$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/379ac177-341a-40e4-b3e8-d66876068de1.roa File: 379ac177-341a-40e4-b3e8-d66876068de1.roa (raw, json) Hash identifier: GL1jFuidKw16ESMHTd8iqqDen0Q5jwq5/G6fMLctFQw= Subject key identifier: 12:54:8E:96:25:78:92:5F:29:0A:98:DE:93:8A:24:CC:7F:90:D9:44 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60EBB4D26522B4C0E28B23999DFA59347E5E82A2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/379ac177-341a-40e4-b3e8-d66876068de1.roa Signing time: Tue 10 Jun 2025 00:10:58 +0000 ROA not before: Tue 10 Jun 2025 00:10:58 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:c880::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:eb:b4:d2:65:22:b4:c0:e2:8b:23:99:9d:fa:59:34:7e:5e:82:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:10:58 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=c0d9c5556b6182efe1fb735356f07e45f858d16a0ae03b9b41a2fa01a271d74b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:28:f2:50:3b:d1:b2:0d:67:42:60:af:2c:35: 99:43:17:ed:2d:f2:56:2e:d0:50:4a:6d:c2:1c:5b: a1:c5:52:e6:a4:9c:19:f1:68:99:11:a6:dd:7f:c2: db:80:59:79:36:ed:a6:4c:a0:53:1b:a5:72:d4:3f: 0f:2c:48:c0:80:49:13:de:1a:14:47:df:86:c6:1e: b8:8c:f5:8c:08:aa:97:99:16:d6:14:92:3a:74:5a: d7:7f:41:b5:66:11:2e:b3:3f:04:86:ef:ac:4e:84: 61:e5:5e:92:26:08:ac:17:66:44:c2:2d:f4:93:40: 77:4c:13:0a:19:81:2e:ab:58:6b:20:07:32:c6:a1: 5f:81:fa:b1:fc:83:bf:29:25:5b:fa:07:39:c1:8c: ca:c3:8c:ef:5d:cf:5d:66:8c:84:60:30:26:e1:60: b3:73:cd:c8:8c:bb:04:21:ae:b6:33:26:2b:57:cf: 07:28:9c:9b:2e:eb:22:0f:97:8c:c5:f1:c2:04:20: 7f:87:8c:d7:bb:85:2b:4d:bb:85:c1:4f:01:7e:f8: 12:bc:2a:04:8c:b3:2c:d8:51:59:0a:b2:29:a5:a8: cc:7e:f0:d9:ac:4c:fb:49:d6:a7:1f:dc:fc:3e:7c: ce:db:cf:93:32:3f:84:7f:c3:a4:83:98:f8:87:4e: 34:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:54:8E:96:25:78:92:5F:29:0A:98:DE:93:8A:24:CC:7F:90:D9:44 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/379ac177-341a-40e4-b3e8-d66876068de1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:c880::/46 Signature Algorithm: sha256WithRSAEncryption 63:a3:35:91:b4:6f:75:c8:dc:87:de:8d:43:76:d6:40:62:1c: e8:41:0e:64:54:2f:a0:80:8a:05:46:d6:1a:2b:bf:5d:3a:29: 87:55:64:a5:15:7b:92:a5:2f:01:1d:88:d2:84:be:67:a4:ad: ff:a6:cc:43:67:a1:37:e1:4a:8a:ad:3b:98:a3:2f:4f:2a:67: 00:0c:69:42:95:d9:06:33:c7:86:29:01:c2:05:3a:ad:54:c6: d1:ab:ff:3d:b8:a5:fa:96:d1:ed:11:8a:86:21:4e:6c:25:cd: 37:20:ef:9f:e6:13:01:e3:0f:68:4b:c8:4b:90:d9:91:5b:42: 13:ca:f5:04:21:0d:ba:79:ed:b8:65:55:4b:29:0e:2c:ae:c6: b1:38:40:d0:99:5d:70:a0:c6:c7:0c:ea:d8:3a:60:2a:3b:ba: 54:89:2f:47:07:4a:3b:2d:d5:92:24:16:08:dc:43:56:79:d2: eb:08:72:ae:6a:18:ed:8d:41:73:6b:af:a3:ec:92:ee:d1:77: 26:38:04:d4:2c:7c:6c:78:3b:56:c4:ad:0a:d9:06:87:c0:c3: 10:c3:87:75:03:83:9b:dc:ae:8d:f7:5b:f9:36:42:0b:54:56: a0:25:53:1f:f8:40:ef:1a:55:34:85:57:b6:ab:87:39:f8:96: 98:9c:d3:53 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYOu00mUitMDiiyOZnfpZNH5egqIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMTA1OFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAYzBkOWM1NTU2YjYxODJlZmUxZmI3 MzUzNTZmMDdlNDVmODU4ZDE2YTBhZTAzYjliNDFhMmZhMDFhMjcxZDc0YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryjyUDvRsg1nQmCvLDWZQxftLfJW LtBQSm3CHFuhxVLmpJwZ8WiZEabdf8LbgFl5Nu2mTKBTG6Vy1D8PLEjAgEkT3hoU R9+Gxh64jPWMCKqXmRbWFJI6dFrXf0G1ZhEusz8Ehu+sToRh5V6SJgisF2ZEwi30 k0B3TBMKGYEuq1hrIAcyxqFfgfqx/IO/KSVb+gc5wYzKw4zvXc9dZoyEYDAm4WCz c83IjLsEIa62MyYrV88HKJybLusiD5eMxfHCBCB/h4zXu4UrTbuFwU8BfvgSvCoE jLMs2FFZCrIppajMfvDZrEz7SdanH9z8PnzO28+TMj+Ef8Okg5j4h040xQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBJUjpYleJJfKQqY3pOKJMx/kNlEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM3OWFjMTc3LTM0MWEtNDBlNC1iM2U4LWQ2Njg3NjA2OGRlMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+8iAMA0GCSqGSIb3DQEBCwUAA4IBAQBjozWRtG91yNyH3o1D dtZAYhzoQQ5kVC+ggIoFRtYaK79dOimHVWSlFXuSpS8BHYjShL5npK3/psxDZ6E3 4UqKrTuYoy9PKmcADGlCldkGM8eGKQHCBTqtVMbRq/89uKX6ltHtEYqGIU5sJc03 IO+f5hMB4w9oS8hLkNmRW0ITyvUEIQ26ee24ZVVLKQ4srsaxOEDQmV1woMbHDOrY OmAqO7pUiS9HB0o7LdWSJBYI3ENWedLrCHKuahjtjUFza6+j7JLu0XcmOATULHxs eDtWxK0K2QaHwMMQw4d1A4Ob3K6N91v5NkILVFagJVMf+EDvGlU0hVe2q4c5+JaY nNNT -----END CERTIFICATE-----Generated at Sat Jun 14 06:21:10 2025 by rpki-client