$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fc56d6-b0ac-44ad-b01f-93dbcd9213fa.roa File: 89fc56d6-b0ac-44ad-b01f-93dbcd9213fa.roa (raw, json) Hash identifier: QloHvzHITtGKX6OacReO1T4PxefaMrAOkZl6RuX4bWo= Subject key identifier: D9:C5:A5:89:94:7A:B6:AF:21:3A:0F:F1:D4:3D:42:A6:33:59:9E:8F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 55CD6746C86D68A697BD0AE05E8BCE235886184A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fc56d6-b0ac-44ad-b01f-93dbcd9213fa.roa Signing time: Tue 10 Jun 2025 15:40:16 +0000 ROA not before: Tue 10 Jun 2025 15:40:16 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1f:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:cd:67:46:c8:6d:68:a6:97:bd:0a:e0:5e:8b:ce:23:58:86:18:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:40:16 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=e0bf28e7393529abc703656d5f1fb39c5f3abd295d20ad1fd74ccdbb3fc54ca5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:00:ec:94:d7:9e:85:10:fd:ec:d5:99:4a:c3: b0:94:da:f5:df:0b:fe:a9:26:28:74:c7:3e:b6:d6: f8:8f:84:ca:72:71:42:91:00:44:ba:4f:9f:01:84: 3a:54:24:6b:8b:c8:d9:db:e5:97:30:f9:86:bb:f1: a5:c7:c9:4f:cf:5a:ff:15:08:c8:ec:f6:64:1e:f0: 6d:b3:31:ac:6a:0e:bd:9b:5a:ea:76:fa:95:a6:e5: 02:79:46:67:b6:05:48:34:cc:6e:db:61:aa:e2:18: b4:5d:e7:06:59:91:50:87:6a:e8:b7:08:ff:b1:98: c5:bc:62:be:6f:6d:87:4a:d2:63:b9:54:89:9c:37: 08:53:dc:e6:71:ba:39:41:3d:01:ea:b6:c9:32:9f: 8a:18:5d:7a:2f:dc:a5:39:2d:e0:03:d9:33:56:4d: 10:d1:74:e2:d4:58:26:90:6d:b8:b7:1b:b7:7f:62: 04:4a:ba:01:d2:c6:13:3e:92:ed:69:65:bd:56:b0: db:54:2c:be:0b:7d:73:d4:94:9d:af:07:a8:00:d9: 07:58:dd:80:30:94:9e:c6:cd:3f:07:74:26:85:fb: 2e:0c:6e:d0:8f:2c:86:67:03:3f:5a:8f:12:8a:ad: a9:18:92:ca:7a:26:fb:e4:33:d1:ea:6b:6c:2d:05: b9:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:C5:A5:89:94:7A:B6:AF:21:3A:0F:F1:D4:3D:42:A6:33:59:9E:8F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fc56d6-b0ac-44ad-b01f-93dbcd9213fa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1f:400::/38 Signature Algorithm: sha256WithRSAEncryption c0:7c:2f:90:31:84:c8:13:68:40:99:94:2a:13:36:47:54:f3: 30:bf:31:63:3f:73:c8:b2:82:12:06:60:5f:fa:25:b1:8d:68: 35:17:77:d7:ce:2c:2f:22:be:b8:ff:06:42:09:70:9d:9a:79: 02:df:dc:3d:fe:72:bf:2d:66:00:e3:69:54:17:99:de:63:46: f0:63:a6:80:72:65:0a:d7:a9:68:1d:0a:d7:f3:da:d9:0c:a0: 32:ae:26:b0:66:1a:3d:8c:18:2b:9d:83:78:a6:c0:af:5c:56: 4e:4b:06:4c:af:c4:64:cd:ec:c1:29:da:10:3b:ac:ed:e9:59: 20:7e:4b:49:9a:7a:53:35:c1:09:c4:59:36:f1:09:81:91:78: 3d:35:06:9c:c8:1b:5c:5c:f1:8c:b6:08:9e:f1:a4:8f:61:2f: be:3e:00:82:99:00:c1:7d:df:00:4e:2c:a6:f2:32:97:38:8b: d1:fa:63:90:02:c2:a1:22:e3:e7:75:a6:47:41:b6:bc:5c:ac: 08:64:d5:86:89:b0:86:91:d0:4b:e3:98:03:d9:b5:4d:6e:67: 11:38:d8:7a:68:4d:1e:29:61:0a:5c:8c:84:ff:25:e9:b5:3a: a3:37:54:a4:8e:09:62:6b:02:81:58:06:fa:ce:99:23:25:23: fc:a3:2e:28 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVc1nRshtaKaXvQrgXovOI1iGGEowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NDAxNloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZTBiZjI4ZTczOTM1MjlhYmM3MDM2 NTZkNWYxZmIzOWM1ZjNhYmQyOTVkMjBhZDFmZDc0Y2NkYmIzZmM1NGNhNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gDslNeehRD97NWZSsOwlNr13wv+ qSYodMc+ttb4j4TKcnFCkQBEuk+fAYQ6VCRri8jZ2+WXMPmGu/Glx8lPz1r/FQjI 7PZkHvBtszGsag69m1rqdvqVpuUCeUZntgVINMxu22Gq4hi0XecGWZFQh2rotwj/ sZjFvGK+b22HStJjuVSJnDcIU9zmcbo5QT0B6rbJMp+KGF16L9ylOS3gA9kzVk0Q 0XTi1FgmkG24txu3f2IESroB0sYTPpLtaWW9VrDbVCy+C31z1JSdrweoANkHWN2A MJSexs0/B3QmhfsuDG7QjyyGZwM/Wo8Siq2pGJLKeib75DPR6mtsLQW5RQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNnFpYmUeravIToP8dQ9QqYzWZ6PMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg5ZmM1NmQ2LWIwYWMtNDRhZC1iMDFmLTkzZGJjZDkyMTNmYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHwQwDQYJKoZIhvcNAQELBQADggEBAMB8L5AxhMgTaECZlCoT NkdU8zC/MWM/c8iyghIGYF/6JbGNaDUXd9fOLC8ivrj/BkIJcJ2aeQLf3D3+cr8t ZgDjaVQXmd5jRvBjpoByZQrXqWgdCtfz2tkMoDKuJrBmGj2MGCudg3imwK9cVk5L BkyvxGTN7MEp2hA7rO3pWSB+S0maelM1wQnEWTbxCYGReD01BpzIG1xc8Yy2CJ7x pI9hL74+AIKZAMF93wBOLKbyMpc4i9H6Y5ACwqEi4+d1pkdBtrxcrAhk1YaJsIaR 0EvjmAPZtU1uZxE42HpoTR4pYQpcjIT/Jem1OqM3VKSOCWJrAoFYBvrOmSMlI/yj Lig= -----END CERTIFICATE-----Generated at Sat Jun 14 06:49:44 2025 by rpki-client