$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa File: 794feada-3f8b-4a7b-8954-992fddba3191.roa (raw, json) Hash identifier: z8Wy686nqFNwci1MCtUpnYZeIWXNd4DwS+AcR/qQtOw= Subject key identifier: 9D:D5:30:61:44:92:C3:D4:36:2E:1C:3E:D4:AE:D0:7C:D0:57:44:1D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 550DA2D40E975F25C5B6E07D9B59C47A068A7DDD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa Signing time: Tue 10 Jun 2025 15:31:36 +0000 ROA not before: Tue 10 Jun 2025 15:31:36 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:0d:a2:d4:0e:97:5f:25:c5:b6:e0:7d:9b:59:c4:7a:06:8a:7d:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:31:36 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=aaaa1bc8448d4a13a0982e0c07610ed3a2034f82520bfdfe0ddd0510a6d6573a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:37:ec:95:f5:08:b7:61:12:eb:63:e1:03:eb: 74:71:c9:c9:5f:d4:b6:3c:49:74:14:e6:7b:8a:e9: ec:31:e4:d4:69:93:7c:73:32:dc:3f:3b:5c:45:c9: 78:97:e7:20:ee:25:07:bd:6c:e4:fd:80:84:bb:e3: 3b:23:d7:2c:26:b9:cb:dc:8a:b8:60:25:06:1e:71: ee:02:03:f7:e8:41:88:66:bc:9c:ea:51:a1:dc:f2: 13:41:18:1b:fc:9e:2f:ba:ff:06:1d:a4:04:6c:e5: 2c:c3:fe:ae:41:26:93:a9:84:a4:6a:5e:cf:76:18: a2:2e:b1:ef:2a:0b:96:a3:20:af:8f:96:e9:f8:14: 8b:a4:6c:14:8e:c0:95:35:b5:c5:d4:eb:87:c3:a9: 2c:73:9e:ea:0f:92:a4:08:91:6d:23:f2:be:64:c4: 02:4b:25:91:2f:5a:22:3a:13:79:bb:f0:df:0f:dd: d0:8d:b5:d7:2f:69:70:f2:e8:49:66:33:10:2e:d5: 8c:7a:7d:65:18:95:56:16:8d:68:69:68:55:3d:d3: d5:4c:ac:b4:1c:9d:a5:b1:17:ad:a3:8e:dd:15:3a: 53:11:e4:1f:4b:b2:b2:87:28:16:f6:4a:48:64:27: 66:94:d7:a3:d7:8a:7e:1f:7d:6e:87:f0:e4:44:64: 26:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:D5:30:61:44:92:C3:D4:36:2E:1C:3E:D4:AE:D0:7C:D0:57:44:1D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:a000::/40 Signature Algorithm: sha256WithRSAEncryption 8e:d6:6e:27:c1:89:55:88:92:9a:c1:e5:6a:fd:26:b3:96:8d: 59:08:d9:7b:4c:a1:ae:57:5a:4a:83:98:63:cd:f5:fa:d8:fb: e2:bc:a4:0d:6f:e3:9d:ac:33:8c:5e:05:db:a4:d2:cd:5e:7e: 1d:19:84:f7:d9:72:96:6b:cc:4c:eb:65:0b:30:4f:c0:fc:6c: 43:55:3e:64:58:fe:42:8e:ac:42:76:17:0a:14:d9:99:42:29: 9f:3d:73:fd:f2:93:a9:4f:82:62:ea:37:48:79:52:c7:cc:26: 40:79:bc:07:8b:b1:b0:3f:96:55:e9:1f:11:67:aa:42:06:23: 2d:6d:a8:cd:cb:69:33:85:c0:e7:4d:06:72:d0:a9:cc:f5:c0: fa:84:09:72:28:ba:d4:eb:0b:f5:d3:68:a9:14:de:88:34:59: 1e:3b:2b:b8:87:48:0f:61:a7:e0:71:76:5a:d7:a0:4e:61:66: d1:ae:db:c2:68:41:58:3c:4f:a2:67:98:2b:a0:89:f4:e3:b9: 91:6f:ed:9c:f4:dd:87:98:56:82:4d:55:16:1a:53:9c:b4:ed: fe:3b:1f:ad:13:f3:e9:a1:29:85:de:88:c5:fb:b0:35:ee:d4: c1:5a:a4:61:e7:61:85:2f:42:99:d6:14:e4:4c:46:3c:46:14: d2:53:5a:db -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVQ2i1A6XXyXFtuB9m1nEegaKfd0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MzEzNloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAYWFhYTFiYzg0NDhkNGExM2EwOTgy ZTBjMDc2MTBlZDNhMjAzNGY4MjUyMGJmZGZlMGRkZDA1MTBhNmQ2NTczYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDfslfUIt2ES62PhA+t0ccnJX9S2 PEl0FOZ7iunsMeTUaZN8czLcPztcRcl4l+cg7iUHvWzk/YCEu+M7I9csJrnL3Iq4 YCUGHnHuAgP36EGIZryc6lGh3PITQRgb/J4vuv8GHaQEbOUsw/6uQSaTqYSkal7P dhiiLrHvKguWoyCvj5bp+BSLpGwUjsCVNbXF1OuHw6ksc57qD5KkCJFtI/K+ZMQC SyWRL1oiOhN5u/DfD93QjbXXL2lw8uhJZjMQLtWMen1lGJVWFo1oaWhVPdPVTKy0 HJ2lsReto47dFTpTEeQfS7KyhygW9kpIZCdmlNej14p+H31uh/DkRGQmkwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ3VMGFEksPUNi4cPtSu0HzQV0QdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5NGZlYWRhLTNmOGItNGE3Yi04OTU0LTk5MmZkZGJhMzE5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8aAwDQYJKoZIhvcNAQELBQADggEBAI7WbifBiVWIkprB5Wr9 JrOWjVkI2XtMoa5XWkqDmGPN9frY++K8pA1v452sM4xeBduk0s1efh0ZhPfZcpZr zEzrZQswT8D8bENVPmRY/kKOrEJ2FwoU2ZlCKZ89c/3yk6lPgmLqN0h5UsfMJkB5 vAeLsbA/llXpHxFnqkIGIy1tqM3LaTOFwOdNBnLQqcz1wPqECXIoutTrC/XTaKkU 3og0WR47K7iHSA9hp+BxdlrXoE5hZtGu28JoQVg8T6JnmCugifTjuZFv7Zz03YeY VoJNVRYaU5y07f47H60T8+mhKYXeiMX7sDXu1MFapGHnYYUvQpnWFORMRjxGFNJT Wts= -----END CERTIFICATE-----Generated at Sat Jun 14 06:30:31 2025 by rpki-client