$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5caef593-3e1a-4239-836f-142b22751593.roa File: 5caef593-3e1a-4239-836f-142b22751593.roa (raw, json) Hash identifier: N/7W1OSr3r5D11LfEFm4srMSpw6nh8T8v/G3DIjWKZQ= Subject key identifier: 0A:3A:3A:BE:EE:D6:0D:2C:5E:DF:51:7F:A2:34:16:1F:E1:B0:DD:0B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11B5A3A3407DA70E0815B53554858C842DC13431 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5caef593-3e1a-4239-836f-142b22751593.roa Signing time: Tue 10 Jun 2025 15:12:25 +0000 ROA not before: Tue 10 Jun 2025 15:12:25 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:b5:a3:a3:40:7d:a7:0e:08:15:b5:35:54:85:8c:84:2d:c1:34:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:12:25 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=5abcf9eb77ce039170dcee2045e4be92bff8c73512852524b218667ae1e533f9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:fd:e2:a6:9d:91:e9:9a:3d:b1:1d:d5:b5:2b: 09:a9:6b:4b:1b:f2:c7:03:35:b1:d4:8f:13:1f:98: 99:78:d7:66:bf:cd:a8:8a:e4:d6:af:ef:62:95:6e: 6e:fc:ea:c1:e9:64:e1:c7:47:44:24:8a:67:39:90: 8e:88:e1:6b:92:c9:43:25:2e:5e:97:cf:fa:29:20: 46:4d:5c:7a:33:b6:70:8a:c4:73:cb:3c:30:f1:67: 4f:0b:45:76:4f:12:22:97:2f:af:7f:f6:4f:84:77: a7:2c:37:c7:0c:48:8b:8a:5b:eb:15:f2:13:3b:21: 9d:25:ee:b9:be:63:03:93:be:a7:35:50:3b:33:14: bb:fb:46:47:ab:22:e0:3f:e5:1b:70:18:d4:13:28: d5:03:d2:88:51:04:d7:b9:a2:5d:c8:c5:71:0c:3f: ee:08:30:fe:57:56:a9:67:23:21:d0:47:51:1a:e3: 77:96:77:55:41:00:a4:13:d4:57:ec:19:b6:02:d9: 3a:a5:23:16:28:5d:e2:f6:19:1a:87:af:b7:a5:1b: 1f:8d:6a:aa:c8:88:2d:de:43:5a:15:f5:5e:69:94: 4b:00:0b:d8:ac:57:52:50:e4:d0:91:7a:ac:f2:35: 3f:87:8a:7e:9a:79:fb:a3:ea:f9:f7:df:d1:ac:bc: 00:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:3A:3A:BE:EE:D6:0D:2C:5E:DF:51:7F:A2:34:16:1F:E1:B0:DD:0B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5caef593-3e1a-4239-836f-142b22751593.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:1000::/40 Signature Algorithm: sha256WithRSAEncryption 7b:d1:48:76:0e:09:06:a1:dc:d5:c4:c9:8a:24:47:25:4f:c5: d0:f8:60:e3:09:51:db:f7:d0:2d:17:e1:95:27:aa:f6:9f:4b: e8:52:92:e6:48:6b:d9:a2:72:8f:66:6c:ca:4d:01:f7:b7:02: 0e:5e:64:2b:03:5c:5f:47:8b:99:b3:e4:ff:82:c5:ac:c5:a3: 2c:9c:55:47:18:8e:b1:29:22:1b:e8:d8:07:06:e8:c9:c1:f1: 2b:a8:87:a7:c4:41:70:89:d6:81:67:39:d6:90:2d:0a:06:4e: 0f:ac:42:f0:bc:eb:70:52:ed:ab:46:e7:6f:67:73:62:8a:28: a1:67:4a:2f:85:97:30:22:50:60:bb:a8:3a:23:1a:94:46:98: ad:e4:dd:ab:f0:6f:a2:ac:d0:00:27:4b:57:0a:87:03:c5:81: 9c:fa:42:fc:bb:ee:32:dd:05:b4:0d:93:e5:84:ec:20:b3:1d: 51:54:a1:15:05:0c:de:5e:24:4d:b2:84:c7:4e:9f:52:a0:ef: 0e:21:15:a0:86:11:b0:d0:03:e9:ea:60:45:71:8b:21:64:e4: e7:15:35:bb:c5:ef:a6:a4:1d:2e:4c:5c:f6:8b:17:a1:d7:33: cd:bc:d7:81:e9:3c:77:41:bf:d2:46:e0:e1:41:fc:63:fe:fb: 04:0f:ea:b0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEbWjo0B9pw4IFbU1VIWMhC3BNDEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTIyNVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANWFiY2Y5ZWI3N2NlMDM5MTcwZGNl ZTIwNDVlNGJlOTJiZmY4YzczNTEyODUyNTI0YjIxODY2N2FlMWU1MzNmOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/3ipp2R6Zo9sR3VtSsJqWtLG/LH AzWx1I8TH5iZeNdmv82oiuTWr+9ilW5u/OrB6WThx0dEJIpnOZCOiOFrkslDJS5e l8/6KSBGTVx6M7ZwisRzyzww8WdPC0V2TxIily+vf/ZPhHenLDfHDEiLilvrFfIT OyGdJe65vmMDk76nNVA7MxS7+0ZHqyLgP+UbcBjUEyjVA9KIUQTXuaJdyMVxDD/u CDD+V1apZyMh0EdRGuN3lndVQQCkE9RX7Bm2Atk6pSMWKF3i9hkah6+3pRsfjWqq yIgt3kNaFfVeaZRLAAvYrFdSUOTQkXqs8jU/h4p+mnn7o+r599/RrLwAIQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAo6Or7u1g0sXt9Rf6I0Fh/hsN0LMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjYWVmNTkzLTNlMWEtNDIzOS04MzZmLTE0MmIyMjc1MTU5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauRAwDQYJKoZIhvcNAQELBQADggEBAHvRSHYOCQah3NXEyYok RyVPxdD4YOMJUdv30C0X4ZUnqvafS+hSkuZIa9mico9mbMpNAfe3Ag5eZCsDXF9H i5mz5P+CxazFoyycVUcYjrEpIhvo2AcG6MnB8Suoh6fEQXCJ1oFnOdaQLQoGTg+s QvC863BS7atG529nc2KKKKFnSi+FlzAiUGC7qDojGpRGmK3k3avwb6Ks0AAnS1cK hwPFgZz6Qvy77jLdBbQNk+WE7CCzHVFUoRUFDN5eJE2yhMdOn1Kg7w4hFaCGEbDQ A+nqYEVxiyFk5OcVNbvF76akHS5MXPaLF6HXM82814HpPHdBv9JG4OFB/GP++wQP 6rA= -----END CERTIFICATE-----Generated at Sat Jun 14 06:14:14 2025 by rpki-client