$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa File: 6966423c-fa27-4cd5-898f-a147e75cdcb6.roa (raw, json) Hash identifier: R9eMwgjGQRzM3Nf0+H9w/i5Ub/0oRPXeO3VcUaxXvFA= Subject key identifier: E0:D9:74:B6:D8:BA:74:9A:CF:6D:AC:C2:8C:A9:21:6C:02:B9:0E:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2D8DC2C2658755668B7F2E33BA81CEA32D4E723A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa Signing time: Tue 10 Jun 2025 15:20:09 +0000 ROA not before: Tue 10 Jun 2025 15:20:09 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:8d:c2:c2:65:87:55:66:8b:7f:2e:33:ba:81:ce:a3:2d:4e:72:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:20:09 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=2573c08437d13b98cee94933da9943feb061226b7ef2cf59f90cf638e84d0155, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0c:61:8c:43:a2:e4:66:54:13:60:69:4e:79: e3:02:83:3e:9b:b3:60:c4:2e:2a:1f:3e:88:a5:5b: 7f:e1:4b:87:fe:a6:ee:ef:9e:96:59:28:1a:e6:09: 3e:60:6c:cb:5c:5a:63:c1:82:c2:cb:70:3c:3f:59: f3:37:92:83:e1:99:37:98:42:6c:6e:19:00:e3:9a: 02:d1:0b:08:4d:8d:19:fa:5c:f0:5c:be:10:b5:c5: 23:ed:df:ad:6d:67:18:e3:41:92:ab:55:35:1a:02: 67:7d:57:18:f1:19:27:c4:17:7b:0f:74:35:34:6e: a3:a4:8d:68:68:03:fa:8d:13:ab:b7:c3:4d:9b:ca: ff:7e:e3:6a:3f:b5:e3:24:d3:bb:c8:e5:3c:38:df: 63:05:c8:8f:15:b3:25:50:6e:3b:df:68:e5:4f:14: 27:30:fb:6e:ac:41:ef:62:e9:6c:85:ad:a9:a2:84: 95:93:98:bd:b3:9b:17:c8:62:fd:2c:1d:31:0e:5a: 97:ee:c0:8e:7b:9d:1e:d9:c2:2d:a8:d7:f6:95:6e: ad:14:ec:dc:cc:bb:9c:47:70:bd:cf:04:e3:99:77: 7f:50:f2:41:ab:f5:42:f5:8b:33:2b:f9:c6:e1:09: 25:1b:1a:84:2f:d7:5b:89:2f:21:3c:a1:e9:dc:87: c3:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:D9:74:B6:D8:BA:74:9A:CF:6D:AC:C2:8C:A9:21:6C:02:B9:0E:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:a000::/40 Signature Algorithm: sha256WithRSAEncryption 27:22:73:8b:a4:aa:be:aa:69:d4:cc:f5:28:4f:84:30:19:d7: ab:f1:b6:36:b7:53:bd:d5:87:b4:df:9f:1c:a7:11:bf:81:d6: dc:0e:00:d2:c2:4d:a7:e2:9b:89:a3:5d:e9:b2:b7:8c:84:5f: 69:55:52:44:b2:b5:23:0e:44:a6:a9:21:aa:99:14:0d:c4:93: 0c:4d:e5:08:22:2c:83:7e:6d:3a:b0:31:2e:88:71:83:b5:ac: 06:e1:17:ae:1c:f6:af:3b:b3:2d:7c:fa:19:a5:f3:1b:23:a2: c8:21:68:e8:0a:c7:3c:66:3c:46:ef:77:e3:7e:46:0e:30:78: f4:ec:5a:d9:9f:e9:ba:49:ba:46:c2:16:38:f0:c1:16:69:cc: 22:e0:ce:fe:e7:8c:2a:99:5b:b6:45:26:2b:e7:b8:20:92:29: a7:fa:81:64:08:56:29:71:f8:4a:32:10:80:18:8f:bf:c0:4f: 6f:1f:b9:69:0e:dd:ff:a1:88:cb:63:77:71:50:f8:a5:ed:9e: ae:2e:f2:86:37:17:89:42:bd:a5:3e:44:c9:ac:fb:2f:f8:62: b2:cb:e1:e7:0d:d6:d8:b0:cd:60:d3:4f:5a:09:09:66:d4:51: 75:d0:15:77:67:9c:d3:26:36:d5:f1:77:88:e0:cb:91:bd:4b: 01:bb:fb:39 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULY3CwmWHVWaLfy4zuoHOoy1OcjowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MjAwOVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMjU3M2MwODQzN2QxM2I5OGNlZTk0 OTMzZGE5OTQzZmViMDYxMjI2YjdlZjJjZjU5ZjkwY2Y2MzhlODRkMDE1NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgxhjEOi5GZUE2BpTnnjAoM+m7Ng xC4qHz6IpVt/4UuH/qbu756WWSga5gk+YGzLXFpjwYLCy3A8P1nzN5KD4Zk3mEJs bhkA45oC0QsITY0Z+lzwXL4QtcUj7d+tbWcY40GSq1U1GgJnfVcY8RknxBd7D3Q1 NG6jpI1oaAP6jROrt8NNm8r/fuNqP7XjJNO7yOU8ON9jBciPFbMlUG4732jlTxQn MPturEHvYulsha2pooSVk5i9s5sXyGL9LB0xDlqX7sCOe50e2cItqNf2lW6tFOzc zLucR3C9zwTjmXd/UPJBq/VC9YszK/nG4QklGxqEL9dbiS8hPKHp3IfDpwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFODZdLbYunSaz22swoypIWwCuQ7IMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5NjY0MjNjLWZhMjctNGNkNS04OThmLWExNDdlNzVjZGNiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauaAwDQYJKoZIhvcNAQELBQADggEBACcic4ukqr6qadTM9ShP hDAZ16vxtja3U73Vh7TfnxynEb+B1twOANLCTafim4mjXemyt4yEX2lVUkSytSMO RKapIaqZFA3EkwxN5QgiLIN+bTqwMS6IcYO1rAbhF64c9q87sy18+hml8xsjosgh aOgKxzxmPEbvd+N+Rg4wePTsWtmf6bpJukbCFjjwwRZpzCLgzv7njCqZW7ZFJivn uCCSKaf6gWQIVilx+EoyEIAYj7/AT28fuWkO3f+hiMtjd3FQ+KXtnq4u8oY3F4lC vaU+RMms+y/4YrLL4ecN1tiwzWDTT1oJCWbUUXXQFXdnnNMmNtXxd4jgy5G9SwG7 +zk= -----END CERTIFICATE-----Generated at Sat Jun 14 06:04:16 2025 by rpki-client