$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/745411de-d434-4fb7-bef2-d54990248d48.roa File: 745411de-d434-4fb7-bef2-d54990248d48.roa (raw, json) Hash identifier: DhNM8Tfl+jdx03OfFyOdlflcj3CBtijfbhTdbyZRN0s= Subject key identifier: 2C:08:0D:66:15:68:4A:BD:BF:C5:03:7D:59:55:71:26:E2:3B:36:A2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 649A83C47772F3547BF422A20D026310E5E4D348 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/745411de-d434-4fb7-bef2-d54990248d48.roa Signing time: Tue 10 Jun 2025 15:51:48 +0000 ROA not before: Tue 10 Jun 2025 15:51:48 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da16:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:9a:83:c4:77:72:f3:54:7b:f4:22:a2:0d:02:63:10:e5:e4:d3:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:51:48 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=5672e8b9b184fa7fd4c545bb1a5a3587cf732afd86f529007b0a9da9b9e5d0dd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:d6:f1:58:62:c2:d4:2d:75:47:6b:ef:bb:62: a0:1e:d8:0e:ee:b7:7d:6b:fa:b1:80:48:c5:10:32: ad:fd:e4:82:3c:9c:0c:07:5e:6f:bb:c6:a5:74:10: d2:d9:71:1c:66:56:d2:43:be:0b:40:03:16:c8:68: 0c:53:fb:f8:bc:07:8f:35:3e:64:8d:94:89:fd:b5: 91:d0:f2:21:d2:0f:c6:37:fa:27:01:99:da:dd:ea: 14:a6:ef:3f:0c:57:5a:1a:00:ea:ae:53:e8:75:83: 0f:02:5f:05:65:ae:49:08:1c:39:4a:0d:46:73:a7: a5:6f:ee:cd:bc:59:3d:23:4e:fb:17:72:be:95:86: 92:0d:8a:7c:6a:7c:b0:56:6d:78:e0:2e:d5:7f:5e: 45:78:af:ab:f1:88:ad:18:a3:59:ba:7e:9b:73:8e: c1:d1:6b:c3:c5:76:2b:6d:f6:fd:cc:d8:0d:43:4d: f7:0c:a5:7a:f0:51:69:2c:00:ee:7a:64:90:9e:34: 90:4a:76:55:d0:1e:63:d4:c8:54:e9:0e:3d:77:41: 35:ed:ef:10:20:04:b6:b5:cd:f3:8d:17:96:ef:15: f0:c0:68:10:25:33:15:19:71:78:01:1a:44:a4:f7: 01:13:7b:0a:5b:14:b5:8e:a7:72:99:4b:e1:12:f6: d5:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:08:0D:66:15:68:4A:BD:BF:C5:03:7D:59:55:71:26:E2:3B:36:A2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/745411de-d434-4fb7-bef2-d54990248d48.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da16:800::/38 Signature Algorithm: sha256WithRSAEncryption 55:bc:d2:c4:1f:2d:0e:1a:f9:2a:5b:db:11:00:2f:b7:55:70: 82:5f:3b:bc:1c:9d:bb:61:f3:d5:71:72:69:95:c0:78:82:2c: 37:58:d1:d7:d9:e0:aa:b3:d7:ee:75:59:d9:85:ba:8a:d7:f3: 05:cd:25:4e:93:1a:60:03:69:1c:69:92:6e:a5:1b:70:74:d8: 28:cf:98:15:08:bf:44:29:e0:df:81:09:ef:c9:28:ef:2b:26: fd:3b:ab:dd:4c:f1:02:85:da:51:e2:81:20:00:50:89:55:25: 4e:a1:be:94:6a:80:e9:14:83:a2:de:4b:e1:3d:14:b7:a5:64: 83:f3:1a:d2:01:d9:86:e7:3e:5e:d2:26:43:ae:04:7f:03:81: 45:c7:36:9d:7b:30:c9:50:13:d2:72:76:f5:44:a0:0a:d5:0d: ec:ad:fb:42:a6:0c:68:12:50:90:6f:4e:c5:0d:c8:a0:b3:22: 77:dd:3c:46:7d:d6:94:eb:6b:f7:42:70:c9:5d:ae:20:ef:85: 00:4c:2b:8d:23:01:fe:67:8c:21:c3:f3:99:e8:02:1f:3b:42: 2f:8b:84:ae:ce:ab:73:2b:55:47:05:51:82:4d:ae:29:e4:b1: 1d:90:03:11:b3:fb:83:b4:f0:b5:e7:04:92:aa:ba:0b:08:2f: ab:27:93:7b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZJqDxHdy81R79CKiDQJjEOXk00gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NTE0OFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANTY3MmU4YjliMTg0ZmE3ZmQ0YzU0 NWJiMWE1YTM1ODdjZjczMmFmZDg2ZjUyOTAwN2IwYTlkYTliOWU1ZDBkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NbxWGLC1C11R2vvu2KgHtgO7rd9 a/qxgEjFEDKt/eSCPJwMB15vu8aldBDS2XEcZlbSQ74LQAMWyGgMU/v4vAePNT5k jZSJ/bWR0PIh0g/GN/onAZna3eoUpu8/DFdaGgDqrlPodYMPAl8FZa5JCBw5Sg1G c6elb+7NvFk9I077F3K+lYaSDYp8anywVm144C7Vf15FeK+r8YitGKNZun6bc47B 0WvDxXYrbfb9zNgNQ033DKV68FFpLADuemSQnjSQSnZV0B5j1MhU6Q49d0E17e8Q IAS2tc3zjReW7xXwwGgQJTMVGXF4ARpEpPcBE3sKWxS1jqdymUvhEvbVfwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCwIDWYVaEq9v8UDfVlVcSbiOzaiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc0NTQxMWRlLWQ0MzQtNGZiNy1iZWYyLWQ1NDk5MDI0OGQ0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFggwDQYJKoZIhvcNAQELBQADggEBAFW80sQfLQ4a+Spb2xEA L7dVcIJfO7wcnbth89VxcmmVwHiCLDdY0dfZ4Kqz1+51WdmFuorX8wXNJU6TGmAD aRxpkm6lG3B02CjPmBUIv0Qp4N+BCe/JKO8rJv07q91M8QKF2lHigSAAUIlVJU6h vpRqgOkUg6LeS+E9FLelZIPzGtIB2YbnPl7SJkOuBH8DgUXHNp17MMlQE9JydvVE oArVDeyt+0KmDGgSUJBvTsUNyKCzInfdPEZ91pTra/dCcMldriDvhQBMK40jAf5n jCHD85noAh87Qi+LhK7Oq3MrVUcFUYJNrinksR2QAxGz+4O08LXnBJKqugsIL6sn k3s= -----END CERTIFICATE-----Generated at Sat Jun 14 18:50:38 2025 by rpki-client