$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa File: 53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa (raw, json) Hash identifier: 34GOq40uqSnT4hqkGND8RLA27HI4HLtnkWILIa/Ioys= Subject key identifier: 18:E6:C0:29:B0:64:45:C8:17:D1:35:77:7B:8E:D4:E8:3F:BC:CF:E4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 12374FAAFA082847E3C7553141758064DF612104 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa Signing time: Tue 10 Jun 2025 00:10:12 +0000 ROA not before: Tue 10 Jun 2025 00:10:12 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:37:4f:aa:fa:08:28:47:e3:c7:55:31:41:75:80:64:df:61:21:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:10:12 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=f07ee5faef5c240e0052c6d37ba406d5d8fd863db8c4d3bf02fc8b33b8991e08, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e1:f0:78:53:3a:db:0b:ee:26:f2:b1:a7:98: e0:04:53:a4:e2:20:33:f7:68:51:5c:97:5f:5c:d7: eb:b1:de:dc:97:40:03:d3:b2:b4:93:21:1a:60:2d: f3:e7:b7:d9:27:b1:e0:b6:9e:1f:1c:3d:1e:e7:8c: 52:3e:3b:54:a2:08:c4:a7:77:4c:1e:47:23:22:c5: 7d:55:05:34:da:0d:d1:2b:e0:25:59:ac:f4:8b:80: 48:9d:50:27:7d:39:05:37:70:6b:ef:d6:3c:e0:fb: 4f:49:56:1e:f8:49:6c:d0:3c:03:7d:a6:a2:a8:a9: 4e:1b:18:8b:00:75:0e:cf:d6:3c:17:fa:00:7b:52: 8e:40:da:fb:eb:35:4f:39:fd:26:d7:35:0a:5f:14: b3:25:c3:f7:33:13:49:59:db:51:fa:b2:a1:5a:11: 75:29:fd:b9:02:74:62:1b:23:20:fe:12:63:ec:0a: eb:fe:ae:f5:03:e7:c6:4c:98:97:37:ad:d5:9c:27: 33:85:e7:fe:ae:56:53:a3:b7:95:ec:e7:1a:c4:5a: a7:8d:80:0f:10:a9:bd:d8:fe:4c:2e:03:04:85:b9: 1a:09:2d:eb:ca:c0:8e:bb:3e:a6:e0:68:49:e8:90: aa:4e:32:0c:17:d6:c6:dc:18:76:80:32:44:cd:f4: ed:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:E6:C0:29:B0:64:45:C8:17:D1:35:77:7B:8E:D4:E8:3F:BC:CF:E4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:ab:16:4b:26:07:83:2b:95:4a:f3:77:69:80:49:63:c4:62: c5:1b:ca:e5:83:7c:27:9c:94:7d:f9:b6:81:2b:f8:d1:f2:f6: 62:e4:67:87:93:8b:aa:61:bf:1e:dd:3c:9c:76:c0:7a:fb:e5: 06:f3:f3:ce:bd:86:46:af:aa:a0:0e:30:0f:f1:f6:19:35:fb: 74:45:91:60:b1:69:d2:16:50:67:86:24:c3:d0:58:98:9b:84: 7e:96:d7:2b:ff:02:5a:fa:e9:3d:53:f0:09:3e:d4:99:1d:9b: 18:0a:b8:7b:f9:8d:b5:a7:cf:08:35:cb:8e:a5:18:20:98:2c: e3:a6:46:62:8b:a3:9d:9b:a5:34:43:62:7b:04:f6:7c:83:36: 9e:e5:8f:7e:c7:96:6d:a8:17:5f:22:29:d7:1c:f7:19:59:bc: 5b:96:57:74:8b:dd:56:0a:cc:b5:60:16:ff:ae:b4:b6:81:a2: 4f:62:34:0c:d6:ee:93:fd:91:75:1b:a4:80:56:d0:f7:b6:9a: 05:d2:7c:5f:ea:37:d4:2b:b5:bd:d9:2b:64:09:88:2f:9b:21: 1f:b2:ca:bf:52:de:47:7a:84:f9:9f:02:07:39:38:f2:99:66: 2e:ee:ae:a0:a0:3b:7d:18:c0:f0:85:8e:44:95:ae:5c:6e:ef: 52:51:b2:27 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEjdPqvoIKEfjx1UxQXWAZN9hIQQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMTAxMloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZjA3ZWU1ZmFlZjVjMjQwZTAwNTJj NmQzN2JhNDA2ZDVkOGZkODYzZGI4YzRkM2JmMDJmYzhiMzNiODk5MWUwODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOHweFM62wvuJvKxp5jgBFOk4iAz 92hRXJdfXNfrsd7cl0AD07K0kyEaYC3z57fZJ7Hgtp4fHD0e54xSPjtUogjEp3dM HkcjIsV9VQU02g3RK+AlWaz0i4BInVAnfTkFN3Br79Y84PtPSVYe+Els0DwDfaai qKlOGxiLAHUOz9Y8F/oAe1KOQNr76zVPOf0m1zUKXxSzJcP3MxNJWdtR+rKhWhF1 Kf25AnRiGyMg/hJj7Arr/q71A+fGTJiXN63VnCczhef+rlZTo7eV7OcaxFqnjYAP EKm92P5MLgMEhbkaCS3rysCOuz6m4GhJ6JCqTjIMF9bG3Bh2gDJEzfTtywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBjmwCmwZEXIF9E1d3uO1Og/vM/kMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUzZGM4YWNjLTBjMzAtNDJkMy1hYmZhLTU3OTJlYTViZjdkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/yAwDQYJKoZIhvcNAQELBQADggEBACyrFksmB4MrlUrzd2mA SWPEYsUbyuWDfCeclH35toEr+NHy9mLkZ4eTi6phvx7dPJx2wHr75Qbz8869hkav qqAOMA/x9hk1+3RFkWCxadIWUGeGJMPQWJibhH6W1yv/Alr66T1T8Ak+1JkdmxgK uHv5jbWnzwg1y46lGCCYLOOmRmKLo52bpTRDYnsE9nyDNp7lj37Hlm2oF18iKdcc 9xlZvFuWV3SL3VYKzLVgFv+utLaBok9iNAzW7pP9kXUbpIBW0Pe2mgXSfF/qN9Qr tb3ZK2QJiC+bIR+yyr9S3kd6hPmfAgc5OPKZZi7urqCgO30YwPCFjkSVrlxu71JR sic= -----END CERTIFICATE-----Generated at Sat Jun 14 06:19:10 2025 by rpki-client