$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6655ee10-6c32-4ab3-9e1b-e767277d1e17.roa File: 6655ee10-6c32-4ab3-9e1b-e767277d1e17.roa (raw, json) Hash identifier: EBJypbOHp2mS84g0ccprSsUaUXuakcDcrHU92wS5Jtg= Subject key identifier: C6:29:F2:E0:A6:B5:15:A2:9A:3A:B6:E3:CA:0C:50:A3:F4:B3:FA:D2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3B7B4D1E91CCFAF6BC00C96C485EB8EF13255B2A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6655ee10-6c32-4ab3-9e1b-e767277d1e17.roa Signing time: Mon 09 Jun 2025 15:00:11 +0000 ROA not before: Mon 09 Jun 2025 15:00:11 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:7b:4d:1e:91:cc:fa:f6:bc:00:c9:6c:48:5e:b8:ef:13:25:5b:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:00:11 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=aed6b36e7dad35dc06451fd34e6c4b9dc4a59c5ca0b040dcc4d6e41a2195d889, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c8:c7:9b:b9:85:38:78:92:78:75:6a:d4:1b: a2:6c:73:96:d8:fe:25:6d:70:db:ac:0b:7b:7f:f7: 81:a4:e7:f3:b6:f2:f0:9a:e7:ec:d4:58:e4:bb:6a: 25:cd:ee:52:a5:fc:26:00:e6:31:df:86:bb:43:47: 3c:18:5f:6c:e6:a3:cb:e1:8c:ea:32:bc:1c:65:c5: 43:1d:6b:d9:07:5c:2a:4e:aa:ac:90:1e:05:45:12: 1c:09:ea:48:49:19:74:18:33:20:d7:36:a6:7c:5b: 41:71:8b:56:5a:32:9d:f6:7e:68:de:fd:b1:ae:31: 22:ce:7e:b7:e0:1d:03:ce:af:aa:04:e0:82:a1:19: db:03:a2:ac:db:17:62:03:d4:3b:a3:53:5e:60:e4: 4a:94:1d:9f:ed:2b:2e:b4:e8:03:3f:0e:b1:ca:c4: 65:50:08:be:04:5d:6d:02:e6:27:98:0c:c2:6c:30: 4e:d3:56:4c:3e:2c:15:e2:5f:4a:d7:0c:6c:3d:80: af:97:c6:81:c2:8b:33:8b:d1:54:98:e7:97:f9:44: 10:3a:83:a3:e0:fa:7c:12:0e:c4:dc:2c:27:09:76: 47:d3:bd:01:0c:7c:fd:17:b9:f3:f5:f7:88:44:ca: 30:5d:4d:d5:04:e0:52:75:49:a5:de:8b:ee:2c:3e: 51:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:29:F2:E0:A6:B5:15:A2:9A:3A:B6:E3:CA:0C:50:A3:F4:B3:FA:D2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6655ee10-6c32-4ab3-9e1b-e767277d1e17.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:840::/48 Signature Algorithm: sha256WithRSAEncryption 4d:f1:38:24:aa:17:7e:44:4e:bc:5c:ac:44:90:97:2c:c2:d2: d8:b7:0b:6e:67:4d:1c:a2:79:f4:b3:aa:9d:47:f3:9f:69:e8: 75:20:ce:45:51:31:08:21:03:69:12:6a:22:53:a9:c1:3c:eb: d9:1c:ec:b6:08:2c:87:c6:a9:d5:5e:7d:0d:f3:12:86:ea:d1: 2c:c7:a5:86:5d:b4:69:61:21:c2:77:f4:7e:a9:d3:b4:dd:ab: 68:48:d0:03:a6:6a:bc:55:41:a9:bd:bd:1d:fe:fb:d9:75:cf: 23:58:76:7b:4e:1f:dd:5c:77:46:2b:6f:2c:7f:05:4b:bb:0e: 17:0d:94:b2:7f:83:82:31:ea:b3:f6:88:87:3e:70:07:a2:69: a0:2b:23:d1:30:1a:e0:ef:e5:1e:44:eb:88:65:28:4b:5d:3a: 5c:8a:ba:b3:15:41:ef:50:b9:e9:43:83:5a:d9:6c:1c:2a:2a: 76:e8:e0:a4:88:3d:ed:f2:7f:89:0f:d1:b9:8e:f4:41:c7:9c: f1:d2:2a:50:f4:d5:5f:0d:ad:30:18:f2:23:cf:92:56:8d:3f: 27:fb:0d:e0:c5:b1:d8:2c:1f:d8:d6:47:3e:ba:a1:cb:9f:42: b4:07:df:03:bf:bf:31:ac:92:98:a1:74:28:4c:30:a4:ee:cd: 1c:c0:e2:ef -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUO3tNHpHM+va8AMlsSF647xMlWyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MDAxMVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAYWVkNmIzNmU3ZGFkMzVkYzA2NDUx ZmQzNGU2YzRiOWRjNGE1OWM1Y2EwYjA0MGRjYzRkNmU0MWEyMTk1ZDg4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MjHm7mFOHiSeHVq1BuibHOW2P4l bXDbrAt7f/eBpOfztvLwmufs1Fjku2olze5SpfwmAOYx34a7Q0c8GF9s5qPL4Yzq MrwcZcVDHWvZB1wqTqqskB4FRRIcCepISRl0GDMg1zamfFtBcYtWWjKd9n5o3v2x rjEizn634B0Dzq+qBOCCoRnbA6Ks2xdiA9Q7o1NeYORKlB2f7SsutOgDPw6xysRl UAi+BF1tAuYnmAzCbDBO01ZMPiwV4l9K1wxsPYCvl8aBwoszi9FUmOeX+UQQOoOj 4Pp8Eg7E3CwnCXZH070BDHz9F7nz9feIRMowXU3VBOBSdUml3ovuLD5RuQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMYp8uCmtRWimjq248oMUKP0s/rSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY2NTVlZTEwLTZjMzItNGFiMy05ZTFiLWU3NjcyNzdkMWUxNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8ghAMA0GCSqGSIb3DQEBCwUAA4IBAQBN8Tgkqhd+RE68XKxE kJcswtLYtwtuZ00conn0s6qdR/Ofaeh1IM5FUTEIIQNpEmoiU6nBPOvZHOy2CCyH xqnVXn0N8xKG6tEsx6WGXbRpYSHCd/R+qdO03atoSNADpmq8VUGpvb0d/vvZdc8j WHZ7Th/dXHdGK28sfwVLuw4XDZSyf4OCMeqz9oiHPnAHommgKyPRMBrg7+UeROuI ZShLXTpcirqzFUHvULnpQ4Na2WwcKip26OCkiD3t8n+JD9G5jvRBx5zx0ipQ9NVf Da0wGPIjz5JWjT8n+w3gxbHYLB/Y1kc+uqHLn0K0B98Dv78xrJKYoXQoTDCk7s0c wOLv -----END CERTIFICATE-----Generated at Sat Jun 14 06:20:21 2025 by rpki-client