$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa File: 42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa (raw, json) Hash identifier: fkYk/fwTgY5Y6LIDSaA+2x4FllUe2Fy2RvpmVwpm/S0= Subject key identifier: 3B:4B:5E:DE:B6:89:1E:89:90:1B:39:2D:5E:DC:08:EA:07:3D:C8:E6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 73B550BE971CF77B43AC2A16C90B4B355D6F7C4F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa Signing time: Sat 07 Jun 2025 00:01:40 +0000 ROA not before: Sat 07 Jun 2025 00:01:40 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:b5:50:be:97:1c:f7:7b:43:ac:2a:16:c9:0b:4b:35:5d:6f:7c:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:01:40 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=db54786a45d45491424939d0137347320e6837014cc48e6366669b5f6a4f7c2e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:3d:61:e3:b1:fd:a0:eb:7a:2f:1c:70:a4:18: f0:67:4a:50:c7:91:cd:66:e0:4c:e3:28:31:65:c7: f6:5d:3a:40:43:09:bc:e0:12:50:2f:01:5b:0b:29: f1:72:95:b1:bc:53:a7:27:b9:c3:a3:34:60:89:a3: fb:24:bb:0a:5f:9d:6d:e2:97:93:c3:0d:13:e5:fb: 8c:4c:3b:69:06:8c:a1:20:41:32:ed:7d:91:ba:47: 11:f4:fb:d7:e2:a6:52:db:50:c6:01:be:43:f4:e6: d7:94:32:a4:f7:85:54:8f:31:98:3d:1c:af:46:32: 43:ae:b3:f1:28:cf:15:81:28:ae:08:b9:d1:a7:e7: 50:d2:73:1f:40:a8:b9:57:98:7d:a0:94:35:d6:04: 21:a9:11:55:19:2a:f0:f6:17:d1:1f:a4:3c:9b:8e: 2e:df:ee:46:2e:7e:13:da:d7:30:45:01:32:49:c0: 48:d1:0c:48:bb:71:9d:f7:d4:7a:30:c8:18:65:72: e1:a9:1e:e9:9f:f2:67:9e:03:2f:ce:fe:c1:35:47: 7f:d7:d4:6f:5f:98:b1:85:99:0a:39:51:4f:b9:2c: 01:78:e0:13:d1:53:84:df:a4:c8:31:a4:20:9a:d2: 2d:fa:46:33:de:04:63:0d:a7:12:b3:73:bd:ef:a3: 76:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:4B:5E:DE:B6:89:1E:89:90:1B:39:2D:5E:DC:08:EA:07:3D:C8:E6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 3b:3d:e1:44:98:20:81:5e:9b:2b:de:0c:3c:de:f5:27:58:f2: c6:2e:c3:b9:23:7f:a3:2b:43:af:d4:71:00:e9:35:22:f8:16: 32:ed:bf:ac:ea:bd:99:1b:51:b1:f8:64:75:15:5d:f7:3b:16: 63:88:1c:76:57:4c:bc:06:b7:d6:d7:a4:14:a5:77:33:f4:bd: d1:ee:d8:a6:39:5f:73:b6:d4:fd:9c:75:48:64:ab:7c:c2:16: 78:ec:26:f6:2e:85:66:90:14:27:6a:0b:68:24:5b:31:dc:ca: 66:36:c7:54:55:20:11:77:63:ac:d5:3a:a6:62:04:1d:04:cf: e5:43:f3:1f:d5:96:8e:61:45:94:53:9c:ed:54:21:a9:14:f4: d5:65:a6:66:56:41:30:5a:af:ec:1a:43:71:b7:a0:dc:9e:e6: e3:bc:86:9f:74:7f:c2:7a:14:c3:1e:79:d3:0d:28:43:45:3d: 5b:2c:76:3f:74:84:ee:0d:1b:36:75:88:4d:58:e1:ec:9c:8c: 29:2b:07:2e:8b:93:97:34:4d:eb:b6:78:d3:41:41:df:24:8b: d1:cf:71:d9:5d:51:f2:bd:b0:07:41:69:af:57:e7:5e:dd:c9: 3a:d4:49:d7:95:8d:31:a4:87:e2:2a:0f:df:70:ad:cb:ba:4c: a6:24:84:1c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUc7VQvpcc93tDrCoWyQtLNV1vfE8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMDE0MFoX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAZGI1NDc4NmE0NWQ0NTQ5MTQyNDkz OWQwMTM3MzQ3MzIwZTY4MzcwMTRjYzQ4ZTYzNjY2NjliNWY2YTRmN2MyZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj1h47H9oOt6LxxwpBjwZ0pQx5HN ZuBM4ygxZcf2XTpAQwm84BJQLwFbCynxcpWxvFOnJ7nDozRgiaP7JLsKX51t4peT ww0T5fuMTDtpBoyhIEEy7X2RukcR9PvX4qZS21DGAb5D9ObXlDKk94VUjzGYPRyv RjJDrrPxKM8VgSiuCLnRp+dQ0nMfQKi5V5h9oJQ11gQhqRFVGSrw9hfRH6Q8m44u 3+5GLn4T2tcwRQEyScBI0QxIu3Gd99R6MMgYZXLhqR7pn/JnngMvzv7BNUd/19Rv X5ixhZkKOVFPuSwBeOAT0VOE36TIMaQgmtIt+kYz3gRjDacSs3O976N2yQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDtLXt62iR6JkBs5LV7cCOoHPcjmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyZmQ1YTk2LTIxZTktNGVmOC1iMjdmLTVhN2Y5OTZiODRkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8uDAMA0GCSqGSIb3DQEBCwUAA4IBAQA7PeFEmCCBXpsr3gw8 3vUnWPLGLsO5I3+jK0Ov1HEA6TUi+BYy7b+s6r2ZG1Gx+GR1FV33OxZjiBx2V0y8 BrfW16QUpXcz9L3R7timOV9zttT9nHVIZKt8whZ47Cb2LoVmkBQnagtoJFsx3Mpm NsdUVSARd2Os1TqmYgQdBM/lQ/Mf1ZaOYUWUU5ztVCGpFPTVZaZmVkEwWq/sGkNx t6DcnubjvIafdH/CehTDHnnTDShDRT1bLHY/dITuDRs2dYhNWOHsnIwpKwcui5OX NE3rtnjTQUHfJIvRz3HZXVHyvbAHQWmvV+de3ck61EnXlY0xpIfiKg/fcK3Lukym JIQc -----END CERTIFICATE-----Generated at Sat Jun 14 05:56:57 2025 by rpki-client