$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/83616529-bacc-4cdc-aa1b-66384c85e7b2.roa File: 83616529-bacc-4cdc-aa1b-66384c85e7b2.roa (raw, json) Hash identifier: yc1xp+7pJA4z1SblHlxtSuyBMbiKe6qy2zmZ9YwKI+8= Subject key identifier: 50:81:53:F6:BA:3E:03:66:06:12:DE:C0:46:0B:55:29:0C:B1:90:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1FDEE29ACF774A8C9C6FDE69064CC3DC1835E850 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/83616529-bacc-4cdc-aa1b-66384c85e7b2.roa Signing time: Mon 09 Jun 2025 15:21:32 +0000 ROA not before: Mon 09 Jun 2025 15:21:32 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:de:e2:9a:cf:77:4a:8c:9c:6f:de:69:06:4c:c3:dc:18:35:e8:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:21:32 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=b9b7795d87c0a6b5eea7c7076a6b430d8db4b3ed3627d2ed1678bdc70ad1ef95, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:08:cf:59:c8:29:d9:e2:18:d3:4a:0f:c4:29: 7c:88:e3:66:e6:64:d6:df:b3:6f:4f:6b:bc:32:50: 0e:fc:4d:6e:df:8c:02:46:8c:18:61:1f:3f:ca:b9: fe:eb:a2:b2:66:53:46:c1:7f:ab:3b:ba:b1:f5:69: 80:56:01:b2:d4:55:ae:f5:0f:1a:5a:b0:a0:bf:a3: 87:ff:b2:ac:c2:a5:77:5e:f5:cd:7c:44:1d:06:cc: 1b:7f:d0:d5:ce:6e:48:19:dc:f8:ef:1c:ed:25:da: 4a:6a:20:f8:db:5b:2f:f7:46:4d:84:a1:a2:75:27: 01:9e:58:9a:be:46:2c:02:ac:f2:1b:45:e6:8a:cb: 0d:a5:66:da:6b:27:46:4a:c3:42:02:92:7a:7d:d9: 2f:e2:e8:b2:55:3e:2d:f2:25:22:ed:de:99:d8:ce: d8:71:81:3d:1d:3d:ed:53:66:32:44:c9:a0:46:24: 86:27:37:7d:fe:21:34:57:f5:ed:08:f3:8f:e9:db: 59:47:4f:c1:c6:4b:57:0c:10:4f:ad:06:d8:fc:71: ba:5c:2c:6b:bc:fc:a4:4d:af:c6:95:27:0e:fc:ac: 4b:de:8c:f4:48:83:aa:bb:01:18:df:e3:59:42:26: 2c:ac:eb:3d:0f:67:71:4c:30:c0:3d:09:28:d4:37: ba:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:81:53:F6:BA:3E:03:66:06:12:DE:C0:46:0B:55:29:0C:B1:90:B7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/83616529-bacc-4cdc-aa1b-66384c85e7b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:10c0::/48 Signature Algorithm: sha256WithRSAEncryption ae:c7:6f:52:55:f4:55:a4:c0:0b:11:4f:80:f0:c1:9a:8d:1c: 0e:b0:1b:ac:42:09:a7:81:cb:fb:95:5f:ab:32:15:b4:47:01: b4:4d:5c:1b:3b:b5:61:32:4d:d6:1a:3b:01:4b:84:35:66:b0: 49:36:e8:2a:9a:85:86:4d:f3:92:6c:5e:df:f8:8c:19:1f:29: 9c:df:b0:58:80:12:1a:b4:f8:9e:d2:87:9b:a1:70:9f:1a:d5: af:a0:58:22:04:49:8a:15:c3:72:b5:50:15:37:1d:13:38:2f: 5e:82:0e:ee:b7:eb:32:6a:f1:e3:93:2f:4e:67:59:59:ae:db: 61:0e:61:42:2d:76:59:c8:09:87:97:6c:e3:4a:db:09:ab:86: df:f0:74:2a:19:54:43:4a:e2:7e:36:78:0a:fd:af:af:2c:e8: 79:66:44:ee:14:3c:2c:b9:ac:a1:38:e8:1a:0b:d0:50:bb:ab: 03:c5:92:f0:ec:df:7b:05:d4:02:b2:58:e9:a4:08:8e:a3:54: a8:25:c1:48:61:f6:8a:1a:f0:fd:76:80:09:c7:31:c6:16:52: 0f:5d:00:f0:0f:17:69:bd:a3:76:c3:69:f4:51:0a:d8:8f:0d: e0:39:77:b6:e3:67:16:a8:be:f6:37:ee:37:50:3e:ef:72:af: 25:b0:32:11 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUH97ims93Soycb95pBkzD3Bg16FAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MjEzMloX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAYjliNzc5NWQ4N2MwYTZiNWVlYTdj NzA3NmE2YjQzMGQ4ZGI0YjNlZDM2MjdkMmVkMTY3OGJkYzcwYWQxZWY5NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wjPWcgp2eIY00oPxCl8iONm5mTW 37NvT2u8MlAO/E1u34wCRowYYR8/yrn+66KyZlNGwX+rO7qx9WmAVgGy1FWu9Q8a WrCgv6OH/7KswqV3XvXNfEQdBswbf9DVzm5IGdz47xztJdpKaiD421sv90ZNhKGi dScBnliavkYsAqzyG0XmissNpWbaaydGSsNCApJ6fdkv4uiyVT4t8iUi7d6Z2M7Y cYE9HT3tU2YyRMmgRiSGJzd9/iE0V/XtCPOP6dtZR0/BxktXDBBPrQbY/HG6XCxr vPykTa/GlScO/KxL3oz0SIOquwEY3+NZQiYsrOs9D2dxTDDAPQko1De6SwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFCBU/a6PgNmBhLewEYLVSkMsZC3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgzNjE2NTI5LWJhY2MtNGNkYy1hYTFiLTY2Mzg0Yzg1ZTdiMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaABDAMA0GCSqGSIb3DQEBCwUAA4IBAQCux29SVfRVpMALEU+A 8MGajRwOsBusQgmngcv7lV+rMhW0RwG0TVwbO7VhMk3WGjsBS4Q1ZrBJNugqmoWG TfOSbF7f+IwZHymc37BYgBIatPie0oeboXCfGtWvoFgiBEmKFcNytVAVNx0TOC9e gg7ut+syavHjky9OZ1lZrtthDmFCLXZZyAmHl2zjStsJq4bf8HQqGVRDSuJ+NngK /a+vLOh5ZkTuFDwsuayhOOgaC9BQu6sDxZLw7N97BdQCsljppAiOo1SoJcFIYfaK GvD9doAJxzHGFlIPXQDwDxdpvaN2w2n0UQrYjw3gOXe242cWqL72N+43UD7vcq8l sDIR -----END CERTIFICATE-----Generated at Sat Jun 14 06:36:23 2025 by rpki-client