$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/562ea526-d7fd-4f54-a7f1-2891e7003176.roa File: 562ea526-d7fd-4f54-a7f1-2891e7003176.roa (raw, json) Hash identifier: jJDYrYZXC30ZahYaPCYea0e4oYi2xuAn/Cbfm2vuZSA= Subject key identifier: 45:4F:05:CE:D2:F9:B9:7F:19:D0:75:66:CC:F9:27:87:39:1F:EC:96 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 46C060F480FC97E08345CD45972DF82AE3FDE414 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/562ea526-d7fd-4f54-a7f1-2891e7003176.roa Signing time: Sat 07 Jun 2025 00:20:10 +0000 ROA not before: Sat 07 Jun 2025 00:20:10 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:60a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:c0:60:f4:80:fc:97:e0:83:45:cd:45:97:2d:f8:2a:e3:fd:e4:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:20:10 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=1491df4c6bcaca3959a1b617f2e7804870a8384c501ec4c1e8f98d9a962bff21, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b7:a9:49:4a:07:78:f6:43:d4:a3:04:0f:31: 55:36:72:5e:31:57:e2:77:95:1a:ca:38:b5:f1:83: 5f:78:58:00:e1:bf:02:6f:19:09:11:74:44:e0:8c: 85:8b:15:f7:b5:67:0b:d9:7c:06:b0:cf:b8:d1:7c: 34:99:6c:fd:b1:ff:cf:22:49:68:ee:d5:31:14:bc: 81:48:ba:c8:15:55:a7:6a:ac:3d:81:85:48:81:c9: d5:98:c7:05:00:9d:f8:74:37:eb:5b:4b:9d:c4:bc: f8:43:38:f5:e7:cf:17:37:56:32:12:7c:90:b9:ee: 5e:a6:9a:60:59:fa:01:43:aa:77:2e:72:ca:e4:36: bd:2f:06:74:b9:ac:85:ae:00:68:68:96:4c:0d:10: 7b:f9:d3:1d:5a:55:62:44:9e:0c:4a:75:0d:6a:4e: 6c:87:bd:d9:47:6c:36:11:b9:35:e9:8d:3d:72:1b: 73:fe:e9:ea:00:28:f7:6a:bb:c2:1e:6a:9f:d7:ac: c6:81:c4:3a:41:cc:9c:af:ce:a8:d9:51:ad:fb:ca: 92:4f:14:8f:b6:e7:35:d5:b2:c0:dd:6c:0b:db:eb: e5:a1:d6:07:d5:02:31:14:8e:5f:aa:81:53:c4:1f: 23:ea:6b:b9:27:6f:8a:2d:69:d9:80:94:a4:fd:5a: 75:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:4F:05:CE:D2:F9:B9:7F:19:D0:75:66:CC:F9:27:87:39:1F:EC:96 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/562ea526-d7fd-4f54-a7f1-2891e7003176.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:60a0::/48 Signature Algorithm: sha256WithRSAEncryption 1f:a8:4f:c4:56:9c:67:8e:12:2f:55:09:06:7e:35:27:dc:52: 6c:6f:6a:1c:db:4f:5b:af:68:4c:48:7a:b5:de:c9:97:25:ac: d0:b0:80:01:fe:ff:d1:77:9d:12:75:59:30:73:e2:26:71:42: 1d:7c:dc:2c:5c:b5:14:5d:4a:d0:c6:9f:fb:53:c5:5a:b2:13: 6e:c9:a7:ca:bc:d2:2c:f4:65:46:16:7d:e4:6d:f9:d1:f1:cd: 68:13:29:bc:02:e4:74:41:4b:0c:a9:52:3f:9d:5f:9a:d9:e7: ff:62:0d:98:07:a5:43:93:76:13:8a:87:7e:50:33:27:eb:79: f5:77:6d:eb:8c:73:9b:df:3a:6c:95:51:07:6e:e9:46:f7:64: bd:e1:d1:c1:b5:99:a7:cb:d2:e8:66:80:b7:66:30:43:f2:08: 5a:1c:1e:94:56:21:3f:d3:ac:40:1a:72:3c:be:16:a4:6c:68: 33:06:4d:5a:2f:05:74:8c:36:06:d4:9e:96:a8:44:70:65:5d: 38:5f:07:80:56:96:88:f9:55:e0:41:7a:c1:09:26:88:69:51: 26:98:f0:2e:97:d1:db:a7:36:5a:2b:a1:6e:e6:cf:ca:e9:9e: ae:2a:dc:e6:ac:16:85:59:c9:5d:4e:da:71:22:f7:6b:7e:a0: 9d:c0:1e:65 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURsBg9ID8l+CDRc1Fly34KuP95BQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMjAxMFoX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAMTQ5MWRmNGM2YmNhY2EzOTU5YTFi NjE3ZjJlNzgwNDg3MGE4Mzg0YzUwMWVjNGMxZThmOThkOWE5NjJiZmYyMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobepSUoHePZD1KMEDzFVNnJeMVfi d5Uayji18YNfeFgA4b8CbxkJEXRE4IyFixX3tWcL2XwGsM+40Xw0mWz9sf/PIklo 7tUxFLyBSLrIFVWnaqw9gYVIgcnVmMcFAJ34dDfrW0udxLz4Qzj1588XN1YyEnyQ ue5epppgWfoBQ6p3LnLK5Da9LwZ0uayFrgBoaJZMDRB7+dMdWlViRJ4MSnUNak5s h73ZR2w2Ebk16Y09chtz/unqACj3arvCHmqf16zGgcQ6Qcycr86o2VGt+8qSTxSP tuc11bLA3WwL2+vlodYH1QIxFI5fqoFTxB8j6mu5J2+KLWnZgJSk/Vp1QQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEVPBc7S+bl/GdB1Zsz5J4c5H+yWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2MmVhNTI2LWQ3ZmQtNGY1NC1hN2YxLTI4OTFlNzAwMzE3Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGCgMA0GCSqGSIb3DQEBCwUAA4IBAQAfqE/EVpxnjhIvVQkG fjUn3FJsb2oc209br2hMSHq13smXJazQsIAB/v/Rd50SdVkwc+ImcUIdfNwsXLUU XUrQxp/7U8VashNuyafKvNIs9GVGFn3kbfnR8c1oEym8AuR0QUsMqVI/nV+a2ef/ Yg2YB6VDk3YTiod+UDMn63n1d23rjHOb3zpslVEHbulG92S94dHBtZmny9LoZoC3 ZjBD8ghaHB6UViE/06xAGnI8vhakbGgzBk1aLwV0jDYG1J6WqERwZV04XweAVpaI +VXgQXrBCSaIaVEmmPAul9HbpzZaK6Fu5s/K6Z6uKtzmrBaFWcldTtpxIvdrfqCd wB5l -----END CERTIFICATE-----Generated at Sat Jun 14 06:23:06 2025 by rpki-client