$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/793c08d0-65bf-4078-a267-d0adfdb54fc8.roa File: 793c08d0-65bf-4078-a267-d0adfdb54fc8.roa (raw, json) Hash identifier: qtDF1XCVILJdsoafPunoRj4Ez1pH+a23XcYeBVbbGtM= Subject key identifier: 98:38:2A:47:DC:2D:8F:E3:11:9F:F0:89:C3:3E:F6:6F:34:AE:29:43 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 700959C95AD06D5CECD5329E70257943E0C4FF75 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/793c08d0-65bf-4078-a267-d0adfdb54fc8.roa Signing time: Mon 09 Jun 2025 15:40:16 +0000 ROA not before: Mon 09 Jun 2025 15:40:16 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:09:59:c9:5a:d0:6d:5c:ec:d5:32:9e:70:25:79:43:e0:c4:ff:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:40:16 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=98feb534bc5c4a8ee6d43848e07fdd897a2e89c1f503c4d6a434b96fe3c67018, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:23:84:aa:7a:a2:4a:47:9a:dd:17:74:f5:75: c1:6e:16:8d:70:06:39:a8:21:fa:00:87:21:71:9f: 4e:e1:51:59:d5:ab:68:4f:05:ce:2d:88:7e:ed:a8: d0:54:dc:df:52:f8:1e:47:5d:18:a9:87:c3:81:79: 11:db:c6:57:ad:56:19:63:f8:c1:b7:0a:59:84:14: bd:ff:9d:39:34:14:d7:46:98:87:75:09:23:ec:7e: 17:20:9e:e6:72:7f:54:b8:40:09:21:2e:3d:75:21: 4b:4c:63:fa:7d:ac:cd:fe:b4:61:19:da:c0:83:65: 38:43:04:6e:83:0f:91:84:f6:f0:f8:d9:37:4b:f4: d0:d5:9d:19:99:e9:f7:f0:5e:01:17:cb:55:83:64: f7:aa:54:06:07:89:14:83:fa:35:6e:29:5b:d3:6a: 7d:e9:50:d3:44:7a:f9:1b:38:38:62:0e:48:38:ad: 6c:4e:2a:72:92:b1:ab:49:01:ba:13:0f:d5:96:62: 45:b4:1c:09:fc:a8:2c:ac:bd:39:f6:9c:70:57:7b: 20:9c:6e:b9:f3:5e:a2:67:c7:36:0c:20:48:5e:cd: bc:7d:78:2e:2b:dd:a5:6b:fc:54:14:13:5d:1c:78: ed:29:ee:9a:5e:9b:e0:1a:3d:29:0e:f5:24:00:61: 7e:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:38:2A:47:DC:2D:8F:E3:11:9F:F0:89:C3:3E:F6:6F:34:AE:29:43 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/793c08d0-65bf-4078-a267-d0adfdb54fc8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4080::/48 Signature Algorithm: sha256WithRSAEncryption 14:4c:5c:f7:3c:c7:0c:34:7e:39:0e:c0:0a:01:0f:e9:aa:05: 76:a8:95:d8:80:5e:82:90:99:f2:85:f9:c7:3a:ac:a1:64:c0: 83:f9:8d:f5:75:94:2e:7c:bd:e9:50:6b:88:ba:7a:16:fe:39: 66:78:bd:b7:83:5b:dc:bb:68:54:0a:c1:bb:84:23:67:c6:4a: 2f:3a:f9:58:b3:53:68:13:48:d9:fd:2a:06:6d:d1:04:77:09: 70:a3:d6:8b:42:98:98:3d:85:09:1f:63:b0:cf:15:b9:82:13: 53:ae:cb:43:19:20:2a:75:c8:6a:c2:fb:26:c8:f9:1b:54:54: 95:41:c1:7b:dd:5a:a4:71:f4:c0:eb:7c:cd:cb:c0:a7:18:ed: 6e:a1:09:2f:ae:6e:b0:61:7a:7f:d3:20:24:47:f5:52:51:20: 17:4b:2f:a2:78:7a:8f:f1:df:8b:a4:ab:0d:1d:45:d0:b0:04: 39:40:fe:b9:49:ce:d2:85:83:3c:90:f9:1d:35:eb:e3:ab:9f: cf:ac:64:20:04:87:9e:78:d0:08:7b:36:8f:46:8a:79:91:12: 6c:09:6b:75:49:d7:fd:38:89:b8:a8:a2:b4:8f:5e:0e:35:21: de:4f:e4:67:e7:4e:1b:90:4b:a8:cc:6a:05:c5:b2:d3:00:31: 10:d8:2a:57 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUcAlZyVrQbVzs1TKecCV5Q+DE/3UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1NDAxNloX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAOThmZWI1MzRiYzVjNGE4ZWU2ZDQz ODQ4ZTA3ZmRkODk3YTJlODljMWY1MDNjNGQ2YTQzNGI5NmZlM2M2NzAxODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yOEqnqiSkea3Rd09XXBbhaNcAY5 qCH6AIchcZ9O4VFZ1atoTwXOLYh+7ajQVNzfUvgeR10YqYfDgXkR28ZXrVYZY/jB twpZhBS9/505NBTXRpiHdQkj7H4XIJ7mcn9UuEAJIS49dSFLTGP6fazN/rRhGdrA g2U4QwRugw+RhPbw+Nk3S/TQ1Z0Zmen38F4BF8tVg2T3qlQGB4kUg/o1bilb02p9 6VDTRHr5Gzg4Yg5IOK1sTipykrGrSQG6Ew/VlmJFtBwJ/KgsrL059pxwV3sgnG65 816iZ8c2DCBIXs28fXguK92la/xUFBNdHHjtKe6aXpvgGj0pDvUkAGF+BQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJg4KkfcLY/jEZ/wicM+9m80rilDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5M2MwOGQwLTY1YmYtNDA3OC1hMjY3LWQwYWRmZGI1NGZjOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQAUTFz3PMcMNH45DsAK AQ/pqgV2qJXYgF6CkJnyhfnHOqyhZMCD+Y31dZQufL3pUGuIunoW/jlmeL23g1vc u2hUCsG7hCNnxkovOvlYs1NoE0jZ/SoGbdEEdwlwo9aLQpiYPYUJH2OwzxW5ghNT rstDGSAqdchqwvsmyPkbVFSVQcF73VqkcfTA63zNy8CnGO1uoQkvrm6wYXp/0yAk R/VSUSAXSy+ieHqP8d+LpKsNHUXQsAQ5QP65Sc7ShYM8kPkdNevjq5/PrGQgBIee eNAIezaPRop5kRJsCWt1Sdf9OIm4qKK0j14ONSHeT+Rn504bkEuozGoFxbLTADEQ 2CpX -----END CERTIFICATE-----Generated at Sat Jun 14 06:29:14 2025 by rpki-client