$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f805aa7-7757-4dfc-8db8-2227e256fb3b.roa File: 5f805aa7-7757-4dfc-8db8-2227e256fb3b.roa (raw, json) Hash identifier: kphe/UTFqgcY4hY1UND8dBquIdoXkWzxQAI5OB06FFA= Subject key identifier: 69:F8:D7:66:D9:88:CD:38:73:38:B2:54:1A:BE:32:97:3F:E3:4D:7C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7AAF72B634FCF502879EABB03AB0DA5052C523CF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f805aa7-7757-4dfc-8db8-2227e256fb3b.roa Signing time: Sat 07 Jun 2025 00:10:14 +0000 ROA not before: Sat 07 Jun 2025 00:10:14 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:af:72:b6:34:fc:f5:02:87:9e:ab:b0:3a:b0:da:50:52:c5:23:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:10:14 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=3cb41b9d57981b0b9a85ab1530e94f6b9dbd651a1addd1c9d977e3eb78ddbdf1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:58:a1:89:20:23:88:a3:e6:1d:90:74:a6:f4: 89:d8:d0:8e:df:ba:ea:c9:c2:e7:1b:f5:cd:c1:57: 57:18:1e:07:31:75:90:a1:e4:d0:b9:ea:85:75:6e: 92:fe:14:5c:67:13:a6:2b:c0:75:41:f6:31:d0:5c: 64:69:fa:4d:fb:bc:b1:1a:b1:5f:be:29:5b:21:33: 6d:59:ea:0b:e8:d8:d2:2a:d1:d2:ec:f0:17:2b:3d: cf:c2:a7:0a:b3:0a:a0:3f:39:96:74:5d:3a:5c:2d: 50:8d:48:be:0d:a2:a5:09:83:2d:ca:65:21:e7:82: 99:3d:e4:2d:49:24:5c:c1:67:1d:8b:3e:cc:5c:8e: 85:26:86:fb:b8:e8:b7:d4:fc:c3:76:25:f7:4d:a4: db:d5:2a:b6:85:18:c3:8a:40:a0:3d:71:54:18:a8: a6:92:38:3a:d4:28:70:a4:bc:ca:00:7e:33:c4:55: 20:bc:ea:92:1b:62:7f:5d:9a:ea:78:b9:91:97:74: 9f:5c:b7:51:c5:2b:cf:21:18:c1:f1:ed:cb:66:d3: 6f:d8:fe:22:43:e1:6f:09:4f:2d:8a:2a:a5:9a:c5: 35:cd:fa:c8:cf:c4:6b:0e:e6:43:93:56:f1:bc:70: 27:a1:97:15:67:99:ce:f2:f8:8d:f7:14:43:88:23: a6:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:F8:D7:66:D9:88:CD:38:73:38:B2:54:1A:BE:32:97:3F:E3:4D:7C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f805aa7-7757-4dfc-8db8-2227e256fb3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6080::/48 Signature Algorithm: sha256WithRSAEncryption a2:27:f4:74:b1:6e:b5:ef:0e:c4:8a:b2:1d:5c:11:36:7a:36: 09:89:25:1c:ed:45:57:43:fb:ce:ea:47:c8:40:7a:5c:3a:0e: 8e:d6:a7:45:47:73:4f:cb:d9:c8:a1:21:06:4f:98:c5:bb:76: fa:fe:21:78:df:6d:c1:32:a5:a3:48:6e:04:ec:4a:ad:19:01: 00:a6:f0:f1:24:0a:81:00:be:20:fb:25:8f:3a:cd:99:1e:9e: 72:cf:e0:f4:8c:d5:f5:c4:df:bf:c3:b1:33:c2:f4:c8:f5:a9: 98:7f:6b:5a:bc:6b:49:88:3f:bd:26:3d:4f:18:d1:08:64:35: a3:84:f0:15:44:21:16:0d:38:bf:38:78:96:1b:37:c0:d4:73: d8:81:f6:9a:42:fb:12:96:e3:91:bf:94:11:30:8a:f1:4c:9e: 80:cf:8f:02:63:d2:4f:6a:45:7f:10:8e:eb:a8:ab:08:c5:00: cf:59:0e:cd:fb:97:d0:e2:30:b5:57:fd:73:c2:80:8c:5f:09: 3b:6e:40:eb:6f:2d:11:e9:3b:8d:b7:2e:55:b9:33:d8:3a:8b: eb:ae:83:03:34:72:58:e6:28:27:85:c2:8b:55:2c:ef:9e:0e: 88:81:ac:c4:af:5d:ba:12:44:62:d3:0c:57:dd:77:35:1e:60: a3:bf:86:5f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUeq9ytjT89QKHnquwOrDaUFLFI88wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMTAxNFoX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAM2NiNDFiOWQ1Nzk4MWIwYjlhODVh YjE1MzBlOTRmNmI5ZGJkNjUxYTFhZGRkMWM5ZDk3N2UzZWI3OGRkYmRmMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulihiSAjiKPmHZB0pvSJ2NCO37rq ycLnG/XNwVdXGB4HMXWQoeTQueqFdW6S/hRcZxOmK8B1QfYx0FxkafpN+7yxGrFf vilbITNtWeoL6NjSKtHS7PAXKz3PwqcKswqgPzmWdF06XC1QjUi+DaKlCYMtymUh 54KZPeQtSSRcwWcdiz7MXI6FJob7uOi31PzDdiX3TaTb1Sq2hRjDikCgPXFUGKim kjg61ChwpLzKAH4zxFUgvOqSG2J/XZrqeLmRl3SfXLdRxSvPIRjB8e3LZtNv2P4i Q+FvCU8tiiqlmsU1zfrIz8RrDuZDk1bxvHAnoZcVZ5nO8viN9xRDiCOmcwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGn412bZiM04cziyVBq+Mpc/4018MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVmODA1YWE3LTc3NTctNGRmYy04ZGI4LTIyMjdlMjU2ZmIzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGCAMA0GCSqGSIb3DQEBCwUAA4IBAQCiJ/R0sW617w7EirId XBE2ejYJiSUc7UVXQ/vO6kfIQHpcOg6O1qdFR3NPy9nIoSEGT5jFu3b6/iF4323B MqWjSG4E7EqtGQEApvDxJAqBAL4g+yWPOs2ZHp5yz+D0jNX1xN+/w7EzwvTI9amY f2tavGtJiD+9Jj1PGNEIZDWjhPAVRCEWDTi/OHiWGzfA1HPYgfaaQvsSluORv5QR MIrxTJ6Az48CY9JPakV/EI7rqKsIxQDPWQ7N+5fQ4jC1V/1zwoCMXwk7bkDrby0R 6TuNty5VuTPYOovrroMDNHJY5ignhcKLVSzvng6IgazEr126EkRi0wxX3Xc1HmCj v4Zf -----END CERTIFICATE-----Generated at Sat Jun 14 06:10:32 2025 by rpki-client