$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa File: 4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa (raw, json) Hash identifier: 6WhT9JJ0uU4Im8rw2OWJDEFpGgZqjhPVL2aDCHsagWw= Subject key identifier: E2:87:60:A3:01:A2:8D:89:BC:A9:AD:84:F9:E8:44:3F:8C:4F:0E:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 370012B9B9D5A94ED18A8A15C623C3D8EE0A8283 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa Signing time: Wed 04 Jun 2025 00:01:14 +0000 ROA not before: Wed 04 Jun 2025 00:01:14 +0000 ROA not after: Wed 09 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:00:12:b9:b9:d5:a9:4e:d1:8a:8a:15:c6:23:c3:d8:ee:0a:82:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 4 00:01:14 2025 GMT Not After : Jul 9 23:59:59 2025 GMT Subject: serialNumber=265d1cf8acdafa569ef2e2407be6c812fcf661197970c4211c6ce4a3bc51176d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:e7:3a:47:67:22:8b:47:36:88:35:84:92:f1: 56:20:32:22:55:56:e8:76:05:62:bc:fb:ba:58:39: b1:ca:16:74:9a:0c:85:8c:80:dc:50:00:52:8c:92: d3:fd:c1:47:21:47:61:82:45:b9:65:2d:c9:0d:b2: 1f:50:d2:5b:3c:c5:0a:2b:e3:d5:f7:91:b1:be:ee: 0e:9e:b8:54:27:81:2e:fb:f7:93:52:55:7c:b0:1e: 1e:3b:51:4f:32:25:9f:24:2f:90:a9:b4:04:aa:3f: 76:6c:68:68:57:07:db:6e:03:c2:2a:66:d2:50:52: b8:f2:a5:eb:69:06:c1:22:f1:d6:9c:0c:91:55:7e: 47:6c:63:8c:c1:24:03:6e:8d:43:f1:94:12:b9:9f: fb:13:f4:c3:74:3e:6f:5e:1c:4b:7c:9c:33:61:21: 55:b6:20:79:c0:b6:15:22:17:b4:25:ac:95:00:75: 94:4e:55:78:5f:f4:1d:8d:0c:ad:92:5a:c0:23:9e: 9a:53:07:5a:9c:23:4c:2e:6a:63:57:5b:2d:6a:d4: b7:b6:8c:ae:42:fb:18:bc:dd:fa:5b:11:aa:8a:36: 09:85:ae:00:df:d3:e1:84:3c:85:63:56:99:46:fd: aa:86:3e:23:59:c1:98:d2:71:e5:80:9f:91:85:dd: 3e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:87:60:A3:01:A2:8D:89:BC:A9:AD:84:F9:E8:44:3F:8C:4F:0E:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:1000::/40 Signature Algorithm: sha256WithRSAEncryption 84:c3:b8:a4:9d:3e:83:ae:b7:56:d0:5a:55:f3:31:fb:73:ed: 88:41:da:89:06:b0:ca:c9:3d:c9:72:c5:c9:30:4c:59:50:0b: 78:d1:8d:4d:c9:54:a6:0e:4a:4b:06:20:d0:b7:6c:66:ea:e8: 04:0d:5e:82:51:1e:15:44:8c:69:d4:b7:d1:78:bd:5c:5b:ce: 00:e9:35:3d:99:51:fc:c0:8b:cc:b4:af:1f:fe:9a:2a:6a:f3: 9c:79:e6:e8:65:2c:ac:52:9c:e2:44:7c:29:06:f6:6c:62:fa: da:bf:b2:b5:d8:2e:8e:00:d9:8a:ee:f3:3d:a3:6c:4c:16:62: 6d:84:af:8c:49:56:1d:26:6c:e7:09:67:25:cf:7b:7f:4a:d2: ca:ef:37:11:90:18:f7:af:9b:98:08:20:36:32:13:a3:a4:e3: b7:f7:a6:86:8b:f0:13:d6:a7:12:76:48:b4:fb:f1:1d:d2:60: 85:6b:7d:90:87:a2:eb:a8:72:01:aa:d8:fe:57:8c:94:93:59: 1e:c5:38:06:0e:2e:d5:f6:69:b7:a8:ea:e3:fd:50:a3:e3:b1: 8b:7d:23:f7:ce:df:d8:8e:be:88:14:df:c1:7b:c6:f7:ee:ab: ab:05:c0:6c:dd:8a:28:38:f8:99:56:56:41:d1:51:77:b9:d4: 02:2c:35:22 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNwASubnVqU7RiooVxiPD2O4KgoMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNDAwMDExNFoX DTI1MDcwOTIzNTk1OVowejFJMEcGA1UEBRNAMjY1ZDFjZjhhY2RhZmE1NjllZjJl MjQwN2JlNmM4MTJmY2Y2NjExOTc5NzBjNDIxMWM2Y2U0YTNiYzUxMTc2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Oc6R2cii0c2iDWEkvFWIDIiVVbo dgVivPu6WDmxyhZ0mgyFjIDcUABSjJLT/cFHIUdhgkW5ZS3JDbIfUNJbPMUKK+PV 95Gxvu4OnrhUJ4Eu+/eTUlV8sB4eO1FPMiWfJC+QqbQEqj92bGhoVwfbbgPCKmbS UFK48qXraQbBIvHWnAyRVX5HbGOMwSQDbo1D8ZQSuZ/7E/TDdD5vXhxLfJwzYSFV tiB5wLYVIhe0JayVAHWUTlV4X/QdjQytklrAI56aUwdanCNMLmpjV1statS3toyu QvsYvN36WxGqijYJha4A39PhhDyFY1aZRv2qhj4jWcGY0nHlgJ+Rhd0+iwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOKHYKMBoo2JvKmthPnoRD+MTw6cMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjMTBkM2I5LWMzNTctNGRkZS05ZTM1LThiNDUxZWJlN2JhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9hAwDQYJKoZIhvcNAQELBQADggEBAITDuKSdPoOut1bQWlXz Mftz7YhB2okGsMrJPclyxckwTFlQC3jRjU3JVKYOSksGINC3bGbq6AQNXoJRHhVE jGnUt9F4vVxbzgDpNT2ZUfzAi8y0rx/+mipq85x55uhlLKxSnOJEfCkG9mxi+tq/ srXYLo4A2Yru8z2jbEwWYm2Er4xJVh0mbOcJZyXPe39K0srvNxGQGPevm5gIIDYy E6Ok47f3poaL8BPWpxJ2SLT78R3SYIVrfZCHouuocgGq2P5XjJSTWR7FOAYOLtX2 abeo6uP9UKPjsYt9I/fO39iOvogU38F7xvfuq6sFwGzdiig4+JlWVkHRUXe51AIs NSI= -----END CERTIFICATE-----Generated at Sat Jun 14 06:19:13 2025 by rpki-client