$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7f76ee34-fa5a-4beb-8181-8e57500dd1ae.roa File: 7f76ee34-fa5a-4beb-8181-8e57500dd1ae.roa (raw, json) Hash identifier: OjOihXjx3ezCijd/HCP1GywBOIhRnrpR2tY3wUXtajg= Subject key identifier: C3:B3:68:21:2E:D6:45:2F:1C:F6:04:AE:EF:65:6F:31:D8:27:AF:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 713AC4C058BE4E26A271B99CCF51F5D51A48D8AC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7f76ee34-fa5a-4beb-8181-8e57500dd1ae.roa Signing time: Mon 09 Jun 2025 15:10:09 +0000 ROA not before: Mon 09 Jun 2025 15:10:09 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:3a:c4:c0:58:be:4e:26:a2:71:b9:9c:cf:51:f5:d5:1a:48:d8:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:10:09 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=20cf564cd16d0d830f522da326cdb44dc0fd952115b7f72c32ecaea4dd85f407, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:30:41:b2:f1:cb:a5:83:cd:00:18:00:b4:5c: 2d:3c:b9:4a:4b:e6:12:7c:df:8d:a0:8f:c2:21:b0: c5:44:9f:27:5b:3e:e1:82:7f:fd:7a:88:29:28:e6: 73:b8:c9:58:49:11:af:0f:56:1e:e5:14:3c:8f:7c: 2e:aa:e4:9a:5f:cf:a1:ce:03:f7:b3:4f:8f:55:99: 4f:32:cd:ae:84:2d:56:1b:27:7e:f8:31:04:63:5f: 16:0e:2a:a6:8a:bb:cb:f9:16:f7:33:07:fa:de:a1: 9e:6e:e4:49:9f:fc:08:eb:13:1a:01:bc:98:b7:1f: 76:a8:cf:5e:9b:42:92:0b:56:f4:09:af:ee:96:87: a5:19:2a:a9:99:cf:bb:da:15:da:41:e1:2d:dc:52: 65:d9:98:a7:7c:29:31:2c:05:2d:30:cd:6b:44:6e: 73:e6:75:4b:f8:d3:2f:52:63:84:80:7c:ef:52:c1: 05:6c:d3:ca:74:7c:cd:3a:a7:88:e8:12:58:75:67: c4:a4:7b:2c:19:9b:62:37:d8:df:f3:bb:72:58:c8: c3:f5:37:d2:db:2a:b9:c9:cb:f6:eb:ed:05:99:32: f9:5b:ff:20:89:38:8c:b0:b0:09:79:06:5e:5b:00: ab:f7:02:f1:76:9d:f7:61:1f:96:27:e6:e5:0a:3a: e8:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:B3:68:21:2E:D6:45:2F:1C:F6:04:AE:EF:65:6F:31:D8:27:AF:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7f76ee34-fa5a-4beb-8181-8e57500dd1ae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:e080::/48 Signature Algorithm: sha256WithRSAEncryption b7:55:d6:4d:f2:9e:a0:0d:1a:eb:93:81:24:7e:39:95:6d:0a: f1:30:1f:6a:94:f1:56:0f:23:da:76:21:6f:55:fe:59:21:f2: 91:4a:12:2e:c1:53:69:0f:4f:49:b2:f7:42:ac:15:5d:9f:ea: b5:ef:4a:56:2e:5f:1b:34:82:95:a0:84:e2:0f:76:39:8d:a1: db:e1:56:be:80:08:ea:89:86:ab:1c:38:79:64:66:d3:82:bf: 32:d0:d5:c1:18:8e:ec:4d:91:a0:12:43:79:63:f0:12:54:12: c3:94:71:f0:ad:90:7d:48:80:e3:f2:30:03:9c:50:f7:76:13: 0e:7e:64:3c:aa:ce:13:f2:b4:ce:e9:20:c9:4f:70:c9:9e:58: 99:9e:74:2c:23:2b:75:e5:76:ee:80:c6:e9:59:b3:bc:b7:ee: 1b:29:80:d7:e4:57:8f:ea:c8:ba:13:5e:c4:b6:2a:10:bf:52: 8f:9c:ef:47:96:dc:27:23:00:ee:86:75:f1:a6:90:bb:67:1c: 34:68:07:d7:6b:e9:ff:20:ab:ef:8e:19:81:f2:dc:46:87:00: 44:24:da:e6:9e:39:ee:47:79:82:57:0d:19:2f:11:08:00:e6: f0:c3:66:d9:81:65:07:fc:26:ae:81:63:b8:ce:c8:ae:5f:73: 68:49:aa:cf -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUcTrEwFi+Tiaicbmcz1H11RpI2KwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MTAwOVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAMjBjZjU2NGNkMTZkMGQ4MzBmNTIy ZGEzMjZjZGI0NGRjMGZkOTUyMTE1YjdmNzJjMzJlY2FlYTRkZDg1ZjQwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jBBsvHLpYPNABgAtFwtPLlKS+YS fN+NoI/CIbDFRJ8nWz7hgn/9eogpKOZzuMlYSRGvD1Ye5RQ8j3wuquSaX8+hzgP3 s0+PVZlPMs2uhC1WGyd++DEEY18WDiqmirvL+Rb3Mwf63qGebuRJn/wI6xMaAbyY tx92qM9em0KSC1b0Ca/uloelGSqpmc+72hXaQeEt3FJl2ZinfCkxLAUtMM1rRG5z 5nVL+NMvUmOEgHzvUsEFbNPKdHzNOqeI6BJYdWfEpHssGZtiN9jf87tyWMjD9TfS 2yq5ycv26+0FmTL5W/8giTiMsLAJeQZeWwCr9wLxdp33YR+WJ+blCjrojQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMOzaCEu1kUvHPYEru9lbzHYJ681MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdmNzZlZTM0LWZhNWEtNGJlYi04MTgxLThlNTc1MDBkZDFhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYeCAMA0GCSqGSIb3DQEBCwUAA4IBAQC3VdZN8p6gDRrrk4Ek fjmVbQrxMB9qlPFWDyPadiFvVf5ZIfKRShIuwVNpD09JsvdCrBVdn+q170pWLl8b NIKVoITiD3Y5jaHb4Va+gAjqiYarHDh5ZGbTgr8y0NXBGI7sTZGgEkN5Y/ASVBLD lHHwrZB9SIDj8jADnFD3dhMOfmQ8qs4T8rTO6SDJT3DJnliZnnQsIyt15XbugMbp WbO8t+4bKYDX5FeP6si6E17EtioQv1KPnO9HltwnIwDuhnXxppC7Zxw0aAfXa+n/ IKvvjhmB8txGhwBEJNrmnjnuR3mCVw0ZLxEIAObww2bZgWUH/CaugWO4zsiuX3No SarP -----END CERTIFICATE-----Generated at Sat Jun 14 06:28:18 2025 by rpki-client