$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa File: 542149ac-13e8-419c-b3c9-46274c8943df.roa (raw, json) Hash identifier: SwJaw3+8pMi0iq0IVWZMUfsenQoylpYVkOyF1V2KYxg= Subject key identifier: FA:98:CB:CA:5D:FF:FE:B9:23:B5:9E:E4:7C:2C:56:D6:F0:C0:4D:83 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 71C5BBBB791B1FBE12B88C49FD9F982C0B87B4DE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa Signing time: Tue 10 Jun 2025 00:51:23 +0000 ROA not before: Tue 10 Jun 2025 00:51:23 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:8c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:c5:bb:bb:79:1b:1f:be:12:b8:8c:49:fd:9f:98:2c:0b:87:b4:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:51:23 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=36ec4fae4c262974bec0bd190bce6f3c0e378034070fd3558e3b93adb837f8be, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:c9:50:de:ad:09:a0:0c:e4:29:e1:74:41:a6: 8e:3a:21:7e:77:90:01:72:4b:05:67:8d:56:eb:e9: f3:07:41:a3:7e:1a:79:cc:9f:f3:d1:90:d6:ca:9a: d0:d8:54:75:36:e3:d7:fc:d4:dc:e0:43:47:f9:7a: 0b:63:d5:c0:e4:fc:2e:eb:b3:03:7f:cf:5e:83:60: ad:09:8c:0f:79:81:38:e1:06:8e:01:2e:86:da:3a: 19:4a:50:15:b6:e3:48:4f:2f:d0:d5:20:98:fb:38: 93:38:36:f6:61:85:66:c4:18:00:71:04:e1:64:4c: 49:03:29:01:e0:c0:cc:7a:fa:c8:b0:f6:35:e1:3e: 58:a0:6a:0e:80:68:18:0b:67:0f:53:5d:43:45:68: fe:fb:0c:f5:a0:db:fa:9d:e9:67:5f:8c:22:1c:06: 2b:b1:6c:4a:fc:dd:ae:75:2f:54:84:8b:57:af:79: 4f:e9:1a:ce:47:20:49:b0:8f:2b:2a:18:7a:1e:0f: a0:29:d1:68:cf:bc:2b:af:9e:a1:60:6f:3f:39:57: e2:ad:a8:d5:e0:ee:d0:4c:c9:84:bf:6d:6a:98:ca: d8:5e:6a:42:73:8c:63:ab:cc:37:c7:57:fe:a9:b6: ea:05:51:f3:98:fc:5f:27:2a:ce:5e:17:e6:ec:0b: 85:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:98:CB:CA:5D:FF:FE:B9:23:B5:9E:E4:7C:2C:56:D6:F0:C0:4D:83 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:8c0::/46 Signature Algorithm: sha256WithRSAEncryption 70:29:4e:65:42:75:d2:8f:26:13:67:51:62:61:eb:a5:0e:a5: 61:92:25:99:8a:28:67:5e:b7:aa:08:72:2b:de:be:b7:df:bc: f2:70:b4:d6:0d:d4:a7:3b:e7:f9:35:6e:6b:90:91:ba:72:56: e8:d6:7e:b8:cb:b1:e9:9e:1e:aa:6d:aa:d7:d8:32:fb:f4:02: 8f:bc:0e:e6:a9:3b:66:fb:2a:2b:ca:5d:33:e5:9a:82:ef:73: bc:2a:5b:af:d4:ef:02:e6:ff:27:a8:47:a9:41:bd:90:fe:d6: c0:25:ff:73:b5:55:cf:2f:c1:b1:ae:03:0f:34:8c:7e:b4:75: 09:b5:3f:a9:8c:49:75:6f:f8:76:b9:84:93:c7:c3:2d:d6:9c: c9:cf:c0:0f:73:a5:18:96:32:4d:87:a1:42:85:77:4c:79:d7: 50:6b:bb:ce:5f:7a:b4:46:89:d9:89:99:bc:92:24:4f:52:0f: ee:04:4a:40:ef:e7:6f:d5:6d:29:06:e8:06:88:6a:64:fe:35: e8:42:35:23:e1:18:9c:9b:8c:bf:77:68:31:87:5f:40:c1:6e: 4a:d6:98:68:0f:d1:99:ec:38:33:42:25:f4:f4:17:be:b0:61: b0:a3:e8:e4:5d:ca:db:5b:12:81:04:cf:cc:fd:dd:db:56:e5: 54:dc:0d:b0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUccW7u3kbH74SuIxJ/Z+YLAuHtN4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwNTEyM1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMzZlYzRmYWU0YzI2Mjk3NGJlYzBi ZDE5MGJjZTZmM2MwZTM3ODAzNDA3MGZkMzU1OGUzYjkzYWRiODM3ZjhiZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmclQ3q0JoAzkKeF0QaaOOiF+d5AB cksFZ41W6+nzB0Gjfhp5zJ/z0ZDWyprQ2FR1NuPX/NTc4ENH+XoLY9XA5Pwu67MD f89eg2CtCYwPeYE44QaOAS6G2joZSlAVtuNITy/Q1SCY+ziTODb2YYVmxBgAcQTh ZExJAykB4MDMevrIsPY14T5YoGoOgGgYC2cPU11DRWj++wz1oNv6nelnX4wiHAYr sWxK/N2udS9UhItXr3lP6RrORyBJsI8rKhh6Hg+gKdFoz7wrr56hYG8/OVfirajV 4O7QTMmEv21qmMrYXmpCc4xjq8w3x1f+qbbqBVHzmPxfJyrOXhfm7AuFzQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPqYy8pd//65I7We5HwsVtbwwE2DMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0MjE0OWFjLTEzZTgtNDE5Yy1iM2M5LTQ2Mjc0Yzg5NDNkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaQjAMA0GCSqGSIb3DQEBCwUAA4IBAQBwKU5lQnXSjyYTZ1Fi YeulDqVhkiWZiihnXreqCHIr3r6337zycLTWDdSnO+f5NW5rkJG6clbo1n64y7Hp nh6qbarX2DL79AKPvA7mqTtm+yoryl0z5ZqC73O8Kluv1O8C5v8nqEepQb2Q/tbA Jf9ztVXPL8GxrgMPNIx+tHUJtT+pjEl1b/h2uYSTx8Mt1pzJz8APc6UYljJNh6FC hXdMeddQa7vOX3q0RonZiZm8kiRPUg/uBEpA7+dv1W0pBugGiGpk/jXoQjUj4Ric m4y/d2gxh19AwW5K1phoD9GZ7DgzQiX09Be+sGGwo+jkXcrbWxKBBM/M/d3bVuVU 3A2w -----END CERTIFICATE-----Generated at Sat Jun 14 06:31:31 2025 by rpki-client