$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa File: 87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa (raw, json) Hash identifier: 7Joanoc4I9LwnoCML93akUMsKITphiVV1TZRysoALY4= Subject key identifier: A3:E0:7C:D8:BF:48:EE:41:C3:96:5C:AA:CE:EC:D9:D1:D9:FB:E9:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08BEDF01F343B61BCE3892A1811838A85309C7C9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa Signing time: Tue 10 Jun 2025 00:21:22 +0000 ROA not before: Tue 10 Jun 2025 00:21:22 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:be:df:01:f3:43:b6:1b:ce:38:92:a1:81:18:38:a8:53:09:c7:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:21:22 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=f29af4a0eda275ee9a99de66b06e67fa90b67a9056aaa435643b73d2bcbd5356, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:25:8d:8a:18:5e:46:a9:7e:f4:fc:a5:a7:ed: 3a:ae:b9:c8:b8:c2:75:8f:ca:08:7b:39:d4:cc:a1: 6e:8d:dc:5b:08:66:23:bc:0b:d8:40:e2:89:71:be: 95:dd:14:66:8b:c9:7d:c7:01:d6:a9:38:91:bf:46: fa:e2:46:55:c7:b7:4f:57:69:f5:64:09:7b:81:76: 0b:0a:94:43:f8:b0:94:39:13:39:75:87:ab:47:a9: 99:f0:3d:b5:c9:80:c2:bc:5c:11:aa:95:45:cb:36: 5f:65:ce:cb:a3:46:0a:b8:f2:9b:30:5e:90:fd:50: 83:59:37:b3:36:90:3e:d0:15:5a:37:c2:57:12:30: 1a:42:a8:93:b9:22:e7:d2:7b:63:cb:23:db:01:26: d8:a1:59:02:14:c2:cf:ff:96:6a:fe:be:b7:d7:da: b6:4e:7c:7d:43:6c:ad:8f:d1:43:8f:1c:21:3e:5e: 94:35:99:3d:88:56:2b:d0:ae:31:89:2d:53:fb:75: 71:0f:4f:c5:f9:0c:df:87:42:d2:a2:09:2c:2f:11: 11:21:1f:ec:c6:70:43:85:a5:45:bc:2d:bc:e6:55: 02:26:06:53:ff:02:67:75:3e:7c:05:be:e8:07:51: 5a:94:b4:7f:70:74:f1:be:66:cf:1d:9d:77:56:1d: 4d:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:E0:7C:D8:BF:48:EE:41:C3:96:5C:AA:CE:EC:D9:D1:D9:FB:E9:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 62:dd:2d:12:59:a4:fd:2b:ca:df:39:10:cf:29:65:0c:a8:9f: ee:82:a1:2f:3b:9b:ae:3f:e0:81:a8:ce:f8:b1:ed:21:3f:47: ec:53:de:9e:08:07:42:4c:b6:80:46:93:f9:8f:3c:cf:14:a7: 78:0f:1e:3f:d9:23:5a:36:80:be:40:ae:29:0e:d9:52:b5:96: 0c:5d:9c:20:bc:ed:5a:6b:36:95:0e:f7:d2:2f:e8:03:23:20: 86:28:d6:b4:a3:a1:ae:f5:65:65:54:f7:7c:a7:24:ac:ed:c0: 6d:4b:6f:30:1a:2f:35:cb:76:36:b1:2f:be:12:38:d1:f2:39: c5:e5:76:af:9e:1f:80:53:e8:27:1f:23:0e:21:34:52:77:06: 25:ed:81:7b:51:6a:65:4b:fb:ba:eb:1a:91:e5:11:8c:58:46: 2b:56:00:f9:e4:2d:96:39:5d:9c:da:7c:07:ee:f2:f4:b9:70: 00:0b:5a:46:ff:ae:9a:51:3e:28:18:02:20:14:72:fd:b2:09: c4:1c:58:de:fa:78:0b:4b:12:75:49:6e:1a:c1:75:eb:ca:78: 26:22:39:4a:ba:73:26:ee:51:21:83:96:30:65:e0:1c:6f:c7: b8:91:18:75:ec:d0:2e:1a:02:97:e7:5d:8a:bb:84:5c:17:ec: e0:3e:29:29 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCL7fAfNDthvOOJKhgRg4qFMJx8kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMjEyMloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZjI5YWY0YTBlZGEyNzVlZTlhOTlk ZTY2YjA2ZTY3ZmE5MGI2N2E5MDU2YWFhNDM1NjQzYjczZDJiY2JkNTM1NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCWNihheRql+9Pylp+06rrnIuMJ1 j8oIeznUzKFujdxbCGYjvAvYQOKJcb6V3RRmi8l9xwHWqTiRv0b64kZVx7dPV2n1 ZAl7gXYLCpRD+LCUORM5dYerR6mZ8D21yYDCvFwRqpVFyzZfZc7Lo0YKuPKbMF6Q /VCDWTezNpA+0BVaN8JXEjAaQqiTuSLn0ntjyyPbASbYoVkCFMLP/5Zq/r6319q2 Tnx9Q2ytj9FDjxwhPl6UNZk9iFYr0K4xiS1T+3VxD0/F+Qzfh0LSogksLxERIR/s xnBDhaVFvC285lUCJgZT/wJndT58Bb7oB1FalLR/cHTxvmbPHZ13Vh1NFwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKPgfNi/SO5Bw5Zcqs7s2dHZ++nIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg3YmRiZDQzLTg3NDgtNGQ5MC05YjNkLTkxYzg4ZjJkODQ0ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8iDAMA0GCSqGSIb3DQEBCwUAA4IBAQBi3S0SWaT9K8rfORDP KWUMqJ/ugqEvO5uuP+CBqM74se0hP0fsU96eCAdCTLaARpP5jzzPFKd4Dx4/2SNa NoC+QK4pDtlStZYMXZwgvO1aazaVDvfSL+gDIyCGKNa0o6Gu9WVlVPd8pySs7cBt S28wGi81y3Y2sS++EjjR8jnF5Xavnh+AU+gnHyMOITRSdwYl7YF7UWplS/u66xqR 5RGMWEYrVgD55C2WOV2c2nwH7vL0uXAAC1pG/66aUT4oGAIgFHL9sgnEHFje+ngL SxJ1SW4awXXryngmIjlKunMm7lEhg5YwZeAcb8e4kRh17NAuGgKX512Ku4RcF+zg Pikp -----END CERTIFICATE-----Generated at Sat Jun 14 06:24:10 2025 by rpki-client