$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa File: 442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa (raw, json) Hash identifier: lk1nEMfX7aafFP5UJbVhVcPPztRsS5GskTc1EcWSXgM= Subject key identifier: 48:71:7E:2C:F9:6F:E7:7E:06:CD:E2:B0:93:91:61:14:44:43:DF:65 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4601F6253485B936B5309E57040E651C2AA2BE6E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa Signing time: Tue 10 Jun 2025 15:00:12 +0000 ROA not before: Tue 10 Jun 2025 15:00:12 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:01:f6:25:34:85:b9:36:b5:30:9e:57:04:0e:65:1c:2a:a2:be:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:00:12 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=c8141e1755730c1444ad273ed7895f5bc90834d6f127af58beec7de4c5ec20d4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8d:d4:51:90:c8:68:5d:44:2e:3c:d2:4b:52: 4b:7d:4b:22:ab:b0:ca:22:82:98:bf:d4:ed:96:aa: a5:4f:5d:29:da:a6:1f:89:c9:46:3a:38:ef:62:fc: 77:4b:fa:91:e9:f1:e5:ad:11:75:62:bd:12:bb:a5: 8c:97:e6:3d:fa:60:13:2a:ee:f1:98:59:ff:2b:3d: fe:e1:6c:eb:8b:ed:52:7c:1b:2e:87:c5:6f:75:be: 9e:e9:9c:a4:20:56:73:97:1e:da:c2:0e:44:43:f2: b8:c3:36:2a:e6:85:0b:e9:ff:30:e5:c2:f0:2a:6a: da:49:6a:f4:21:1a:5e:49:88:31:ff:f5:2c:6e:cc: ca:41:81:51:51:eb:89:64:53:df:53:5c:c3:fd:df: 05:1f:23:78:8b:84:d9:2c:c7:37:d7:1d:99:ef:67: fe:91:c5:0b:dc:54:af:66:88:39:97:93:e8:28:45: 6c:6a:13:de:7b:94:64:6c:01:00:57:37:93:b5:e8: 22:17:ba:41:51:41:7f:6d:b7:b3:25:cc:80:af:be: 0f:ca:9e:9c:2f:88:f5:81:94:1b:2f:3a:42:a3:05: dd:72:34:7c:ca:6b:80:46:85:8f:0c:c1:70:90:6b: 04:0a:bf:87:58:6b:96:13:2d:a6:d1:95:8b:95:8e: ba:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:71:7E:2C:F9:6F:E7:7E:06:CD:E2:B0:93:91:61:14:44:43:DF:65 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:8800::/40 Signature Algorithm: sha256WithRSAEncryption 7b:60:42:79:f3:69:af:fd:30:ef:9f:f3:1e:92:ef:ee:f2:55: 0f:c1:e7:e2:c3:41:cb:73:9a:be:95:2a:ab:a0:c4:e2:83:38: 0a:f9:ab:d4:fa:33:92:c6:3b:41:34:d6:28:a7:59:44:c7:27: 21:c5:42:b1:06:4d:17:66:84:6a:4e:82:e0:20:52:6d:09:bf: 99:9e:26:51:4b:e4:52:ac:db:14:c1:a0:e7:bd:f7:6d:8b:56: 98:c2:f8:76:6a:f7:cd:b7:20:51:66:93:07:4d:e3:17:2c:e8: 9b:6a:02:ff:11:e4:95:3f:34:2a:6f:72:23:17:82:fd:ed:ad: 05:70:ae:24:ea:aa:1c:59:3a:8d:97:4c:32:07:05:22:f4:86: c7:91:c9:44:81:86:40:25:2e:a6:4a:ec:db:00:36:9b:31:fb: 14:98:2e:13:e9:11:91:3f:e1:06:80:67:e3:f8:2c:08:6d:19: 3c:ff:c7:7f:d9:44:75:93:fe:2a:0d:12:60:35:2b:b5:74:48: b0:5d:c4:6f:e7:15:d5:b4:b3:db:74:da:39:ec:3d:e3:52:1e: 4f:0d:f1:c5:cc:37:2e:4f:5f:9d:3c:9f:14:bb:8a:e4:75:b2: c7:63:ff:5a:b3:75:99:25:cf:00:93:08:aa:8f:82:aa:e8:56: 83:9b:d5:cf -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURgH2JTSFuTa1MJ5XBA5lHCqivm4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MDAxMloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAYzgxNDFlMTc1NTczMGMxNDQ0YWQy NzNlZDc4OTVmNWJjOTA4MzRkNmYxMjdhZjU4YmVlYzdkZTRjNWVjMjBkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto3UUZDIaF1ELjzSS1JLfUsiq7DK IoKYv9TtlqqlT10p2qYficlGOjjvYvx3S/qR6fHlrRF1Yr0Su6WMl+Y9+mATKu7x mFn/Kz3+4Wzri+1SfBsuh8Vvdb6e6ZykIFZzlx7awg5EQ/K4wzYq5oUL6f8w5cLw KmraSWr0IRpeSYgx//UsbszKQYFRUeuJZFPfU1zD/d8FHyN4i4TZLMc31x2Z72f+ kcUL3FSvZog5l5PoKEVsahPee5RkbAEAVzeTtegiF7pBUUF/bbezJcyAr74Pyp6c L4j1gZQbLzpCowXdcjR8ymuARoWPDMFwkGsECr+HWGuWEy2m0ZWLlY666QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEhxfiz5b+d+Bs3isJORYRREQ99lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ0MmZlZTY3LWYzZDktNDg4OS05NGQ0LTJhM2I4YmI1Y2ZhYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8YgwDQYJKoZIhvcNAQELBQADggEBAHtgQnnzaa/9MO+f8x6S 7+7yVQ/B5+LDQctzmr6VKqugxOKDOAr5q9T6M5LGO0E01iinWUTHJyHFQrEGTRdm hGpOguAgUm0Jv5meJlFL5FKs2xTBoOe9922LVpjC+HZq9823IFFmkwdN4xcs6Jtq Av8R5JU/NCpvciMXgv3trQVwriTqqhxZOo2XTDIHBSL0hseRyUSBhkAlLqZK7NsA Npsx+xSYLhPpEZE/4QaAZ+P4LAhtGTz/x3/ZRHWT/ioNEmA1K7V0SLBdxG/nFdW0 s9t02jnsPeNSHk8N8cXMNy5PX508nxS7iuR1ssdj/1qzdZklzwCTCKqPgqroVoOb 1c8= -----END CERTIFICATE-----Generated at Sat Jun 14 06:08:43 2025 by rpki-client