$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/640f656b-d9be-4a61-baa0-b98d20cb0649.roa File: 640f656b-d9be-4a61-baa0-b98d20cb0649.roa (raw, json) Hash identifier: wqyTv14zZl0bsi2yzHA5LTFMlmXc4oy6KPfnisa/BcE= Subject key identifier: 6F:EC:39:D9:F2:2C:28:03:C8:27:DC:91:19:7D:B2:A5:B5:25:8F:CE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 41DDF631EDFA72107D67E21AC5A0ABDA1D0F36A7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/640f656b-d9be-4a61-baa0-b98d20cb0649.roa Signing time: Tue 10 Jun 2025 00:30:53 +0000 ROA not before: Tue 10 Jun 2025 00:30:53 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:dd:f6:31:ed:fa:72:10:7d:67:e2:1a:c5:a0:ab:da:1d:0f:36:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:30:53 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=31c3017e32034dc079af11a0ea672cca52768fd2d6bbaca2eb1546e79f096bec, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:6a:96:d7:a3:48:25:c5:3b:e8:76:49:7c:82: 1a:03:87:07:5e:33:81:e5:27:82:41:b3:96:5e:4a: 80:09:e1:77:27:aa:d2:54:7a:17:44:85:68:04:2b: a5:ba:6b:24:dc:3f:02:fd:4a:96:b8:f3:84:6d:9e: d5:c1:e9:1b:b7:33:4f:ca:34:aa:c7:26:c9:f2:c3: 92:a6:c4:b4:7c:92:07:1a:70:31:2a:fa:30:65:6b: 1f:f3:31:ec:e3:9b:d4:31:f9:84:a1:f1:4a:9d:40: a8:ff:68:70:09:fb:a8:c5:62:0b:e9:4b:ed:76:e3: 1c:95:88:54:86:e7:0c:de:f7:6d:55:d5:27:c4:07: 05:74:5b:7f:d2:94:b0:bb:c5:91:61:3c:62:da:cf: 0e:ef:df:0f:a2:e1:0e:49:38:a6:31:97:52:f9:19: 1c:2b:8f:9a:1c:ad:81:56:d8:0e:07:ab:22:80:40: 77:fa:9a:5f:83:ff:c7:48:1a:1a:a2:8c:da:0b:c7: c7:51:dd:be:5f:57:51:2a:83:d2:fb:ba:28:05:97: b4:ea:d8:d3:75:da:f9:1f:72:67:2b:41:14:f0:50: 8f:e4:37:69:c1:d0:f0:95:1f:f9:81:50:60:0c:30: 82:0a:ba:23:eb:a2:55:c5:47:a5:15:60:75:f0:9b: 45:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:EC:39:D9:F2:2C:28:03:C8:27:DC:91:19:7D:B2:A5:B5:25:8F:CE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/640f656b-d9be-4a61-baa0-b98d20cb0649.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4000::/40 Signature Algorithm: sha256WithRSAEncryption 99:a7:21:7c:dc:9c:3f:3f:d9:a0:d4:fd:fe:1d:ba:f1:ba:4a: bf:7c:bc:a4:bc:98:00:37:50:77:24:9f:7f:6c:6e:a8:d7:6a: 14:0d:d7:49:78:f1:e7:dc:a5:95:b6:c3:04:83:52:b4:1c:a1: 14:90:0f:6a:72:6a:1c:1c:99:04:ca:b7:6a:4a:8a:05:33:10: f6:1e:fd:0d:dc:db:a8:8f:09:e0:e0:68:83:0c:4e:ac:ef:69: e8:59:a9:4a:8a:44:ab:a8:86:44:01:ba:1b:a2:4a:18:4a:0b: 66:f7:59:5e:98:ff:ad:79:02:15:de:b2:85:54:fc:9d:9f:58: 37:36:f4:f2:83:f5:cb:38:84:1c:21:de:71:db:fb:e8:3d:d7: 5f:98:94:3d:73:b2:d6:98:62:a1:0c:70:4e:e9:03:99:c7:fb: 18:b0:e4:0f:fe:da:89:e6:25:00:0a:5f:45:17:fa:4f:9c:20: b4:2a:f9:df:de:6d:c5:db:81:6a:d9:0c:43:ee:79:28:72:fb: d8:c5:d7:05:b1:65:da:bf:31:6c:ee:ad:0f:58:b5:49:88:b6: 3f:c7:b0:72:51:08:22:2c:a0:a7:83:f3:3c:98:39:92:62:06: 85:d1:13:df:d4:f7:43:ff:51:7a:a5:08:90:5f:87:5d:f5:90: 7d:8a:08:c1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQd32Me36chB9Z+IaxaCr2h0PNqcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMzA1M1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMzFjMzAxN2UzMjAzNGRjMDc5YWYx MWEwZWE2NzJjY2E1Mjc2OGZkMmQ2YmJhY2EyZWIxNTQ2ZTc5ZjA5NmJlYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2qW16NIJcU76HZJfIIaA4cHXjOB 5SeCQbOWXkqACeF3J6rSVHoXRIVoBCulumsk3D8C/UqWuPOEbZ7VwekbtzNPyjSq xybJ8sOSpsS0fJIHGnAxKvowZWsf8zHs45vUMfmEofFKnUCo/2hwCfuoxWIL6Uvt duMclYhUhucM3vdtVdUnxAcFdFt/0pSwu8WRYTxi2s8O798PouEOSTimMZdS+Rkc K4+aHK2BVtgOB6sigEB3+ppfg//HSBoaoozaC8fHUd2+X1dRKoPS+7ooBZe06tjT ddr5H3JnK0EU8FCP5DdpwdDwlR/5gVBgDDCCCroj66JVxUelFWB18JtFywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG/sOdnyLCgDyCfckRl9sqW1JY/OMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY0MGY2NTZiLWQ5YmUtNGE2MS1iYWEwLWI5OGQyMGNiMDY0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOEAwDQYJKoZIhvcNAQELBQADggEBAJmnIXzcnD8/2aDU/f4d uvG6Sr98vKS8mAA3UHckn39sbqjXahQN10l48efcpZW2wwSDUrQcoRSQD2pyahwc mQTKt2pKigUzEPYe/Q3c26iPCeDgaIMMTqzvaehZqUqKRKuohkQBuhuiShhKC2b3 WV6Y/615AhXesoVU/J2fWDc29PKD9cs4hBwh3nHb++g911+YlD1zstaYYqEMcE7p A5nH+xiw5A/+2onmJQAKX0UX+k+cILQq+d/ebcXbgWrZDEPueShy+9jF1wWxZdq/ MWzurQ9YtUmItj/HsHJRCCIsoKeD8zyYOZJiBoXRE9/U90P/UXqlCJBfh131kH2K CME= -----END CERTIFICATE-----Generated at Sat Jun 14 06:38:23 2025 by rpki-client