$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa File: 67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa (raw, json) Hash identifier: sgtbCINcM2T21Nj9+DZZzHH1buA9+Ty9ddguyfBM42c= Subject key identifier: 13:13:DD:81:23:DE:1F:A9:92:1D:BC:45:4E:1C:1E:24:ED:3C:AA:ED Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E170D3B6F31B9143D9DA74DDF713B3650C64848 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa Signing time: Mon 09 Jun 2025 15:31:20 +0000 ROA not before: Mon 09 Jun 2025 15:31:20 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:17:0d:3b:6f:31:b9:14:3d:9d:a7:4d:df:71:3b:36:50:c6:48:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:31:20 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=202a32821c54c5bc1fe6eb8b0533f1fd6cc8cb1b25784d5e2bf26a2313bab5f1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:7b:ec:a1:1c:4b:18:da:30:db:72:29:19:2e: be:a6:91:c9:f1:df:b5:24:04:d2:88:26:17:e8:1b: 6b:7a:9a:5f:b9:10:65:9a:70:ba:69:f9:2b:92:ac: 8d:8d:eb:c4:3c:7b:bf:b7:44:01:b4:00:6d:79:c3: 5c:d0:bd:e8:c5:7b:d6:0e:a0:61:52:69:ab:3c:0d: 16:cf:46:0b:69:11:a8:31:31:b4:32:48:49:aa:08: 5f:95:a2:7e:ab:b2:e1:60:e5:fc:9e:cf:cd:8c:36: 97:5e:57:f5:80:99:57:a3:82:c4:a9:6a:eb:21:7d: fc:f0:af:62:e2:9c:5f:99:f5:f3:cc:0d:f3:29:a7: 25:2b:a2:01:33:4f:fe:a0:e7:67:e6:41:b7:22:ee: dc:d6:ad:95:90:15:59:c9:d0:6c:05:9d:0d:b0:a6: d1:00:70:02:71:55:34:78:42:a1:21:37:d2:42:b2: ce:82:81:13:b5:81:2e:37:c3:93:83:d8:94:d7:c4: 35:26:00:16:a0:fb:39:62:dc:92:50:48:9b:41:52: b2:74:dc:26:87:eb:83:82:dd:18:a8:75:36:9e:89: a0:71:18:70:1c:83:45:ce:5f:5b:cf:8b:65:71:a8: d8:d3:98:a3:37:71:de:c7:eb:cb:40:93:fd:f9:81: cf:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:13:DD:81:23:DE:1F:A9:92:1D:BC:45:4E:1C:1E:24:ED:3C:AA:ED X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4840::/48 Signature Algorithm: sha256WithRSAEncryption 9b:2d:1a:4f:fd:c9:5c:b5:63:00:d0:6a:3d:0d:08:b1:7c:d1: 21:5b:65:22:c6:d7:8f:1e:0b:e0:e5:ea:da:66:f4:c0:4d:24: b1:40:3c:87:a4:3a:60:c3:fc:be:1b:32:42:69:c1:b9:a2:22: fd:88:7c:66:14:54:3a:06:3e:8e:5f:0e:88:58:e8:cb:9f:d6: b1:47:03:c1:5d:75:f3:a7:42:8e:f3:fe:dc:57:8a:df:6c:b5: a9:1f:c0:11:74:35:36:8d:bc:b3:55:4a:19:4e:41:ac:09:73: 61:e7:c9:df:f7:28:0e:4e:48:2d:c8:c7:07:42:8d:73:c1:8c: 09:d1:57:93:2f:56:a7:79:2f:97:fd:29:18:a5:67:9c:cb:17: ce:d1:45:db:0f:2f:32:a8:1c:f2:e7:28:91:1d:a5:54:7d:78: ff:d6:0d:47:e4:65:fc:03:bf:04:68:ac:66:c7:ee:c1:5a:d1: 14:ea:c8:fd:9c:ad:c2:4e:d5:6c:0b:8b:48:73:2b:e2:de:28: 7f:7c:ee:fd:88:43:86:6a:8c:f0:b8:5d:b6:44:4c:fd:7b:74: 8c:74:a2:f4:ed:8b:2e:74:cc:a7:9b:4c:8d:0b:7e:d6:7e:4c: 07:9d:9d:5b:97:54:77:0e:8f:e7:b9:47:00:81:1b:6f:d9:62: 83:65:c4:6b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHhcNO28xuRQ9nadN33E7NlDGSEgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MzEyMFoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAMjAyYTMyODIxYzU0YzViYzFmZTZl YjhiMDUzM2YxZmQ2Y2M4Y2IxYjI1Nzg0ZDVlMmJmMjZhMjMxM2JhYjVmMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHvsoRxLGNow23IpGS6+ppHJ8d+1 JATSiCYX6BtreppfuRBlmnC6afkrkqyNjevEPHu/t0QBtABtecNc0L3oxXvWDqBh UmmrPA0Wz0YLaRGoMTG0MkhJqghflaJ+q7LhYOX8ns/NjDaXXlf1gJlXo4LEqWrr IX388K9i4pxfmfXzzA3zKaclK6IBM0/+oOdn5kG3Iu7c1q2VkBVZydBsBZ0NsKbR AHACcVU0eEKhITfSQrLOgoETtYEuN8OTg9iU18Q1JgAWoPs5YtySUEibQVKydNwm h+uDgt0YqHU2nomgcRhwHINFzl9bz4tlcajY05ijN3Hex+vLQJP9+YHPRQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBMT3YEj3h+pkh28RU4cHiTtPKrtMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3ZGFkNjVmLWYyYTctNDZlZi1hNTM3LThmMDliMWE5OWMzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEhAMA0GCSqGSIb3DQEBCwUAA4IBAQCbLRpP/clctWMA0Go9 DQixfNEhW2UixtePHgvg5eraZvTATSSxQDyHpDpgw/y+GzJCacG5oiL9iHxmFFQ6 Bj6OXw6IWOjLn9axRwPBXXXzp0KO8/7cV4rfbLWpH8ARdDU2jbyzVUoZTkGsCXNh 58nf9ygOTkgtyMcHQo1zwYwJ0VeTL1aneS+X/SkYpWecyxfO0UXbDy8yqBzy5yiR HaVUfXj/1g1H5GX8A78EaKxmx+7BWtEU6sj9nK3CTtVsC4tIcyvi3ih/fO79iEOG aozwuF22REz9e3SMdKL07YsudMynm0yNC37WfkwHnZ1bl1R3Do/nuUcAgRtv2WKD ZcRr -----END CERTIFICATE-----Generated at Sat Jun 14 06:04:18 2025 by rpki-client