$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/504ee0b7-b1f3-4f91-a867-2dd94be1a212.roa File: 504ee0b7-b1f3-4f91-a867-2dd94be1a212.roa (raw, json) Hash identifier: I+VHkqyOPdU6eKMiq4wwkQ3eAFwfCyITthZvEtFB/Es= Subject key identifier: 00:BD:6D:A6:AE:4A:CA:E5:FA:ED:9B:EF:F5:4C:79:F8:32:22:45:DD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2F823E657778B0821CEBC438C48D87674B430819 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/504ee0b7-b1f3-4f91-a867-2dd94be1a212.roa Signing time: Tue 10 Jun 2025 15:20:25 +0000 ROA not before: Tue 10 Jun 2025 15:20:25 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:82:3e:65:77:78:b0:82:1c:eb:c4:38:c4:8d:87:67:4b:43:08:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:20:25 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=96b200c470609fae81885085a8b209352826783f80af40b3346b147b41470b02, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:fb:04:96:b2:fa:62:de:db:40:c6:b4:20:34: 33:64:97:63:1d:ee:c3:0d:d7:5e:55:69:10:00:44: 89:b5:f4:da:05:9f:79:72:4f:d5:16:91:60:1d:eb: 1d:52:e4:03:7b:41:49:38:2b:63:8e:68:26:12:95: a6:47:a3:50:bd:2a:5b:a0:77:01:c0:a5:2c:f3:c7: fd:e6:27:f7:3a:39:46:2e:4a:8f:bf:93:1b:ad:7b: df:fc:21:3f:d4:f8:f8:3f:fe:57:51:58:89:24:f1: 90:f7:c8:b0:6b:37:f4:32:73:f4:f3:28:32:7e:97: 06:90:d9:b4:81:15:5f:f3:88:d9:d0:7f:12:51:ca: 86:7e:1f:9f:f6:cd:bc:6e:9c:30:02:26:2f:ff:71: 1c:4b:70:ed:47:b7:f9:c8:0b:f7:19:7d:88:fd:e6: 9b:ab:bd:d6:2f:8b:75:ee:cb:0a:1f:24:a0:45:26: cb:a6:a1:79:d2:a4:85:ea:c5:78:9a:ab:00:c2:8b: 86:51:75:4b:cc:00:81:5b:ff:56:c2:5b:16:fb:21: ff:b6:98:e1:f7:c2:ff:db:7d:1c:3c:8e:6f:1f:48: 9e:cc:6b:ab:f7:43:d8:39:e9:d1:01:5d:e5:c8:24: 32:31:35:76:8d:3b:8e:fd:9c:6a:72:a7:91:7e:ae: 0a:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:BD:6D:A6:AE:4A:CA:E5:FA:ED:9B:EF:F5:4C:79:F8:32:22:45:DD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/504ee0b7-b1f3-4f91-a867-2dd94be1a212.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:8800::/40 Signature Algorithm: sha256WithRSAEncryption b3:97:18:43:bc:ca:9a:89:d9:00:d8:ea:e8:c7:a3:03:f3:d9: f9:3b:a1:7a:08:81:a6:79:b1:2e:03:37:37:81:dd:77:80:55: ec:19:2c:a9:9a:96:9f:eb:4c:43:ea:f3:d3:4b:ae:e9:52:c5: 97:75:9b:9b:ae:d4:7d:51:e7:44:e3:2f:4c:45:1f:86:04:b6: cb:09:06:17:3c:fe:6b:f9:07:c5:82:22:95:37:9a:75:78:ce: be:02:52:e8:12:99:35:13:84:ec:a7:03:4d:8e:31:91:41:2a: 6b:3d:c1:9c:28:c4:90:e1:b8:cd:33:68:02:d2:17:1b:98:78: 1d:68:5e:45:d3:a4:39:81:97:b5:cf:28:23:fc:d3:6d:0b:f1: 5b:b3:e1:e6:b6:6d:0b:ff:a9:13:19:e5:3c:f0:9a:36:f3:2f: 91:74:a5:be:6d:a6:72:f5:27:38:7b:ea:0d:f6:a3:4f:ad:d8: 4e:c2:cc:a9:c1:5c:e8:fa:1f:c0:14:66:be:1f:fd:8d:6b:cc: a0:3e:38:fd:1a:1c:5a:a0:31:ba:0b:ea:64:d1:5e:9d:03:d3: 57:42:db:23:3d:65:89:5c:02:bf:47:0e:08:a4:27:4c:f0:da: d5:74:31:31:f6:53:d4:7b:b1:07:47:e5:56:e6:8b:c4:74:af: 51:95:18:15 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUL4I+ZXd4sIIc68Q4xI2HZ0tDCBkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MjAyNVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAOTZiMjAwYzQ3MDYwOWZhZTgxODg1 MDg1YThiMjA5MzUyODI2NzgzZjgwYWY0MGIzMzQ2YjE0N2I0MTQ3MGIwMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vsElrL6Yt7bQMa0IDQzZJdjHe7D DddeVWkQAESJtfTaBZ95ck/VFpFgHesdUuQDe0FJOCtjjmgmEpWmR6NQvSpboHcB wKUs88f95if3OjlGLkqPv5MbrXvf/CE/1Pj4P/5XUViJJPGQ98iwazf0MnP08ygy fpcGkNm0gRVf84jZ0H8SUcqGfh+f9s28bpwwAiYv/3EcS3DtR7f5yAv3GX2I/eab q73WL4t17ssKHySgRSbLpqF50qSF6sV4mqsAwouGUXVLzACBW/9WwlsW+yH/tpjh 98L/230cPI5vH0iezGur90PYOenRAV3lyCQyMTV2jTuO/ZxqcqeRfq4KwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAC9baauSsrl+u2b7/VMefgyIkXdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUwNGVlMGI3LWIxZjMtNGY5MS1hODY3LTJkZDk0YmUxYTIxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNogwDQYJKoZIhvcNAQELBQADggEBALOXGEO8ypqJ2QDY6ujH owPz2fk7oXoIgaZ5sS4DNzeB3XeAVewZLKmalp/rTEPq89NLrulSxZd1m5uu1H1R 50TjL0xFH4YEtssJBhc8/mv5B8WCIpU3mnV4zr4CUugSmTUThOynA02OMZFBKms9 wZwoxJDhuM0zaALSFxuYeB1oXkXTpDmBl7XPKCP8020L8Vuz4ea2bQv/qRMZ5Tzw mjbzL5F0pb5tpnL1Jzh76g32o0+t2E7CzKnBXOj6H8AUZr4f/Y1rzKA+OP0aHFqg MboL6mTRXp0D01dC2yM9ZYlcAr9HDgikJ0zw2tV0MTH2U9R7sQdH5Vbmi8R0r1GV GBU= -----END CERTIFICATE-----Generated at Sat Jun 14 06:03:05 2025 by rpki-client