$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d6a264a-aa2a-46c2-95e0-8711aa342743.roa File: 4d6a264a-aa2a-46c2-95e0-8711aa342743.roa (raw, json) Hash identifier: qEXgYpKZhBVA5ZvUy1LaVYXAQeJ6phwkyi2vRJf2Scw= Subject key identifier: 7F:89:44:9A:C0:47:C9:6B:87:46:DD:7F:26:FD:D6:10:37:AF:50:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1AA7212693A631B54AABA2332C306DE3FE12E4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d6a264a-aa2a-46c2-95e0-8711aa342743.roa Signing time: Tue 10 Jun 2025 00:31:11 +0000 ROA not before: Tue 10 Jun 2025 00:31:11 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:a7:21:26:93:a6:31:b5:4a:ab:a2:33:2c:30:6d:e3:fe:12:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:31:11 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=074f05f8bcf27de6e96ef96f715a895f1174c042f577e9dda22b0c76f68530ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:a1:c3:8d:7c:81:6c:db:f8:ed:4e:b2:74:03: 9e:1b:80:2f:55:fd:21:c2:81:7e:7f:eb:e8:fc:c0: 52:71:74:aa:89:23:00:2e:8c:88:27:a8:90:ee:4a: 86:6d:57:c7:31:5a:b8:38:ba:60:32:db:14:17:17: 2d:c8:ef:ed:cd:46:a0:74:2e:02:22:81:a5:62:81: 09:d5:4d:ed:f7:f3:5c:96:35:60:ce:6f:bf:4e:7b: 31:2a:48:36:74:3f:95:e0:53:fa:d6:c6:99:e3:98: e5:28:c9:0f:30:2e:07:92:06:f5:f7:32:ef:ba:3d: 45:ce:bc:c8:1e:bf:e2:90:e5:e7:b2:a1:a3:47:4e: 1e:f9:59:e4:a1:55:dd:b0:f6:e8:ba:e5:f8:14:c9: a2:ef:ff:f5:de:91:f0:1c:d1:c0:38:3b:61:b4:a2: 7d:67:a9:1f:0e:a3:69:ca:5b:18:0c:3e:cb:53:d3: 0b:88:da:55:20:88:3d:23:39:6e:13:e5:f6:8d:70: a2:7c:8f:cc:d8:20:1c:e2:25:78:8b:30:96:76:e0: c1:76:86:d7:57:90:9a:aa:40:15:ed:0a:28:27:d7: 6a:52:be:99:4f:01:e5:be:62:f6:0c:74:5b:17:23: 75:5c:e5:36:e0:03:25:21:15:d2:c7:50:4c:d0:95: 1d:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:89:44:9A:C0:47:C9:6B:87:46:DD:7F:26:FD:D6:10:37:AF:50:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d6a264a-aa2a-46c2-95e0-8711aa342743.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption 85:59:cb:fc:3b:a3:6b:90:ab:55:3f:8c:3f:76:14:e7:00:7d: 92:64:b4:3f:41:56:61:d2:45:a9:34:07:e3:56:fd:d9:2e:ba: 4f:d1:85:9c:78:78:64:b1:26:37:aa:12:b0:07:99:d1:1f:cb: a9:f1:9c:42:b2:22:c3:f6:2a:e8:71:bd:66:22:0d:35:ea:7a: 1e:d1:e0:3e:00:e5:85:0e:7e:a3:9a:bd:27:81:94:31:bd:08: b1:80:a9:dc:12:fa:61:0e:2a:4b:85:0d:64:55:79:d2:aa:40: 21:93:1e:63:4e:51:f0:b1:0d:0f:72:81:86:fe:49:8e:b2:e4: b5:9d:0d:6d:3e:a1:7b:13:11:a8:11:d6:0c:46:5d:c3:35:7e: c0:a9:66:50:1c:8c:62:b7:6a:a0:69:36:98:9a:99:20:c4:e4: 3f:f6:75:b0:7f:e7:bc:a0:c8:59:56:0b:c0:58:23:c8:66:0f: 87:a5:0d:0e:db:e7:e9:c8:40:13:6e:2e:54:56:da:8e:8e:65: b3:b9:82:05:29:e9:16:77:35:4d:50:9d:c1:3f:09:99:f6:d9: fe:d6:27:ec:f2:03:a0:f1:b7:94:50:a5:c7:5c:db:25:b7:f2: 88:af:ca:c8:cf:42:91:82:4b:f2:b1:95:64:24:99:92:35:16: a2:05:a0:fa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITGqchJpOmMbVKq6IzLDBt4/4S5DANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwNjEwMDAzMTExWhcN MjUwNzE1MjM1OTU5WjB6MUkwRwYDVQQFE0AwNzRmMDVmOGJjZjI3ZGU2ZTk2ZWY5 NmY3MTVhODk1ZjExNzRjMDQyZjU3N2U5ZGRhMjJiMGM3NmY2ODUzMGFjMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTocONfIFs2/jtTrJ0A54bgC9V/SHC gX5/6+j8wFJxdKqJIwAujIgnqJDuSoZtV8cxWrg4umAy2xQXFy3I7+3NRqB0LgIi gaVigQnVTe3381yWNWDOb79OezEqSDZ0P5XgU/rWxpnjmOUoyQ8wLgeSBvX3Mu+6 PUXOvMgev+KQ5eeyoaNHTh75WeShVd2w9ui65fgUyaLv//XekfAc0cA4O2G0on1n qR8Oo2nKWxgMPstT0wuI2lUgiD0jOW4T5faNcKJ8j8zYIBziJXiLMJZ24MF2htdX kJqqQBXtCign12pSvplPAeW+YvYMdFsXI3Vc5TbgAyUhFdLHUEzQlR0LAgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQUf4lEmsBHyWuHRt1/Jv3WEDevUE0wHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv NGQ2YTI2NGEtYWEyYS00NmMyLTk1ZTAtODcxMWFhMzQyNzQzLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAkBto4yMAwDQYJKoZIhvcNAQELBQADggEBAIVZy/w7o2uQq1U/jD92 FOcAfZJktD9BVmHSRak0B+NW/dkuuk/RhZx4eGSxJjeqErAHmdEfy6nxnEKyIsP2 KuhxvWYiDTXqeh7R4D4A5YUOfqOavSeBlDG9CLGAqdwS+mEOKkuFDWRVedKqQCGT HmNOUfCxDQ9ygYb+SY6y5LWdDW0+oXsTEagR1gxGXcM1fsCpZlAcjGK3aqBpNpia mSDE5D/2dbB/57ygyFlWC8BYI8hmD4elDQ7b5+nIQBNuLlRW2o6OZbO5ggUp6RZ3 NU1QncE/CZn22f7WJ+zyA6Dxt5RQpcdc2yW38oivysjPQpGCS/KxlWQkmZI1FqIF oPo= -----END CERTIFICATE-----Generated at Sat Jun 14 06:49:51 2025 by rpki-client