$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/90d3a0e7-4708-4742-80f0-23bb48bd8f35.roa File: 90d3a0e7-4708-4742-80f0-23bb48bd8f35.roa (raw, json) Hash identifier: zjEaA7GMFk33A7vGWoDKB6HirdGaIfa+uD4gHMk60iY= Subject key identifier: DB:33:B7:15:ED:57:2D:67:8D:A3:DD:67:C4:7B:A8:80:7E:EB:30:DC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4E7D708D242685148A31DC4F8048CA63277AE206 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/90d3a0e7-4708-4742-80f0-23bb48bd8f35.roa Signing time: Fri 13 Jun 2025 00:00:18 +0000 ROA not before: Fri 13 Jun 2025 00:00:18 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:7d:70:8d:24:26:85:14:8a:31:dc:4f:80:48:ca:63:27:7a:e2:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:00:18 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=742f46429ecac6078c82d96d25bf165379af816bb95d07ba344b299d0e47440f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:72:90:fc:4d:cc:53:5c:18:84:ee:ab:a8:ff: e3:a9:32:ce:d1:98:7d:cb:61:0a:e7:35:f3:e8:ea: 06:07:5c:7c:d3:24:b2:d2:5a:08:19:61:4f:8a:2f: c3:63:f7:50:cd:ad:aa:ca:a6:a7:12:0c:9a:8f:a2: c5:9b:e4:af:9b:56:3e:59:b2:0c:0f:a7:aa:0e:28: c0:83:1e:dc:81:dd:84:e0:50:1a:6b:c8:c2:33:63: 0d:c7:84:c4:c3:0e:91:23:5f:a0:4c:56:5e:fb:60: e2:ab:ab:31:1d:dc:ef:23:06:e2:8e:7c:6c:90:3f: a8:c0:6f:f6:60:cf:d2:ce:8e:f9:c9:43:d0:15:a5: 0d:cc:ec:0d:9c:98:76:86:5f:0a:78:8b:99:bd:1c: c2:97:7c:aa:f5:0d:a8:95:f0:18:e4:51:32:d7:cd: 31:95:42:32:7e:fe:3a:13:05:d4:bf:5d:93:09:f0: 6c:46:ab:d5:8c:e3:d6:fc:23:dc:08:fd:27:ff:48: 74:39:e8:bc:94:6d:07:28:96:3c:34:2a:8c:61:10: 21:d4:04:31:ea:cb:41:9d:df:a9:74:c1:b1:fe:57: e4:42:86:8a:23:70:7d:ce:23:91:be:4a:72:2f:8e: 25:06:02:58:7a:58:76:2c:86:57:1e:c4:6e:04:52: 7b:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:33:B7:15:ED:57:2D:67:8D:A3:DD:67:C4:7B:A8:80:7E:EB:30:DC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/90d3a0e7-4708-4742-80f0-23bb48bd8f35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:7000::/40 Signature Algorithm: sha256WithRSAEncryption 64:d3:29:39:36:73:a5:ef:02:c4:31:90:f8:b0:ee:02:72:be: 24:ab:1e:cc:51:15:34:96:ff:2b:45:32:0c:a4:11:ac:72:34: 2d:60:b4:84:c5:32:d0:cc:d7:3d:5d:83:27:d1:bd:08:6f:e2: aa:c3:ab:e9:23:d1:5e:4b:ad:28:69:3c:a4:49:5e:33:fe:fa: 01:08:fd:fc:62:1a:ea:40:b5:c1:94:a3:eb:13:23:3e:cb:a2: cb:a2:94:6a:97:a7:be:13:52:f2:6d:34:80:f0:17:b0:ff:52: 66:53:dc:cd:f5:4e:00:15:4a:08:6b:e7:df:37:f0:47:17:84: 1c:d3:12:0a:a9:ce:72:5b:82:06:a2:44:da:60:ec:7a:e9:1b: a5:f7:ad:7a:69:d9:ca:22:9e:88:95:81:f4:9d:1a:6d:e6:67: 58:68:64:ad:3e:fb:61:3d:78:b9:d2:9d:60:2c:39:88:63:02: 05:42:87:1c:fa:3c:02:85:9f:02:2a:d7:bf:84:ef:8e:d1:6c: fa:b1:66:01:a3:d6:47:b5:63:c2:80:fb:02:1d:4b:6a:99:9b: 40:84:d0:99:ab:1e:7a:72:30:87:ae:1f:18:5b:37:3c:6e:be: b7:6d:93:bc:e9:e3:43:96:8f:c9:31:94:ef:80:69:0b:7e:4c: 58:0f:28:86 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTn1wjSQmhRSKMdxPgEjKYyd64gYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDAxOFoX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNANzQyZjQ2NDI5ZWNhYzYwNzhjODJk OTZkMjViZjE2NTM3OWFmODE2YmI5NWQwN2JhMzQ0YjI5OWQwZTQ3NDQwZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXKQ/E3MU1wYhO6rqP/jqTLO0Zh9 y2EK5zXz6OoGB1x80ySy0loIGWFPii/DY/dQza2qyqanEgyaj6LFm+Svm1Y+WbIM D6eqDijAgx7cgd2E4FAaa8jCM2MNx4TEww6RI1+gTFZe+2Diq6sxHdzvIwbijnxs kD+owG/2YM/Szo75yUPQFaUNzOwNnJh2hl8KeIuZvRzCl3yq9Q2olfAY5FEy180x lUIyfv46EwXUv12TCfBsRqvVjOPW/CPcCP0n/0h0Oei8lG0HKJY8NCqMYRAh1AQx 6stBnd+pdMGx/lfkQoaKI3B9ziORvkpyL44lBgJYelh2LIZXHsRuBFJ72QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNsztxXtVy1njaPdZ8R7qIB+6zDcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwZDNhMGU3LTQ3MDgtNDc0Mi04MGYwLTIzYmI0OGJkOGYzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/nAwDQYJKoZIhvcNAQELBQADggEBAGTTKTk2c6XvAsQxkPiw 7gJyviSrHsxRFTSW/ytFMgykEaxyNC1gtITFMtDM1z1dgyfRvQhv4qrDq+kj0V5L rShpPKRJXjP++gEI/fxiGupAtcGUo+sTIz7LosuilGqXp74TUvJtNIDwF7D/UmZT 3M31TgAVSghr59838EcXhBzTEgqpznJbggaiRNpg7HrpG6X3rXpp2coinoiVgfSd Gm3mZ1hoZK0++2E9eLnSnWAsOYhjAgVChxz6PAKFnwIq17+E747RbPqxZgGj1ke1 Y8KA+wIdS2qZm0CE0JmrHnpyMIeuHxhbNzxuvrdtk7zp40OWj8kxlO+AaQt+TFgP KIY= -----END CERTIFICATE-----Generated at Sat Jun 14 06:28:22 2025 by rpki-client