$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9066b298-522a-482d-91c6-4b7ad82c743d.roa File: 9066b298-522a-482d-91c6-4b7ad82c743d.roa (raw, json) Hash identifier: j670YsSEz7p5tpvDZuEz9oNvUAfiDAo4HqaP+HUvjoY= Subject key identifier: 52:4A:8E:83:49:1D:E4:99:41:AE:87:B5:A4:E8:C6:62:60:9F:D8:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4FE7F5B0F9A6B71FE928C9E118D60F302C164EC8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9066b298-522a-482d-91c6-4b7ad82c743d.roa Signing time: Tue 10 Jun 2025 00:30:55 +0000 ROA not before: Tue 10 Jun 2025 00:30:55 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:e7:f5:b0:f9:a6:b7:1f:e9:28:c9:e1:18:d6:0f:30:2c:16:4e:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:30:55 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=d5d72fd38352684c4aef5b496f7085535006e53ec7798ec551879d368baa6d87, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:3f:8f:16:8e:2c:0a:a2:4c:b3:b7:de:54:77: 93:14:65:de:93:c5:9f:a6:f6:0e:04:74:d1:ad:f3: 54:38:dc:cf:7b:d8:7f:8e:3b:ce:9c:a6:53:c5:25: 7b:73:8d:c8:4c:df:12:0b:50:48:21:e7:95:e8:75: 87:8a:4e:74:45:fa:4f:51:14:4a:58:2e:49:90:c3: 36:91:cc:64:87:da:8b:be:ca:cb:ea:2a:fb:d8:07: df:35:cd:f2:83:40:0c:71:31:ec:52:96:c4:92:b0: bd:73:cb:b9:c3:d0:69:25:9d:e6:3a:ad:35:a8:e0: 3f:66:ad:07:4d:f3:8c:ee:e1:85:64:c9:bc:90:ea: 53:70:f9:56:0b:dc:b2:9d:f3:26:30:2d:9c:ac:81: c1:d8:43:bf:23:6e:f7:4d:aa:b0:4d:81:63:38:04: a9:21:6d:70:0c:e2:41:c6:5a:83:ac:27:5d:99:60: 52:8e:bc:97:33:bd:4c:f3:b8:b6:af:35:b9:c9:ad: f1:b1:e6:5c:be:4e:2a:8b:09:56:f3:cc:4a:d9:c5: de:bf:62:9d:be:a7:6e:a3:12:93:e7:01:ef:23:0a: f7:9d:f3:34:75:bc:a1:d6:d9:65:53:3d:3a:51:f1: 8b:91:47:cc:4a:43:ed:dc:2c:91:83:85:c0:8b:f8: 2d:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:4A:8E:83:49:1D:E4:99:41:AE:87:B5:A4:E8:C6:62:60:9F:D8:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9066b298-522a-482d-91c6-4b7ad82c743d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:800::/40 Signature Algorithm: sha256WithRSAEncryption 04:6a:f9:40:e2:66:65:9f:44:7d:df:59:8f:23:2d:b7:5f:81: 00:70:ff:e7:82:9a:91:d5:7f:b4:82:a1:82:36:be:0d:b4:d8: af:36:7b:4c:a8:e2:fd:80:18:40:82:d5:09:1d:5c:16:5a:c9: e4:bd:d3:1d:24:b2:2b:7c:c9:64:1e:9c:25:a3:eb:57:08:ad: c3:cb:d2:e3:4a:8e:ea:65:3a:d8:7c:f2:d0:30:b8:23:ac:dc: d3:a4:89:01:b5:79:0f:60:5c:99:d9:a2:f7:0f:12:cc:5e:20: 4c:5e:4d:cc:18:8c:a0:7b:d2:50:dd:d6:0a:ce:c2:85:83:08: 03:ba:aa:54:08:b9:40:8e:36:4f:e1:b7:ad:f8:6a:c9:dc:1a: 4b:d7:2d:fb:fe:02:4b:8b:0f:5b:41:b4:5a:b7:09:8a:1b:7f: a5:11:ed:16:59:7b:59:51:10:63:90:ab:5a:c1:43:c3:51:d4: 17:82:a7:41:bb:c1:db:20:69:2c:c3:63:aa:1a:f1:5c:00:af: 6b:06:86:e8:55:d0:17:9e:19:19:6b:bf:15:e2:ae:aa:a9:ef: 7f:a6:8d:13:fc:36:e6:ea:91:ad:a7:24:f4:10:d8:a8:4b:73: 36:5d:21:d7:93:e3:58:85:a7:89:fc:23:8d:12:72:ad:72:f9: d1:a3:5c:40 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUT+f1sPmmtx/pKMnhGNYPMCwWTsgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMzA1NVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZDVkNzJmZDM4MzUyNjg0YzRhZWY1 YjQ5NmY3MDg1NTM1MDA2ZTUzZWM3Nzk4ZWM1NTE4NzlkMzY4YmFhNmQ4NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD+PFo4sCqJMs7feVHeTFGXek8Wf pvYOBHTRrfNUONzPe9h/jjvOnKZTxSV7c43ITN8SC1BIIeeV6HWHik50RfpPURRK WC5JkMM2kcxkh9qLvsrL6ir72AffNc3yg0AMcTHsUpbEkrC9c8u5w9BpJZ3mOq01 qOA/Zq0HTfOM7uGFZMm8kOpTcPlWC9yynfMmMC2crIHB2EO/I273TaqwTYFjOASp IW1wDOJBxlqDrCddmWBSjryXM71M87i2rzW5ya3xseZcvk4qiwlW88xK2cXev2Kd vqduoxKT5wHvIwr3nfM0dbyh1tllUz06UfGLkUfMSkPt3CyRg4XAi/gtpQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFJKjoNJHeSZQa6HtaToxmJgn9glMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwNjZiMjk4LTUyMmEtNDgyZC05MWM2LTRiN2FkODJjNzQzZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYQgwDQYJKoZIhvcNAQELBQADggEBAARq+UDiZmWfRH3fWY8j LbdfgQBw/+eCmpHVf7SCoYI2vg202K82e0yo4v2AGECC1QkdXBZayeS90x0ksit8 yWQenCWj61cIrcPL0uNKjuplOth88tAwuCOs3NOkiQG1eQ9gXJnZovcPEsxeIExe TcwYjKB70lDd1grOwoWDCAO6qlQIuUCONk/ht634asncGkvXLfv+AkuLD1tBtFq3 CYobf6UR7RZZe1lREGOQq1rBQ8NR1BeCp0G7wdsgaSzDY6oa8VwAr2sGhuhV0Bee GRlrvxXirqqp73+mjRP8Nubqka2nJPQQ2KhLczZdIdeT41iFp4n8I40Scq1y+dGj XEA= -----END CERTIFICATE-----Generated at Sat Jun 14 06:30:29 2025 by rpki-client