$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa File: 4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa (raw, json) Hash identifier: OCtWr/8z7jwD6VlJf5vU9KvmgfrBZi+OVfn072GP7TY= Subject key identifier: 80:C3:AA:D9:46:45:A3:9E:95:E1:AC:A6:52:25:CF:FE:3C:F8:F5:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2A8C342369EA361938D7B8A59C0C22DA57A8926C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa Signing time: Fri 13 Jun 2025 00:00:52 +0000 ROA not before: Fri 13 Jun 2025 00:00:52 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:8c:34:23:69:ea:36:19:38:d7:b8:a5:9c:0c:22:da:57:a8:92:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:00:52 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=a48c2dfb5b97ba504cb208fb3a876b1d8aaa719a9381b95e8405402f93b12b04, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:94:2c:72:92:2d:ab:fb:16:d4:74:bb:c3:38: 8c:75:3e:d7:03:1f:81:2c:da:58:e4:ed:af:2c:89: 9c:4e:90:b7:47:67:3e:d5:96:5d:61:8c:e8:c1:e2: 80:f2:23:31:f7:71:d4:67:73:7c:8e:ff:00:42:82: 6b:51:08:48:eb:6b:52:0e:00:78:95:c7:55:87:cc: 12:34:88:20:e7:ac:d6:fb:e3:02:3c:c4:97:79:be: 4b:ce:5f:0c:07:94:18:77:68:b6:e6:de:4e:1b:3b: 7b:3b:45:ce:df:62:f9:98:e0:24:57:1d:8b:e1:f8: f4:b8:22:e5:53:a6:ee:7a:1b:0c:6f:93:e4:4f:a2: e7:b2:c2:22:9a:5e:6c:0f:ce:3e:1f:8c:2b:ee:21: 6d:eb:c2:45:68:12:50:0a:e3:b9:1f:0c:3e:07:ea: 63:a0:dd:0b:b3:ef:8b:b9:7e:f5:27:09:8e:4c:85: 97:ea:d4:c7:f0:58:0c:11:da:70:75:52:a3:64:d8: 8d:8d:b4:42:21:41:b8:54:43:d5:1f:9c:51:8e:88: be:94:13:a6:31:d8:e0:56:65:54:0f:4e:c3:44:c4: e2:f7:01:e0:9c:32:d0:ef:18:59:65:b2:54:eb:db: 5d:e6:4b:3b:89:73:67:d7:0a:83:5a:90:2b:ac:13: ec:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:C3:AA:D9:46:45:A3:9E:95:E1:AC:A6:52:25:CF:FE:3C:F8:F5:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:c000::/40 Signature Algorithm: sha256WithRSAEncryption 72:c8:e3:9f:d4:d4:50:fd:fd:db:d6:28:05:31:c5:3c:96:62: 86:ea:41:6b:40:40:21:9e:28:ea:d6:5e:7e:52:0e:53:a6:62: ca:be:19:88:11:ec:a5:65:3a:1e:9d:18:73:af:76:63:66:ca: 56:fa:83:e9:6a:03:f3:20:74:da:79:31:20:61:99:69:d1:10: af:a6:50:d6:4a:46:3f:b4:2a:7d:d3:5e:1d:d5:47:40:f9:3d: bb:2c:b1:94:89:35:c4:dc:3a:43:f7:30:67:1e:46:0f:75:84: 5b:40:89:67:92:8f:4e:1b:b9:cb:9e:cc:c5:e0:aa:6e:ea:bf: a4:eb:a0:03:59:2a:ee:9e:97:94:92:4c:1c:b6:6f:2a:81:da: 5e:1b:1d:93:aa:a0:15:64:74:53:d2:86:86:78:63:3a:8e:8f: 19:ee:92:a2:0c:05:f1:5f:94:38:93:d9:b2:4d:f7:3b:5d:45: e1:80:b2:d7:76:47:03:b5:7e:62:cb:54:31:c0:93:4e:48:b2: 96:ca:58:ac:13:44:39:2e:e6:b8:7e:1a:19:19:41:1c:c9:17: a3:16:63:8e:3a:02:32:e8:9c:7d:c7:1d:a1:e0:92:93:54:8b: 6b:26:39:ee:c7:55:f6:82:6e:d1:1f:ca:1e:85:02:4f:3c:b7: 05:6e:ce:d3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKow0I2nqNhk417ilnAwi2leokmwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDA1MloX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAYTQ4YzJkZmI1Yjk3YmE1MDRjYjIw OGZiM2E4NzZiMWQ4YWFhNzE5YTkzODFiOTVlODQwNTQwMmY5M2IxMmIwNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJQscpItq/sW1HS7wziMdT7XAx+B LNpY5O2vLImcTpC3R2c+1ZZdYYzoweKA8iMx93HUZ3N8jv8AQoJrUQhI62tSDgB4 lcdVh8wSNIgg56zW++MCPMSXeb5Lzl8MB5QYd2i25t5OGzt7O0XO32L5mOAkVx2L 4fj0uCLlU6buehsMb5PkT6LnssIiml5sD84+H4wr7iFt68JFaBJQCuO5Hww+B+pj oN0Ls++LuX71JwmOTIWX6tTH8FgMEdpwdVKjZNiNjbRCIUG4VEPVH5xRjoi+lBOm MdjgVmVUD07DRMTi9wHgnDLQ7xhZZbJU69td5ks7iXNn1wqDWpArrBPs+wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIDDqtlGRaOeleGsplIlz/48+PX3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlOWJlZWMyLTRkYWItNGYzMS1iMGNiLWFkNmEzYTU3NjFiMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+sAwDQYJKoZIhvcNAQELBQADggEBAHLI45/U1FD9/dvWKAUx xTyWYobqQWtAQCGeKOrWXn5SDlOmYsq+GYgR7KVlOh6dGHOvdmNmylb6g+lqA/Mg dNp5MSBhmWnREK+mUNZKRj+0Kn3TXh3VR0D5PbsssZSJNcTcOkP3MGceRg91hFtA iWeSj04bucuezMXgqm7qv6TroANZKu6el5SSTBy2byqB2l4bHZOqoBVkdFPShoZ4 YzqOjxnukqIMBfFflDiT2bJN9ztdReGAstd2RwO1fmLLVDHAk05IspbKWKwTRDku 5rh+GhkZQRzJF6MWY446AjLonH3HHaHgkpNUi2smOe7HVfaCbtEfyh6FAk88twVu ztM= -----END CERTIFICATE-----Generated at Sat Jun 14 06:02:11 2025 by rpki-client