$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8f435723-1776-4896-9b8c-3b7b0c67a6cc.roa File: 8f435723-1776-4896-9b8c-3b7b0c67a6cc.roa (raw, json) Hash identifier: oHkNy7ncpbGYISzP0HoYG3avbZSRI54y/w5+9+WCAQo= Subject key identifier: EC:65:02:70:F7:68:A9:3F:36:78:90:65:8E:23:EF:A8:BC:E2:CD:B5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 058B927A7AD1CB8877599BFB002B9E463D9535BF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8f435723-1776-4896-9b8c-3b7b0c67a6cc.roa Signing time: Tue 10 Jun 2025 15:21:03 +0000 ROA not before: Tue 10 Jun 2025 15:21:03 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:8b:92:7a:7a:d1:cb:88:77:59:9b:fb:00:2b:9e:46:3d:95:35:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:21:03 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=009d8abdce2dad822a1f3eba495d7cf1e533f2faa70ce41336f386d38edb2fce, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:15:9b:b2:d5:30:80:94:e4:cb:dc:ef:38:63: cf:a1:95:db:b4:dc:8d:fd:8a:71:36:f3:77:fe:54: 07:5a:1c:65:72:6a:63:b1:03:b3:c5:ee:98:6c:ee: 93:64:77:a3:ba:e7:41:31:c3:bd:66:d3:f8:1a:f4: be:65:84:7c:e0:f3:2d:cf:47:57:5c:57:87:24:c5: ed:d4:1a:23:bf:71:73:c7:7b:f8:a8:a0:1d:c9:9a: b8:ce:2c:bb:cd:f8:87:84:26:49:34:9a:51:b5:dc: bb:f1:18:66:a5:52:c0:af:75:26:7c:2b:f9:06:4f: e4:d4:d0:6b:e8:cc:55:11:15:63:1c:18:88:7c:2d: ec:3f:07:5a:e5:70:6e:fa:63:33:ac:7e:24:a5:90: 08:49:86:87:1e:ac:b5:b8:8d:12:63:89:03:63:56: 75:ea:38:ea:1f:ff:55:9f:1d:ab:8c:68:5c:a1:8f: 7d:16:7c:4f:2f:10:12:6f:4f:69:1e:70:c4:60:7c: bb:7c:6d:0c:6c:20:3f:54:1b:f4:4e:79:73:c4:e4: fa:b3:f4:9e:a7:27:5c:44:0d:45:b7:3c:00:f7:f9: aa:7e:6c:b1:f3:c6:79:99:fe:73:55:3f:f3:cf:e0: 97:23:41:87:f4:e2:ae:82:f7:bd:18:b6:19:1b:e4: e0:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:65:02:70:F7:68:A9:3F:36:78:90:65:8E:23:EF:A8:BC:E2:CD:B5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8f435723-1776-4896-9b8c-3b7b0c67a6cc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:2800::/40 Signature Algorithm: sha256WithRSAEncryption af:7b:ee:7a:6d:0d:b8:2d:dc:50:80:e8:e5:92:07:20:8c:39: ed:25:64:03:4e:4e:d7:ee:e4:0d:f8:36:1f:41:b4:a7:d6:37: ed:84:fc:2b:55:96:0e:16:5a:28:68:ed:e7:4e:37:d7:0a:3c: ac:8c:e3:28:71:23:a3:3c:3d:4a:2e:e0:00:ec:8a:9f:f8:81: 18:d6:6d:88:c6:b9:07:55:9a:6f:48:71:76:d7:85:85:c0:31: af:5e:56:b2:74:fb:24:96:6c:eb:42:23:c5:b5:e5:0f:6e:7a: fc:b2:f0:03:dd:2f:bd:f2:75:69:3e:e7:5b:b7:4a:38:b3:dd: f5:de:b9:d8:1c:8b:2c:c3:5f:b2:10:3a:5a:30:4e:3d:d0:97: 59:86:fb:67:1a:7c:6a:a2:ab:b5:22:36:96:42:45:b0:89:e7: 7d:7a:46:ed:f2:17:d5:5a:25:80:29:23:88:5e:44:31:6b:f9: 3a:b6:4b:50:b9:0f:0f:f6:5d:f1:85:9f:22:8c:60:bc:86:91: 07:50:75:4e:c7:91:69:6b:5a:8e:dc:ed:56:ff:8f:8d:7d:94: eb:e8:6f:51:e6:ce:09:34:5a:ba:16:7b:d7:d4:de:17:67:cd: ce:6d:a1:b4:26:0a:ae:8c:08:5b:18:f1:2d:34:e5:60:88:51: 52:72:9c:60 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBYuSenrRy4h3WZv7ACueRj2VNb8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MjEwM1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMDA5ZDhhYmRjZTJkYWQ4MjJhMWYz ZWJhNDk1ZDdjZjFlNTMzZjJmYWE3MGNlNDEzMzZmMzg2ZDM4ZWRiMmZjZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBWbstUwgJTky9zvOGPPoZXbtNyN /YpxNvN3/lQHWhxlcmpjsQOzxe6YbO6TZHejuudBMcO9ZtP4GvS+ZYR84PMtz0dX XFeHJMXt1Bojv3Fzx3v4qKAdyZq4ziy7zfiHhCZJNJpRtdy78RhmpVLAr3UmfCv5 Bk/k1NBr6MxVERVjHBiIfC3sPwda5XBu+mMzrH4kpZAISYaHHqy1uI0SY4kDY1Z1 6jjqH/9Vnx2rjGhcoY99FnxPLxASb09pHnDEYHy7fG0MbCA/VBv0TnlzxOT6s/Se pydcRA1FtzwA9/mqfmyx88Z5mf5zVT/zz+CXI0GH9OKugve9GLYZG+Tg4wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOxlAnD3aKk/NniQZY4j76i84s21MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhmNDM1NzIzLTE3NzYtNDg5Ni05YjhjLTNiN2IwYzY3YTZjYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+CgwDQYJKoZIhvcNAQELBQADggEBAK977nptDbgt3FCA6OWS ByCMOe0lZANOTtfu5A34Nh9BtKfWN+2E/CtVlg4WWiho7edON9cKPKyM4yhxI6M8 PUou4ADsip/4gRjWbYjGuQdVmm9IcXbXhYXAMa9eVrJ0+ySWbOtCI8W15Q9uevyy 8APdL73ydWk+51u3Sjiz3fXeudgciyzDX7IQOlowTj3Ql1mG+2cafGqiq7UiNpZC RbCJ5316Ru3yF9VaJYApI4heRDFr+Tq2S1C5Dw/2XfGFnyKMYLyGkQdQdU7HkWlr Wo7c7Vb/j419lOvob1Hmzgk0WroWe9fU3hdnzc5tobQmCq6MCFsY8S005WCIUVJy nGA= -----END CERTIFICATE-----Generated at Sat Jun 14 06:14:05 2025 by rpki-client