$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa File: 8bd3366c-489c-4afe-af18-d26b5824bd0e.roa (raw, json) Hash identifier: mjpIHM0jNcxeX53UglELFfFZ21c9XK9c/X9wh75xrys= Subject key identifier: 9C:DC:A3:2A:E7:6C:99:C2:28:D5:3A:3D:6B:4A:A1:CB:D9:83:E5:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 01B2AB21F72421C42CF2A742CD79E5521C9F2CF9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa Signing time: Mon 09 Jun 2025 15:30:54 +0000 ROA not before: Mon 09 Jun 2025 15:30:54 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:b2:ab:21:f7:24:21:c4:2c:f2:a7:42:cd:79:e5:52:1c:9f:2c:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:30:54 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=ecb913d015588972afdcbf9337ce0a94814530b38b506c5079c674a3911e2503, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:3c:62:b2:61:82:ac:13:d7:4b:ff:01:ba:b9: 3c:8b:77:77:d1:b3:55:c1:79:48:12:d1:fd:a9:b9: 0a:af:dc:b5:08:4d:2b:8c:cc:1f:49:29:8c:e5:6e: b6:de:67:06:d4:a8:2a:67:10:42:c4:e5:94:8d:5b: a9:76:3a:4a:f4:35:a9:e6:4e:0e:8f:45:bc:c2:2b: ce:69:67:42:8d:01:e7:60:8b:05:c9:03:d8:96:63: 8b:95:c6:cd:9a:96:da:3d:67:ba:1f:30:8a:96:ca: 94:3a:4d:26:bb:c3:59:88:2b:46:eb:b6:09:80:e5: 7e:a8:47:ab:1a:33:c2:f4:2c:3f:82:23:2b:32:cc: 34:e8:9e:f7:ef:b5:d5:c7:b9:ab:ea:82:2f:5a:91: 50:d4:5c:ae:bf:5c:2c:88:1b:9c:32:4d:8a:a2:04: 8e:53:42:84:a8:93:94:c1:0e:ef:79:07:ea:ff:ce: 5d:92:5a:c5:6a:52:33:eb:c5:a0:4e:3e:3d:0a:14: a0:86:22:79:57:1a:01:c9:ed:f6:d8:47:bf:be:11: 68:a7:58:d7:11:9a:6b:4d:a9:ce:04:51:5a:c4:3a: 7c:bd:88:e4:c6:38:2b:93:e9:f3:1f:67:92:cb:47: 87:a8:96:7a:f9:fe:ff:45:94:0f:ad:f3:5c:5a:8f: 61:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:DC:A3:2A:E7:6C:99:C2:28:D5:3A:3D:6B:4A:A1:CB:D9:83:E5:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:9040::/48 Signature Algorithm: sha256WithRSAEncryption 94:f7:b1:38:8d:27:9c:97:fe:9a:10:db:f8:a6:fc:26:3c:4a: 60:87:38:65:ae:98:bf:48:34:d3:2b:d9:83:3a:bf:fc:60:d5: d4:1e:7e:79:c8:c0:83:0f:01:96:01:9a:ca:53:45:26:25:2d: 63:32:90:84:a9:1a:42:08:fc:7d:02:85:75:bf:b8:9b:1f:94: f7:79:31:69:4d:b7:ec:14:f0:b1:1a:4e:dc:36:ae:95:76:15: 18:76:81:2c:17:f1:66:a2:20:c9:64:2f:77:d5:7a:dc:2b:bb: 55:b6:b5:26:b8:29:82:28:98:2d:36:d8:ea:1b:44:91:ae:a3: d9:11:c0:6f:ae:e1:30:f0:7e:ee:99:37:63:de:9d:29:51:08: e0:c9:76:24:4b:19:2e:b3:36:4a:73:04:c7:91:f1:ec:5e:a3: a7:fd:a1:78:b6:f3:5b:00:a9:37:1b:9a:06:f1:5d:9e:81:e6: 58:42:41:c2:51:a6:c2:f9:2c:e2:09:6a:2f:cc:cf:a1:d8:30: 26:11:69:03:96:8e:df:18:9a:2f:17:a4:74:fd:91:8e:e9:54: 59:37:fe:5a:9d:c0:93:fb:54:71:32:b6:a4:2a:7d:57:75:5b: 82:6c:9c:4b:1c:1f:57:af:68:3c:b3:54:21:60:3a:a4:af:50: af:18:f2:cb -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAbKrIfckIcQs8qdCzXnlUhyfLPkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MzA1NFoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAZWNiOTEzZDAxNTU4ODk3MmFmZGNi ZjkzMzdjZTBhOTQ4MTQ1MzBiMzhiNTA2YzUwNzljNjc0YTM5MTFlMjUwMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTxismGCrBPXS/8Burk8i3d30bNV wXlIEtH9qbkKr9y1CE0rjMwfSSmM5W623mcG1KgqZxBCxOWUjVupdjpK9DWp5k4O j0W8wivOaWdCjQHnYIsFyQPYlmOLlcbNmpbaPWe6HzCKlsqUOk0mu8NZiCtG67YJ gOV+qEerGjPC9Cw/giMrMsw06J7377XVx7mr6oIvWpFQ1Fyuv1wsiBucMk2KogSO U0KEqJOUwQ7veQfq/85dklrFalIz68WgTj49ChSghiJ5VxoBye322Ee/vhFop1jX EZprTanOBFFaxDp8vYjkxjgrk+nzH2eSy0eHqJZ6+f7/RZQPrfNcWo9hMwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJzcoyrnbJnCKNU6PWtKocvZg+U5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiZDMzNjZjLTQ4OWMtNGFmZS1hZjE4LWQyNmI1ODI0YmQwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8pBAMA0GCSqGSIb3DQEBCwUAA4IBAQCU97E4jSecl/6aENv4 pvwmPEpghzhlrpi/SDTTK9mDOr/8YNXUHn55yMCDDwGWAZrKU0UmJS1jMpCEqRpC CPx9AoV1v7ibH5T3eTFpTbfsFPCxGk7cNq6VdhUYdoEsF/FmoiDJZC931XrcK7tV trUmuCmCKJgtNtjqG0SRrqPZEcBvruEw8H7umTdj3p0pUQjgyXYkSxkuszZKcwTH kfHsXqOn/aF4tvNbAKk3G5oG8V2egeZYQkHCUabC+SziCWovzM+h2DAmEWkDlo7f GJovF6R0/ZGO6VRZN/5ancCT+1RxMrakKn1XdVuCbJxLHB9Xr2g8s1QhYDqkr1Cv GPLL -----END CERTIFICATE-----Generated at Sat Jun 14 05:59:10 2025 by rpki-client