b:9e:d0:e9:f8:46:ab:19: 18:3a:53:17:b5:46:a4:f3:7c:39:e4:66:95:2a:f6:1a:f4:f0: da:a1:a8:08:7a:7c:98:52:92:53:1f:a9:28:8e:04:82:6c:d0: e6:7c:74:f8:1a:40:08:e9:fd:6b:04:02:1f:e7:5a:f5:4b:96: 40:e8:bf:e2:02:2b:90:87:8a:29:02:80:eb:fc:a1:3c:d9:63: de:e5:25:b5:29:a8:6a:81:f1:ef:25:5b:78:cb:d6:59:f1:d5: 9e:71:99:c2:5e:58:c9:ee:98:6d:15:50:36:60:27:d5:bd:0c: 82:82:83:90:81:41:4d:05:59:24:ff:de:54:60:d4:2b:59:9e: 89:69:fa:0c:f6:58:f0:ee:cc:7f:67:7e:10:4e:1c:a1:b1:f8: 0a:eb:6d:8f:28:f2:01:7c:ec:12:ff:69:70:e4:a3:90:7b:e9: b9:fb:dd:a9:7f:67:3b:fc:e7:64:e5:1f:02:5a:16:20:88:a2: 61:9a:b6:98:07:72:e5:07:34:8d:54:a7:f8:6a:6e:78:f9:a9: d3:08:95:74:27:7f:c7:d3:68:7e:f7:18:61:92:38:1c:6e:c4: e6:67:28:f1:3f:5f:56:bf:2d:3a:6f:fa:24:5f:28:f0:cc:dd: e2:3b:60:19 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUAc4uzrj8uxNf94eBVjZZ/otRO2kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDAwNFoX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAYzk2YTMzYzQ3YzViMjFhZjAzYzUx NDEyZWQwN2ViYmUyZDAwMTg2ODcyZDY1NDQ0ZWFkMDVkNWM0ZjJmNzRhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoU6kEw+TSYj4ytRLnXok+aKy2+s RxhH3/IgMFS7MG+6QyI9/NLTsvQR4EW1rsgAf1ZU7PrSAHcOVIOHvJxdcxASn7Ln zUC7IGchFoQy7Y7MQtQql6C5FZ2Q3NDW8eEXavGcBEPRJCDACHb9tZIg0NIAqYWE FwkRlx+BtDj3OitcFDW01zUosjSTHg9+9f7yUB/Cxi6cyVt13WRGrkXtJCnZw9xn Ib6vkAdt4XCvixY0pk3PXQMWsS50ETqXE7qYgFeJgV3HL301WoZR+vnooJzfoNOD wu5NtN0S2dHLG1/mrvGMNcPAahy47PAYDwD9cTEs/FCZz3H+YDdKH1yClwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFPk+DhNeAgaqi7o5idAmGYI5WR/XMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM1YzQwYWFiLWY4M2QtNDFiMi05NDdhLWUyOWE3ZWQ2ODE4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbauDANBgkqhkiG9w0BAQsFAAOCAQEArq5wn3u55j4Fthue0On4 RqsZGDpTF7VGpPN8OeRmlSr2GvTw2qGoCHp8mFKSUx+pKI4EgmzQ5nx0+BpACOn9 awQCH+da9UuWQOi/4gIrkIeKKQKA6/yhPNlj3uUltSmoaoHx7yVbeMvWWfHVnnGZ wl5Yye6YbRVQNmAn1b0MgoKDkIFBTQVZJP/eVGDUK1meiWn6DPZY8O7Mf2d+EE4c obH4CuttjyjyAXzsEv9pcOSjkHvpufvdqX9nO/znZOUfAloWIIiiYZq2mAdy5Qc0 jVSn+GpuePmp0wiVdCd/x9NofvcYYZI4HG7E5mco8T9fVr8tOm/6JF8o8Mzd4jtg GQ== -----END CERTIFICATE-----Generated at Sat Jun 14 05:52:50 2025 by rpki-client