$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa File: 388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa (raw, json) Hash identifier: adfxwZN8Q0k6TTksg/3tPfK/CzVYkmXncy5g/B0mBpo= Subject key identifier: E7:C2:BB:58:53:A1:F5:89:8D:8E:B0:CC:F6:32:D6:81:6A:61:16:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 64401EB9305091454FAD5BE8A36B32BE7E4C3C42 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa Signing time: Sat 07 Jun 2025 00:00:19 +0000 ROA not before: Sat 07 Jun 2025 00:00:19 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:40:1e:b9:30:50:91:45:4f:ad:5b:e8:a3:6b:32:be:7e:4c:3c:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:00:19 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=0932f8971a20f2c9ad081723daa5b1c5d4375847be772102e5612808dabbcfc1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:22:bb:f1:8f:cc:17:2a:88:b2:cd:e0:72:8e: 1e:26:99:9f:0b:94:99:b6:69:c2:34:0e:c1:fc:ab: 58:e6:02:fa:15:6c:26:1e:72:b4:64:51:ca:7c:48: d5:28:88:08:21:5b:21:e7:2d:ca:ed:35:fe:74:b6: 96:c8:a3:7c:b0:4f:09:b8:ed:0c:2a:33:7b:b9:24: 5e:a3:27:64:06:34:32:2b:37:52:48:a8:05:43:2b: ef:df:7e:1b:e6:50:43:6d:9c:af:ed:7b:a0:c5:88: 32:17:8b:92:3b:11:77:ed:03:77:9f:8e:9d:01:51: 9e:a7:23:7a:6e:20:bc:a7:3f:29:62:09:13:ef:d5: 7d:70:64:5c:dc:27:ae:e1:02:e9:cd:6f:5b:ea:51: 4d:3f:22:52:84:f6:d5:50:f7:12:8c:6b:d0:e2:da: 44:14:8f:e3:cb:39:32:e8:b5:8e:39:20:15:fd:03: 89:27:f0:6b:df:44:24:a3:b7:21:50:ae:94:85:f2: 50:be:94:a8:87:f8:01:ae:30:c3:1d:de:47:4c:6f: b3:83:69:8c:2e:0e:22:d6:3c:d4:a8:81:1a:13:7a: 41:c6:d2:a2:3d:e1:ff:08:55:c5:c5:98:f7:d2:31: 9b:2d:1b:6c:11:81:68:83:19:ee:87:9b:08:37:52: db:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:C2:BB:58:53:A1:F5:89:8D:8E:B0:CC:F6:32:D6:81:6A:61:16:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:880::/48 Signature Algorithm: sha256WithRSAEncryption 91:b0:a9:32:89:03:a3:8b:0e:05:04:0a:98:3d:76:6c:76:e2: ac:5b:25:fc:bf:9f:5c:cd:29:de:ea:a9:c7:be:ea:4f:3d:f5: b9:fa:75:43:3a:7b:45:1c:32:f0:92:9c:f4:ee:a7:63:ee:cc: 97:78:1c:db:61:d6:9f:95:60:a2:22:1e:35:52:11:6f:d5:f0: f8:77:b7:a1:8e:fb:ab:99:fe:ff:45:0d:27:81:95:a7:5c:c6: 89:06:29:3a:77:a5:ba:df:92:2f:a2:43:53:c1:a1:90:69:75: 5a:9e:05:ed:b5:46:65:0b:8f:a9:0b:35:60:e9:39:03:fe:80: c1:38:11:fb:e5:ae:3e:98:18:32:49:33:4f:01:bc:9e:61:b9: 72:dd:b7:c9:ff:bf:fa:00:df:f7:0c:98:11:d5:8a:d6:f7:a8: 9d:3e:b6:9e:bc:67:49:28:87:78:f7:8f:62:0e:32:13:7b:d8: 68:40:8b:8f:b6:db:16:f9:d0:e4:f7:ec:df:4a:2e:d2:14:87: d6:76:9b:4e:9e:2b:74:ae:8d:c2:e0:17:b9:d1:7e:02:24:66: 10:85:b1:a7:2e:89:bb:02:88:b5:56:eb:3e:59:96:75:b6:89: 8c:17:59:02:d7:ab:01:95:7d:d4:d4:21:bc:01:ed:b3:90:0f: d4:77:79:82 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZEAeuTBQkUVPrVvoo2syvn5MPEIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMDAxOVoX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAMDkzMmY4OTcxYTIwZjJjOWFkMDgx NzIzZGFhNWIxYzVkNDM3NTg0N2JlNzcyMTAyZTU2MTI4MDhkYWJiY2ZjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSK78Y/MFyqIss3gco4eJpmfC5SZ tmnCNA7B/KtY5gL6FWwmHnK0ZFHKfEjVKIgIIVsh5y3K7TX+dLaWyKN8sE8JuO0M KjN7uSReoydkBjQyKzdSSKgFQyvv334b5lBDbZyv7XugxYgyF4uSOxF37QN3n46d AVGepyN6biC8pz8pYgkT79V9cGRc3Ceu4QLpzW9b6lFNPyJShPbVUPcSjGvQ4tpE FI/jyzky6LWOOSAV/QOJJ/Br30Qko7chUK6UhfJQvpSoh/gBrjDDHd5HTG+zg2mM Lg4i1jzUqIEaE3pBxtKiPeH/CFXFxZj30jGbLRtsEYFogxnuh5sIN1Lb/wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOfCu1hTofWJjY6wzPYy1oFqYRbvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4OGNiZDg5LTRjOGUtNGQ2Ny05OWUyLWRkNTNiNmI3ZDJjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAAiAMA0GCSqGSIb3DQEBCwUAA4IBAQCRsKkyiQOjiw4FBAqY PXZsduKsWyX8v59czSne6qnHvupPPfW5+nVDOntFHDLwkpz07qdj7syXeBzbYdaf lWCiIh41UhFv1fD4d7ehjvurmf7/RQ0ngZWnXMaJBik6d6W635IvokNTwaGQaXVa ngXttUZlC4+pCzVg6TkD/oDBOBH75a4+mBgySTNPAbyeYbly3bfJ/7/6AN/3DJgR 1YrW96idPraevGdJKId4949iDjITe9hoQIuPttsW+dDk9+zfSi7SFIfWdptOnit0 ro3C4Be50X4CJGYQhbGnLom7Aoi1Vus+WZZ1tomMF1kC16sBlX3U1CG8Ae2zkA/U d3mC -----END CERTIFICATE-----Generated at Sat Jun 14 05:59:57 2025 by rpki-client