$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0c7d8f-32e4-429a-818c-c680fe972a02.roa File: 5f0c7d8f-32e4-429a-818c-c680fe972a02.roa (raw, json) Hash identifier: Y1dVZab/eTeg4g66FMiwBdRh/gI6OpLEL187uGp/Prc= Subject key identifier: 17:B1:4E:67:41:A6:03:48:1E:72:33:B6:90:59:37:A4:48:A5:B2:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 10996EB03BA183E4173517EA15DF92B932DEA3FE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0c7d8f-32e4-429a-818c-c680fe972a02.roa Signing time: Tue 03 Jun 2025 19:38:30 +0000 ROA not before: Tue 03 Jun 2025 19:38:30 +0000 ROA not after: Tue 08 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:99:6e:b0:3b:a1:83:e4:17:35:17:ea:15:df:92:b9:32:de:a3:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 3 19:38:30 2025 GMT Not After : Jul 8 23:59:59 2025 GMT Subject: serialNumber=fadebc2db77c72dfb1eb0684f132109e7af687b4017a0d685022abe9f2764719, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c9:74:e9:fe:3f:b6:dd:9c:fe:64:0a:b2:85: d6:c5:ce:6a:d7:c6:72:fb:18:a0:85:87:79:f0:dc: f3:b6:07:be:ec:1d:48:8c:7e:88:5e:74:71:23:7a: 2e:0d:f7:d2:af:ed:00:31:f7:63:ee:04:58:84:79: 3d:77:ff:b4:23:05:b9:d0:2d:bf:fe:f4:51:b6:68: a1:b2:0e:d3:19:16:1e:3a:db:a2:35:ec:e0:c5:fd: 0c:3f:a0:e2:21:30:59:fa:ee:56:80:78:d1:14:62: 32:d1:a3:f5:1b:b8:b7:a8:8c:33:20:e3:ac:e3:b2: e9:a2:bb:ff:7f:b1:3d:c0:c5:30:88:a9:3d:a2:68: 29:d5:c5:aa:dc:c1:14:e3:7e:e7:95:64:93:ef:e4: 4c:12:7c:d2:79:6d:0c:fa:93:91:a1:02:83:de:4e: d2:a3:8b:9f:85:ab:f7:b4:82:d9:68:f3:5a:a4:65: 91:88:1a:0e:e5:54:68:bb:a2:d1:57:ae:be:7e:70: c5:57:e7:b4:d6:2c:90:1b:b9:90:1a:26:a5:50:dd: a2:33:4e:86:60:c5:62:42:bf:dd:15:41:5d:06:17: 84:9d:39:76:87:ac:12:16:b6:d4:2d:db:fc:87:4b: 38:fb:db:62:1b:37:6a:57:44:64:20:d5:ed:eb:42: 0f:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:B1:4E:67:41:A6:03:48:1E:72:33:B6:90:59:37:A4:48:A5:B2:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0c7d8f-32e4-429a-818c-c680fe972a02.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:f000::/40 Signature Algorithm: sha256WithRSAEncryption 4c:05:05:a4:ef:eb:c5:2f:0e:71:76:b9:8c:cb:9e:3b:5e:7b: e1:38:8e:b4:31:82:ee:fb:12:17:7b:35:2c:25:18:34:56:50: 65:6f:13:93:1a:fe:49:d3:75:4f:02:00:04:b9:2b:2b:a5:1a: 3b:b5:58:2a:4e:51:5a:6e:7e:77:17:c5:c5:df:53:87:a5:37: dc:32:4f:91:b9:1d:b2:06:81:68:0d:93:39:72:7e:f9:03:60: 30:15:32:32:a1:c0:01:bf:65:cf:bf:6e:bb:7b:d1:82:c8:3b: 15:ab:20:c0:07:14:0a:2a:2b:16:48:6f:b0:eb:96:6f:07:d3: 58:96:e2:e8:e5:ea:0b:fb:2b:f0:b0:20:ef:ce:a5:ac:c2:ca: b4:34:1e:2b:b0:12:18:8e:11:67:62:8e:60:ce:7f:e7:d9:37: c3:a3:52:67:54:b4:5e:9d:0c:f3:a9:aa:07:96:58:93:d3:96: fb:0c:32:dc:e4:ee:0c:b8:fd:31:aa:7a:a1:01:8e:fb:02:8b: 9a:15:db:6d:85:67:45:93:dc:87:c2:c0:f2:bb:5d:06:90:67: 7b:11:84:7c:5e:be:6d:7e:d0:67:ca:06:74:07:d7:ab:81:2b: 4e:32:c5:75:46:a4:11:b5:de:47:5f:ca:c6:be:6f:9e:86:bf: de:63:a8:58 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEJlusDuhg+QXNRfqFd+SuTLeo/4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwMzE5MzgzMFoX DTI1MDcwODIzNTk1OVowejFJMEcGA1UEBRNAZmFkZWJjMmRiNzdjNzJkZmIxZWIw Njg0ZjEzMjEwOWU3YWY2ODdiNDAxN2EwZDY4NTAyMmFiZTlmMjc2NDcxOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcl06f4/tt2c/mQKsoXWxc5q18Zy +xighYd58Nzztge+7B1IjH6IXnRxI3ouDffSr+0AMfdj7gRYhHk9d/+0IwW50C2/ /vRRtmihsg7TGRYeOtuiNezgxf0MP6DiITBZ+u5WgHjRFGIy0aP1G7i3qIwzIOOs 47Lporv/f7E9wMUwiKk9omgp1cWq3MEU437nlWST7+RMEnzSeW0M+pORoQKD3k7S o4ufhav3tILZaPNapGWRiBoO5VRou6LRV66+fnDFV+e01iyQG7mQGialUN2iM06G YMViQr/dFUFdBheEnTl2h6wSFrbULdv8h0s4+9tiGzdqV0RkINXt60IPcwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBexTmdBpgNIHnIztpBZN6RIpbLVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVmMGM3ZDhmLTMyZTQtNDI5YS04MThjLWM2ODBmZTk3MmEwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9PAwDQYJKoZIhvcNAQELBQADggEBAEwFBaTv68UvDnF2uYzL njtee+E4jrQxgu77Ehd7NSwlGDRWUGVvE5Ma/knTdU8CAAS5KyulGju1WCpOUVpu fncXxcXfU4elN9wyT5G5HbIGgWgNkzlyfvkDYDAVMjKhwAG/Zc+/brt70YLIOxWr IMAHFAoqKxZIb7Drlm8H01iW4ujl6gv7K/CwIO/OpazCyrQ0HiuwEhiOEWdijmDO f+fZN8OjUmdUtF6dDPOpqgeWWJPTlvsMMtzk7gy4/TGqeqEBjvsCi5oV222FZ0WT 3IfCwPK7XQaQZ3sRhHxevm1+0GfKBnQH16uBK04yxXVGpBG13kdfysa+b56Gv95j qFg= -----END CERTIFICATE-----Generated at Sat Jun 14 06:04:17 2025 by rpki-client