$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6029da1d-7ade-4067-b6f0-551ead7b37a6.roa File: 6029da1d-7ade-4067-b6f0-551ead7b37a6.roa (raw, json) Hash identifier: oR2d5hpKPnW/RIfiN9VCQg1ePbvGftDNXi4xbl38rGs= Subject key identifier: E5:87:B4:F6:15:11:11:F9:47:05:BD:5F:67:5C:62:1B:FA:45:9A:13 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5B28C2411CB673EBFADD7ABF3128714A9B594A95 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6029da1d-7ade-4067-b6f0-551ead7b37a6.roa Signing time: Tue 03 Jun 2025 19:36:50 +0000 ROA not before: Tue 03 Jun 2025 19:36:50 +0000 ROA not after: Tue 08 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:28:c2:41:1c:b6:73:eb:fa:dd:7a:bf:31:28:71:4a:9b:59:4a:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 3 19:36:50 2025 GMT Not After : Jul 8 23:59:59 2025 GMT Subject: serialNumber=82483de5090a19c451a4e3b5e17901c9052be5c099d91097c62151d4f5fdd722, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:39:0e:67:93:bb:48:b9:5b:32:38:a1:b5:97: 03:d3:88:12:15:45:3f:81:09:da:4e:ee:45:0a:03: 4d:7a:b7:24:20:3a:58:65:81:1a:28:4f:2b:f7:1c: 69:6d:b7:bf:7a:d0:90:2c:fc:0e:db:d0:fc:9b:4e: 98:b7:bf:c5:94:28:a9:aa:c3:10:7c:5d:ca:a0:2b: 85:59:bb:c3:17:4d:3a:7b:62:7c:fc:21:65:96:68: e7:c9:f2:e8:c7:16:9f:e2:3c:ab:70:c7:e9:80:d9: 21:9f:12:f5:a8:48:11:35:89:7c:a1:df:42:5f:e0: c5:d0:6b:a7:0a:39:78:14:75:38:f6:21:51:1a:b6: 27:2f:1c:99:31:68:8a:58:ad:c5:e5:4a:69:01:01: 1f:23:05:74:b3:70:c8:6f:49:99:e0:8e:c4:41:85: ca:14:b5:15:c4:95:d0:ac:d7:45:f0:b7:47:9f:d0: 05:9b:6f:fb:7e:1c:be:90:b6:79:d2:99:3f:8d:5d: 40:8a:de:4b:e1:5b:29:86:82:f2:0a:67:e9:dd:61: cd:de:f4:e8:3d:cf:52:cd:af:d6:53:64:78:a9:da: ee:2d:01:42:39:a2:90:89:ce:36:1e:41:60:0b:47: 0e:44:23:53:9f:5d:0b:63:fc:ad:bd:43:b1:fc:35: 1f:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:87:B4:F6:15:11:11:F9:47:05:BD:5F:67:5C:62:1B:FA:45:9A:13 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6029da1d-7ade-4067-b6f0-551ead7b37a6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:2800::/40 Signature Algorithm: sha256WithRSAEncryption 23:78:f8:44:6f:b3:4f:06:dc:f9:fa:7c:25:6a:97:8e:a7:22: c5:1e:1e:e7:28:f7:69:e8:f3:38:2b:51:d3:24:93:33:b4:d1: 79:df:5a:b4:1f:b5:77:ac:78:e9:d7:7a:b9:59:96:69:e5:8e: e6:63:14:2b:31:10:25:af:44:d6:17:3f:2c:77:26:75:73:54: 92:e9:ce:be:47:e7:7f:7d:88:3c:3b:34:b8:db:56:b6:24:86: 44:5d:53:28:65:46:b6:7a:02:7a:0f:13:35:ab:01:1b:b4:43: 62:c9:80:ae:de:ca:75:14:37:84:82:c1:9e:6e:7b:5e:28:66: 20:ee:0e:80:e7:b8:6c:3d:26:1e:6a:fb:93:6c:69:52:8e:47: 95:94:f5:c9:86:6b:6e:5d:4d:0f:15:27:7b:85:fd:d1:d7:02: 28:9d:05:13:18:cb:3a:1e:ea:ec:51:ed:bd:1a:6f:81:3b:c7: 68:27:00:7a:f9:cc:4e:a9:3c:34:d4:d9:be:03:3f:9a:ec:35: 4b:0a:82:e4:8d:b1:16:8e:73:51:41:0b:f3:e7:a0:40:31:a9: 29:6f:1f:de:c6:37:cd:51:83:3b:81:dd:9b:e7:ef:30:5e:58: bd:8b:89:26:8d:d4:2a:6b:5b:c3:f9:9d:7f:10:53:1e:ab:bc: 62:8e:d0:0b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWyjCQRy2c+v63Xq/MShxSptZSpUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwMzE5MzY1MFoX DTI1MDcwODIzNTk1OVowejFJMEcGA1UEBRNAODI0ODNkZTUwOTBhMTljNDUxYTRl M2I1ZTE3OTAxYzkwNTJiZTVjMDk5ZDkxMDk3YzYyMTUxZDRmNWZkZDcyMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjkOZ5O7SLlbMjihtZcD04gSFUU/ gQnaTu5FCgNNerckIDpYZYEaKE8r9xxpbbe/etCQLPwO29D8m06Yt7/FlCipqsMQ fF3KoCuFWbvDF006e2J8/CFllmjnyfLoxxaf4jyrcMfpgNkhnxL1qEgRNYl8od9C X+DF0GunCjl4FHU49iFRGrYnLxyZMWiKWK3F5UppAQEfIwV0s3DIb0mZ4I7EQYXK FLUVxJXQrNdF8LdHn9AFm2/7fhy+kLZ50pk/jV1Ait5L4VsphoLyCmfp3WHN3vTo Pc9Sza/WU2R4qdruLQFCOaKQic42HkFgC0cORCNTn10LY/ytvUOx/DUf6QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOWHtPYVERH5RwW9X2dcYhv6RZoTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYwMjlkYTFkLTdhZGUtNDA2Ny1iNmYwLTU1MWVhZDdiMzdhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauSgwDQYJKoZIhvcNAQELBQADggEBACN4+ERvs08G3Pn6fCVq l46nIsUeHuco92no8zgrUdMkkzO00XnfWrQftXeseOnXerlZlmnljuZjFCsxECWv RNYXPyx3JnVzVJLpzr5H5399iDw7NLjbVrYkhkRdUyhlRrZ6AnoPEzWrARu0Q2LJ gK7eynUUN4SCwZ5ue14oZiDuDoDnuGw9Jh5q+5NsaVKOR5WU9cmGa25dTQ8VJ3uF /dHXAiidBRMYyzoe6uxR7b0ab4E7x2gnAHr5zE6pPDTU2b4DP5rsNUsKguSNsRaO c1FBC/PnoEAxqSlvH97GN81RgzuB3Zvn7zBeWL2LiSaN1CprW8P5nX8QUx6rvGKO 0As= -----END CERTIFICATE-----Generated at Sat Jun 14 06:35:10 2025 by rpki-client