$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8eab24e3-cddd-4314-ba19-97484d66d2ff.roa File: 8eab24e3-cddd-4314-ba19-97484d66d2ff.roa (raw, json) Hash identifier: mpkogBV0+Oz/ligkug1DBwDfKTBfJbyz9UkmqPfgr+A= Subject key identifier: 2E:37:B9:29:D1:B9:07:B3:D5:23:0E:DB:BA:66:BD:3E:BE:21:87:38 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5F4656A69B0F9C28FF128D35EE0AC90479999EC5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8eab24e3-cddd-4314-ba19-97484d66d2ff.roa Signing time: Tue 10 Jun 2025 15:31:35 +0000 ROA not before: Tue 10 Jun 2025 15:31:35 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:46:56:a6:9b:0f:9c:28:ff:12:8d:35:ee:0a:c9:04:79:99:9e:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:31:35 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=60cc9c201b10a7bb4e786b27fcbf6e41d705cd48ed486421b00a9bc8ffc9a676, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e8:cd:96:69:db:e2:c0:f3:da:0d:63:9a:7f: 47:8b:fb:82:b5:c6:8c:90:31:6b:2e:96:70:70:8c: ae:5d:16:ff:6e:21:74:3e:e8:c5:61:06:23:15:67: 84:30:6a:c4:44:87:b0:fb:68:0a:d6:2b:a8:0c:bb: da:30:6c:cc:49:2c:fe:44:53:95:cf:47:ac:24:5a: 5e:72:92:be:dc:fb:57:b7:c3:a9:2d:c4:54:ce:d8: 7a:5b:b6:da:e9:e7:ee:ef:71:69:6d:ed:7d:bb:bb: a8:12:f2:54:5b:2e:47:1a:d6:0a:45:03:51:71:99: 8c:02:26:f5:01:c7:c3:72:61:bf:8b:f5:c8:08:fe: e2:a8:36:f5:6b:84:c9:e5:b4:99:c6:15:bb:22:94: af:3c:7e:00:4b:74:ab:4d:5f:14:99:c1:6a:df:70: 67:3e:5c:79:52:a2:a8:94:b8:88:40:94:33:59:16: f1:a9:08:cb:ea:ec:e6:c0:ba:37:b5:97:f5:0d:52: ca:7f:9d:f0:97:b1:b0:b3:db:b2:46:16:18:97:c5: 91:17:70:21:69:ee:3d:99:2a:a5:95:0a:79:85:4f: 0d:35:7b:fb:03:51:0d:c3:70:3e:48:11:b9:9c:02: a4:e2:47:70:1c:12:92:9e:ea:1a:79:7f:75:2a:46: 00:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:37:B9:29:D1:B9:07:B3:D5:23:0E:DB:BA:66:BD:3E:BE:21:87:38 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8eab24e3-cddd-4314-ba19-97484d66d2ff.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:4800::/40 Signature Algorithm: sha256WithRSAEncryption 14:fc:e2:f0:b8:b9:0e:cf:ae:df:4a:b9:06:2a:15:08:5f:1b: df:c5:36:25:05:60:36:0e:76:97:ac:30:60:53:cc:96:a1:0a: 5d:17:03:6b:39:42:3d:59:3d:db:05:b1:03:9d:99:15:d6:e9: ac:3e:34:18:0c:3d:f8:08:93:02:0e:c1:13:fd:b9:02:c2:04: be:1f:ba:95:e2:bb:2a:d6:d9:a0:ab:3b:02:b6:c2:17:17:88: 67:81:27:d6:5b:16:b9:71:71:bd:71:d4:30:97:e2:a6:27:1c: 4b:56:06:f8:89:18:06:cd:db:53:9a:54:56:13:86:6b:f7:3f: 38:75:6b:77:73:32:51:3e:fd:86:aa:bc:a0:f4:9a:f4:e1:e9: 76:dc:6e:79:ed:20:86:e4:2c:a3:81:8c:82:ee:a4:20:11:65: 05:2e:31:2c:37:62:12:e5:05:06:5b:7b:4f:6d:d2:18:45:9c: fe:35:c1:a8:c2:3c:d1:2d:ba:3a:33:98:b1:6d:57:50:20:f0: a0:54:a6:a7:4e:16:8b:18:05:dd:f1:32:45:32:c9:59:b8:1e: 2c:0a:d5:93:1b:c8:20:84:ec:38:46:b4:28:72:8c:97:9e:ce: 34:d6:6d:aa:d5:83:43:6d:5c:9e:fc:c5:37:94:6f:41:d1:22: f5:33:56:c1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUX0ZWppsPnCj/Eo017grJBHmZnsUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MzEzNVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANjBjYzljMjAxYjEwYTdiYjRlNzg2 YjI3ZmNiZjZlNDFkNzA1Y2Q0OGVkNDg2NDIxYjAwYTliYzhmZmM5YTY3NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOjNlmnb4sDz2g1jmn9Hi/uCtcaM kDFrLpZwcIyuXRb/biF0PujFYQYjFWeEMGrERIew+2gK1iuoDLvaMGzMSSz+RFOV z0esJFpecpK+3PtXt8OpLcRUzth6W7ba6efu73Fpbe19u7uoEvJUWy5HGtYKRQNR cZmMAib1AcfDcmG/i/XICP7iqDb1a4TJ5bSZxhW7IpSvPH4AS3SrTV8UmcFq33Bn Plx5UqKolLiIQJQzWRbxqQjL6uzmwLo3tZf1DVLKf53wl7Gws9uyRhYYl8WRF3Ah ae49mSqllQp5hU8NNXv7A1ENw3A+SBG5nAKk4kdwHBKSnuoaeX91KkYAOQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFC43uSnRuQez1SMO27pmvT6+IYc4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhlYWIyNGUzLWNkZGQtNDMxNC1iYTE5LTk3NDg0ZDY2ZDJmZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoEgwDQYJKoZIhvcNAQELBQADggEBABT84vC4uQ7Prt9KuQYq FQhfG9/FNiUFYDYOdpesMGBTzJahCl0XA2s5Qj1ZPdsFsQOdmRXW6aw+NBgMPfgI kwIOwRP9uQLCBL4fupXiuyrW2aCrOwK2whcXiGeBJ9ZbFrlxcb1x1DCX4qYnHEtW BviJGAbN21OaVFYThmv3Pzh1a3dzMlE+/YaqvKD0mvTh6XbcbnntIIbkLKOBjILu pCARZQUuMSw3YhLlBQZbe09t0hhFnP41wajCPNEtujozmLFtV1Ag8KBUpqdOFosY Bd3xMkUyyVm4HiwK1ZMbyCCE7DhGtChyjJeezjTWbarVg0NtXJ78xTeUb0HRIvUz VsE= -----END CERTIFICATE-----Generated at Sat Jun 14 06:25:23 2025 by rpki-client