$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa File: 3aaa4e98-35e7-4700-aa65-013387f5feae.roa (raw, json) Hash identifier: oKuBNgsEiEPA5qa6JtKhg+hvKyqTLGYUAUK9Ko/yQ3U= Subject key identifier: E6:52:58:AF:7A:59:34:89:92:6D:11:4A:14:36:15:07:1C:74:2D:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 77D605C486069E2F6C8D55C6BBEBF52C72F08818 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa Signing time: Tue 10 Jun 2025 00:50:18 +0000 ROA not before: Tue 10 Jun 2025 00:50:18 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:d6:05:c4:86:06:9e:2f:6c:8d:55:c6:bb:eb:f5:2c:72:f0:88:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:50:18 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=d6628463d7e357cba5a499b5f47631444638eb67c4793eb95ebee40e3a9227d2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:ad:b0:b5:e5:82:6a:5b:84:52:a4:40:fb:c2: 7c:93:d5:ac:91:8f:81:5b:17:fd:62:ee:57:e5:65: c3:1f:04:21:7a:b9:bd:81:a0:0a:07:c8:98:3a:b4: 9d:85:bf:bb:56:dd:20:a4:7d:4d:83:31:15:43:0e: a8:d4:ef:59:01:9a:6e:9b:b6:2d:89:44:5b:36:6a: 03:9d:e7:1c:9b:6f:33:b4:6d:86:a3:17:17:3b:31: 00:55:ce:bc:12:c1:8c:f6:33:18:0b:f8:d8:f8:4a: 52:35:75:e7:7d:3e:c0:e7:ba:f5:46:c4:98:bf:0a: f7:7b:db:30:ed:68:eb:10:55:27:65:8b:a7:82:81: ce:1e:1e:62:12:83:1e:ca:b2:95:06:5f:99:23:90: f5:c6:5e:60:d6:e7:13:a9:60:21:0d:f3:93:3e:d6: 2f:94:71:8b:14:74:8a:7b:3e:99:5a:18:54:e3:74: ac:d8:b4:bb:3c:d1:67:23:39:e5:01:49:6e:d8:10: 0e:06:82:7f:05:fb:16:64:20:06:b9:10:7d:40:44: 94:af:3b:ae:44:0f:35:8d:23:db:37:9a:91:f7:68: ae:70:81:79:31:ed:86:93:f0:4d:ca:c6:6e:71:04: 9d:e7:52:21:3d:eb:f7:52:ea:12:58:91:7a:f4:7d: 87:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:52:58:AF:7A:59:34:89:92:6D:11:4A:14:36:15:07:1C:74:2D:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:b000::/40 Signature Algorithm: sha256WithRSAEncryption 0c:81:b5:51:2e:36:04:73:89:47:96:56:9e:2f:8f:17:f2:50: 8f:cd:57:e6:99:84:47:d2:01:be:4e:92:84:7f:21:3a:12:c7: 6c:c6:d4:ac:76:2c:88:d1:65:5d:ca:0a:ea:5f:55:49:e0:30: e1:f5:00:cf:20:20:32:89:8a:aa:d0:71:a3:bb:7e:b8:1d:85: c7:c6:1c:ab:9e:fd:9d:5c:a1:5a:8d:85:03:6f:71:ad:cc:f5: 50:1c:64:9b:20:1c:01:c9:32:3a:a7:6f:ff:fa:b0:b0:b1:d8: 44:da:3e:63:6b:95:2a:ec:6a:05:b7:6b:a9:24:73:0f:1a:65: c0:09:09:6c:a4:c0:64:c3:e8:c7:b9:eb:e1:61:01:0e:2d:3a: e8:85:4a:4f:82:35:83:1f:87:25:98:74:2c:94:60:a2:f2:f6: de:8a:81:1b:71:9a:c2:82:8e:64:2b:20:15:5d:44:e8:46:e2: 2a:fc:22:13:ec:f0:14:46:fb:dd:7a:bd:8a:4f:df:01:90:13: 4f:35:58:60:53:6e:cc:5a:6c:23:cd:b6:dd:49:02:4a:e7:11: 11:35:c2:82:5b:12:d7:02:ec:b7:e3:88:25:7c:16:6a:75:75: 7f:c8:13:a0:0c:97:8f:47:0a:45:3f:be:c6:e5:ed:28:e5:13: 01:ee:bd:b4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUd9YFxIYGni9sjVXGu+v1LHLwiBgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwNTAxOFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZDY2Mjg0NjNkN2UzNTdjYmE1YTQ5 OWI1ZjQ3NjMxNDQ0NjM4ZWI2N2M0NzkzZWI5NWViZWU0MGUzYTkyMjdkMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA162wteWCaluEUqRA+8J8k9WskY+B Wxf9Yu5X5WXDHwQherm9gaAKB8iYOrSdhb+7Vt0gpH1NgzEVQw6o1O9ZAZpum7Yt iURbNmoDneccm28ztG2GoxcXOzEAVc68EsGM9jMYC/jY+EpSNXXnfT7A57r1RsSY vwr3e9sw7WjrEFUnZYungoHOHh5iEoMeyrKVBl+ZI5D1xl5g1ucTqWAhDfOTPtYv lHGLFHSKez6ZWhhU43Ss2LS7PNFnIznlAUlu2BAOBoJ/BfsWZCAGuRB9QESUrzuu RA81jSPbN5qR92iucIF5Me2Gk/BNysZucQSd51IhPev3UuoSWJF69H2HIQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOZSWK96WTSJkm0RShQ2FQccdC0lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhYWE0ZTk4LTM1ZTctNDcwMC1hYTY1LTAxMzM4N2Y1ZmVhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+7AwDQYJKoZIhvcNAQELBQADggEBAAyBtVEuNgRziUeWVp4v jxfyUI/NV+aZhEfSAb5OkoR/IToSx2zG1Kx2LIjRZV3KCupfVUngMOH1AM8gIDKJ iqrQcaO7frgdhcfGHKue/Z1coVqNhQNvca3M9VAcZJsgHAHJMjqnb//6sLCx2ETa PmNrlSrsagW3a6kkcw8aZcAJCWykwGTD6Me56+FhAQ4tOuiFSk+CNYMfhyWYdCyU YKLy9t6KgRtxmsKCjmQrIBVdROhG4ir8IhPs8BRG+916vYpP3wGQE081WGBTbsxa bCPNtt1JAkrnERE1woJbEtcC7LfjiCV8Fmp1dX/IE6AMl49HCkU/vsbl7SjlEwHu vbQ= -----END CERTIFICATE-----Generated at Sat Jun 14 06:27:17 2025 by rpki-client