$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5418b4d0-7480-41be-a568-008f76efc155.roa File: 5418b4d0-7480-41be-a568-008f76efc155.roa (raw, json) Hash identifier: Q3hEVjVI2A9rNoyJBfc8JRnrGEi3PJIoYmSgCSDql2w= Subject key identifier: 84:7C:5C:AF:B7:6D:67:D9:BE:D2:9A:8A:25:7B:E0:33:2F:68:82:BD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4F81EC550AC21ED400F6F2B65A0E0350AA9EE12C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5418b4d0-7480-41be-a568-008f76efc155.roa Signing time: Tue 10 Jun 2025 00:21:32 +0000 ROA not before: Tue 10 Jun 2025 00:21:32 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:e040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:81:ec:55:0a:c2:1e:d4:00:f6:f2:b6:5a:0e:03:50:aa:9e:e1:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:21:32 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=15cb31f45bbfa316bc9953cfddbbb5439338651aeea4da519db33a6fcee790b7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:f6:ef:0c:9a:79:68:b2:27:b9:de:27:2b:66: af:83:a7:d4:69:b2:07:d2:e4:51:2d:6d:22:9a:05: 59:6b:73:dc:62:96:33:6a:01:4a:e4:8f:2d:34:4a: d8:6a:d7:fd:76:09:5c:49:12:3d:e5:58:bb:62:cf: d9:e5:12:3e:e7:00:9e:7a:99:05:c9:da:92:2c:8c: 9b:f7:52:09:28:f4:0a:e2:36:ac:6a:63:d8:74:0d: 84:73:0b:28:6e:01:73:7a:89:22:b3:29:0b:f8:f5: 4c:ea:e9:7e:88:59:34:4d:b7:71:19:4f:be:32:50: 5d:65:57:5f:a4:95:5e:35:c2:71:15:10:e5:68:57: b2:60:c8:35:ef:2b:b9:59:56:76:99:15:02:51:70: c7:e0:8e:3d:e0:19:80:3c:82:1e:1c:c9:77:6a:6e: 9e:0a:ad:d9:d0:3a:3f:1d:a5:48:07:ae:05:2d:ae: c1:f7:25:fa:fd:8e:e8:4a:e5:e0:cb:a0:6d:7e:8e: cf:2b:7c:6b:fb:d4:9a:45:a2:7a:e5:02:57:cf:08: d6:20:74:70:e4:ef:c3:af:de:76:e3:8e:46:0f:41: 41:90:d1:2e:f3:8a:d1:8c:f5:87:23:2e:3c:de:a0: cc:82:b4:cb:64:e2:89:c5:43:15:c4:3e:92:2d:bf: ab:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:7C:5C:AF:B7:6D:67:D9:BE:D2:9A:8A:25:7B:E0:33:2F:68:82:BD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5418b4d0-7480-41be-a568-008f76efc155.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:e040::/48 Signature Algorithm: sha256WithRSAEncryption b9:97:c7:f8:9d:45:18:01:cf:07:15:a9:0c:42:db:17:a8:65: 24:f6:cb:97:a9:3d:e1:a5:96:b7:23:b3:84:4e:d3:8c:9f:d9: 40:e1:84:dc:b3:76:9a:9e:77:d9:ac:77:3e:e4:73:c6:a3:e0: a7:a5:8d:3f:b0:8f:f8:ca:4e:c0:14:81:77:6d:38:4d:51:8c: 73:0a:0a:bd:b3:38:18:e9:55:a0:df:3e:71:34:eb:d6:b8:4b: 33:fc:c3:e0:89:a3:62:a8:b0:85:7c:5e:8b:6c:31:cf:aa:02: ba:2c:1f:fc:f5:84:df:23:a6:e8:72:a9:7f:a4:47:47:3e:14: 7c:bf:ce:22:ba:7e:8f:6e:a6:e1:7d:c8:a4:08:6f:6c:db:fc: f5:41:4c:52:25:dd:88:f8:69:d7:85:9d:c0:30:25:23:5c:ad: 54:ca:ab:07:d7:2b:3b:a9:13:5c:93:bd:5e:9e:af:6b:5f:4b: bd:9c:3a:41:3f:9e:26:23:f1:81:80:12:a0:be:25:5f:73:2a: 6e:56:2a:02:a2:44:19:e8:26:44:7b:fb:c2:fc:10:46:60:6b: a9:5b:3e:88:90:e3:32:2e:69:5b:c2:6c:0c:9d:bf:c5:46:7f: 0d:87:c1:eb:ff:04:28:fb:06:ba:e4:8b:fe:4f:54:b5:6d:6a: fa:0a:76:cc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUT4HsVQrCHtQA9vK2Wg4DUKqe4SwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMjEzMloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMTVjYjMxZjQ1YmJmYTMxNmJjOTk1 M2NmZGRiYmI1NDM5MzM4NjUxYWVlYTRkYTUxOWRiMzNhNmZjZWU3OTBiNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovbvDJp5aLInud4nK2avg6fUabIH 0uRRLW0imgVZa3PcYpYzagFK5I8tNErYatf9dglcSRI95Vi7Ys/Z5RI+5wCeepkF ydqSLIyb91IJKPQK4jasamPYdA2EcwsobgFzeokisykL+PVM6ul+iFk0TbdxGU++ MlBdZVdfpJVeNcJxFRDlaFeyYMg17yu5WVZ2mRUCUXDH4I494BmAPIIeHMl3am6e Cq3Z0Do/HaVIB64FLa7B9yX6/Y7oSuXgy6Btfo7PK3xr+9SaRaJ65QJXzwjWIHRw 5O/Dr952445GD0FBkNEu84rRjPWHIy483qDMgrTLZOKJxUMVxD6SLb+r8wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIR8XK+3bWfZvtKaiiV74DMvaIK9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0MThiNGQwLTc0ODAtNDFiZS1hNTY4LTAwOGY3NmVmYzE1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAOBAMA0GCSqGSIb3DQEBCwUAA4IBAQC5l8f4nUUYAc8HFakM QtsXqGUk9suXqT3hpZa3I7OETtOMn9lA4YTcs3aannfZrHc+5HPGo+CnpY0/sI/4 yk7AFIF3bThNUYxzCgq9szgY6VWg3z5xNOvWuEsz/MPgiaNiqLCFfF6LbDHPqgK6 LB/89YTfI6bocql/pEdHPhR8v84iun6PbqbhfcikCG9s2/z1QUxSJd2I+GnXhZ3A MCUjXK1UyqsH1ys7qRNck71enq9rX0u9nDpBP54mI/GBgBKgviVfcypuVioCokQZ 6CZEe/vC/BBGYGupWz6IkOMyLmlbwmwMnb/FRn8Nh8Hr/wQo+wa65Iv+T1S1bWr6 CnbM -----END CERTIFICATE-----Generated at Sat Jun 14 06:26:16 2025 by rpki-client