$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47474093-258c-498a-bd3d-047521af5d87.roa File: 47474093-258c-498a-bd3d-047521af5d87.roa (raw, json) Hash identifier: P9po0Tdma07RMp+lsIazuiD9M7nxaNVaxreoVDKpoGg= Subject key identifier: 93:19:CC:73:96:99:52:76:27:7D:2D:F4:94:5F:89:01:56:7C:AC:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3B6C4082ED48725B7E56FA2AC651037DB6B72597 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47474093-258c-498a-bd3d-047521af5d87.roa Signing time: Tue 03 Jun 2025 19:36:58 +0000 ROA not before: Tue 03 Jun 2025 19:36:58 +0000 ROA not after: Tue 08 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:6c:40:82:ed:48:72:5b:7e:56:fa:2a:c6:51:03:7d:b6:b7:25:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 3 19:36:58 2025 GMT Not After : Jul 8 23:59:59 2025 GMT Subject: serialNumber=59d3bd8e97cd8432e843e6366a873c028147f0cb7d5f956b456cf61077a5ae73, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:4c:c1:af:59:29:dd:ed:1c:0a:81:30:b6:f3: 32:56:d2:fe:47:35:bb:d4:d6:b3:f5:58:0a:c4:d0: 43:49:ce:f0:d1:59:61:23:4c:65:93:b4:e7:93:dd: 33:d8:fc:e4:a3:ff:a1:af:34:ac:3d:40:ea:99:0f: 2f:5b:d1:2e:e3:71:1c:25:43:29:62:1a:53:2a:a4: c9:16:42:21:db:9f:2b:55:02:9d:98:3b:ca:f4:e6: 5b:99:0a:e1:8a:21:4d:76:37:85:61:25:40:ee:3d: 39:ad:a4:51:b2:8c:d5:f8:dd:b1:4c:0e:66:92:87: 84:a8:c4:bc:56:d4:29:d4:c6:25:af:cd:83:92:ed: 00:95:00:c2:12:57:58:3e:d4:25:b4:42:6c:7e:7a: 56:e1:a2:0e:12:29:72:8c:30:51:3b:9b:68:a0:4a: c4:f6:63:bf:44:f1:b7:6d:05:03:1f:91:41:b8:73: 17:4b:ee:f9:3c:3b:cf:2e:55:37:e9:3d:69:af:c3: f6:d2:8d:30:68:f5:a1:26:3c:33:7c:11:8b:dd:99: 71:54:c3:a0:c6:fe:a1:c3:96:13:02:eb:04:d0:59: 75:4a:a6:1b:d9:09:c5:fe:2f:31:cf:79:5d:7f:f4: 56:fd:12:ec:8b:d9:fa:57:55:49:95:f7:e3:dd:86: 3c:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:19:CC:73:96:99:52:76:27:7D:2D:F4:94:5F:89:01:56:7C:AC:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47474093-258c-498a-bd3d-047521af5d87.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:f000::/40 Signature Algorithm: sha256WithRSAEncryption 90:de:df:78:82:54:16:72:bd:a4:42:e1:7f:2b:16:b8:f9:7e: e5:0c:a8:41:32:0f:1e:95:23:c3:8e:c1:78:f2:ad:f1:62:69: b2:1a:25:17:0c:ee:51:3c:6b:06:de:40:e4:c5:85:6c:c6:0c: 31:4a:c0:9d:d6:69:c0:9f:f7:c3:0d:d6:74:56:1b:d1:09:ce: eb:b2:1c:35:1e:69:dc:44:b6:4b:b2:c7:86:fc:e9:c0:c0:62: 8c:41:1a:41:21:d1:50:99:bf:bf:01:43:d0:a9:3b:5e:e6:97: 2e:47:ce:d3:ff:5b:c2:6b:2a:44:13:6d:ac:b0:ae:dd:a9:8f: 4c:8b:4b:7d:d3:3f:77:af:4a:a3:db:6e:a8:46:cf:28:1e:77: 94:62:b4:1d:a9:5d:aa:55:fd:ce:dd:bc:0b:92:eb:3f:89:de: 9f:cf:85:87:5c:a1:ac:98:98:67:de:8d:3a:a7:2b:47:11:93: 4f:68:b1:6f:5c:c7:6f:4a:5f:90:99:d2:61:cc:c1:1b:99:25: a3:cb:a1:bc:35:d5:31:9d:90:73:62:24:f2:3d:74:c7:d5:f2: 1b:15:c4:91:ed:5b:35:3b:51:17:fa:51:0f:23:31:ef:41:7a: cf:de:8a:a3:fd:00:6b:f6:e4:08:45:9d:bb:96:fc:d5:f8:65: e0:ac:09:f6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUO2xAgu1Iclt+VvoqxlEDfba3JZcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwMzE5MzY1OFoX DTI1MDcwODIzNTk1OVowejFJMEcGA1UEBRNANTlkM2JkOGU5N2NkODQzMmU4NDNl NjM2NmE4NzNjMDI4MTQ3ZjBjYjdkNWY5NTZiNDU2Y2Y2MTA3N2E1YWU3MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUzBr1kp3e0cCoEwtvMyVtL+RzW7 1Naz9VgKxNBDSc7w0VlhI0xlk7Tnk90z2Pzko/+hrzSsPUDqmQ8vW9Eu43EcJUMp YhpTKqTJFkIh258rVQKdmDvK9OZbmQrhiiFNdjeFYSVA7j05raRRsozV+N2xTA5m koeEqMS8VtQp1MYlr82Dku0AlQDCEldYPtQltEJsfnpW4aIOEilyjDBRO5tooErE 9mO/RPG3bQUDH5FBuHMXS+75PDvPLlU36T1pr8P20o0waPWhJjwzfBGL3ZlxVMOg xv6hw5YTAusE0Fl1SqYb2QnF/i8xz3ldf/RW/RLsi9n6V1VJlffj3YY8DQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJMZzHOWmVJ2J30t9JRfiQFWfKzPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ3NDc0MDkzLTI1OGMtNDk4YS1iZDNkLTA0NzUyMWFmNWQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaufAwDQYJKoZIhvcNAQELBQADggEBAJDe33iCVBZyvaRC4X8r Frj5fuUMqEEyDx6VI8OOwXjyrfFiabIaJRcM7lE8awbeQOTFhWzGDDFKwJ3WacCf 98MN1nRWG9EJzuuyHDUeadxEtkuyx4b86cDAYoxBGkEh0VCZv78BQ9CpO17mly5H ztP/W8JrKkQTbaywrt2pj0yLS33TP3evSqPbbqhGzyged5RitB2pXapV/c7dvAuS 6z+J3p/PhYdcoayYmGfejTqnK0cRk09osW9cx29KX5CZ0mHMwRuZJaPLobw11TGd kHNiJPI9dMfV8hsVxJHtWzU7URf6UQ8jMe9Bes/eiqP9AGv25AhFnbuW/NX4ZeCs CfY= -----END CERTIFICATE-----Generated at Sat Jun 14 06:46:26 2025 by rpki-client