$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/97d80f39-e7d5-4a6b-aba1-3798e0c96546.roa File: 97d80f39-e7d5-4a6b-aba1-3798e0c96546.roa (raw, json) Hash identifier: Pv5f0UZ/084SV+Wi72RVd2vI9Tx5INSfLpdvE0G/Onc= Subject key identifier: 4E:F7:76:DF:97:52:1E:F2:E4:BC:1E:7D:6E:97:AC:91:67:13:F9:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E338C6AB6C13B6815D87975B991B2AC2A535826 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/97d80f39-e7d5-4a6b-aba1-3798e0c96546.roa Signing time: Mon 09 Jun 2025 15:01:24 +0000 ROA not before: Mon 09 Jun 2025 15:01:24 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:f080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:33:8c:6a:b6:c1:3b:68:15:d8:79:75:b9:91:b2:ac:2a:53:58:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:01:24 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=3f8069bea1ee85b9db4d4c382cf830a4e7594af0a6e4dda31e64dbe119571d6c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:87:ff:17:10:13:f7:4b:10:0d:48:73:9c:84: e9:73:e4:3d:f8:05:aa:3e:44:84:d3:97:7a:84:45: b4:66:60:37:fb:0b:f8:a9:26:09:1a:24:b8:9d:1e: 66:a1:c1:48:ad:f3:71:98:14:18:49:c1:9a:8d:e0: 8a:27:71:f7:95:0b:15:87:95:aa:b8:8c:95:10:bd: 8f:64:35:e1:c8:31:5f:ff:76:cf:59:eb:0d:44:48: 95:14:72:cf:ca:be:e9:66:54:62:88:39:3e:0c:5c: ec:17:97:06:3d:84:08:c4:3f:9c:3f:59:82:08:5f: 8e:0e:3d:10:b0:bc:79:70:db:7e:5a:75:9a:d8:9a: ec:a9:40:9f:4a:73:47:4a:41:f9:8c:66:ec:3c:73: 09:9b:c9:d7:e5:5a:50:f2:03:b6:0c:40:7c:fa:d0: 96:b0:6e:b8:18:bd:cd:e9:bb:e8:a4:72:93:64:7a: c3:b8:56:0c:80:a0:61:5f:60:55:a5:06:7d:88:b0: e3:a9:d3:1e:37:c3:7f:53:f1:aa:67:a2:aa:1e:5d: 71:a9:14:cd:87:c9:67:24:92:09:3c:81:c3:c8:34: 66:72:80:17:08:2b:b9:f8:b5:56:7d:0e:25:8b:b6: 7d:ce:07:dc:7b:83:20:40:8c:02:cb:67:90:2c:4b: 45:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:F7:76:DF:97:52:1E:F2:E4:BC:1E:7D:6E:97:AC:91:67:13:F9:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/97d80f39-e7d5-4a6b-aba1-3798e0c96546.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:f080::/48 Signature Algorithm: sha256WithRSAEncryption bd:e1:e1:65:4e:a6:38:27:3f:5d:5a:8e:f8:81:43:e4:29:d0: be:cc:fe:69:eb:d8:bc:96:df:02:2c:a9:34:d8:19:a9:18:b1: b6:72:a4:46:aa:ad:d5:46:76:20:8f:85:47:50:34:a0:bd:e6: a1:5c:eb:f5:04:30:c5:a2:6b:8d:86:78:d1:59:0c:f3:4f:d0: c8:38:af:9f:66:5e:58:b8:71:9c:9e:92:90:bd:c9:20:fd:3a: 0d:30:b3:3e:18:3b:da:b6:af:fe:0f:ff:5a:e0:91:64:47:ed: ae:fd:ad:e2:8c:77:16:72:71:34:ee:71:58:a4:ac:4a:f3:f3: d6:bb:14:c0:fa:fa:77:b4:8a:bf:8e:a1:e7:8c:15:6d:51:70: 4e:b9:89:e4:d4:0a:f1:bc:a7:07:81:af:84:12:41:69:52:c9: 44:4b:af:1d:b8:84:32:29:94:99:00:1c:f5:0a:66:c1:e8:68: 3d:75:54:44:7b:d9:1b:d2:d1:55:e3:24:a8:28:0f:5b:2e:c3: 4b:2d:ab:d1:22:95:d2:74:81:c7:c2:94:88:84:4e:5e:19:9c: a3:c0:a9:78:44:e1:85:86:b3:fe:f7:3f:8c:4d:bf:8d:8a:71: e5:53:0b:45:d2:6c:72:72:8d:47:4b:97:3b:d2:26:6e:be:91: b7:18:24:c2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHjOMarbBO2gV2Hl1uZGyrCpTWCYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MDEyNFoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAM2Y4MDY5YmVhMWVlODViOWRiNGQ0 YzM4MmNmODMwYTRlNzU5NGFmMGE2ZTRkZGEzMWU2NGRiZTExOTU3MWQ2YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4f/FxAT90sQDUhznITpc+Q9+AWq PkSE05d6hEW0ZmA3+wv4qSYJGiS4nR5mocFIrfNxmBQYScGajeCKJ3H3lQsVh5Wq uIyVEL2PZDXhyDFf/3bPWesNREiVFHLPyr7pZlRiiDk+DFzsF5cGPYQIxD+cP1mC CF+ODj0QsLx5cNt+WnWa2JrsqUCfSnNHSkH5jGbsPHMJm8nX5VpQ8gO2DEB8+tCW sG64GL3N6bvopHKTZHrDuFYMgKBhX2BVpQZ9iLDjqdMeN8N/U/GqZ6KqHl1xqRTN h8lnJJIJPIHDyDRmcoAXCCu5+LVWfQ4li7Z9zgfce4MgQIwCy2eQLEtFOwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFE73dt+XUh7y5LwefW6XrJFnE/mdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk3ZDgwZjM5LWU3ZDUtNGE2Yi1hYmExLTM3OThlMGM5NjU0Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba//CAMA0GCSqGSIb3DQEBCwUAA4IBAQC94eFlTqY4Jz9dWo74 gUPkKdC+zP5p69i8lt8CLKk02BmpGLG2cqRGqq3VRnYgj4VHUDSgveahXOv1BDDF omuNhnjRWQzzT9DIOK+fZl5YuHGcnpKQvckg/ToNMLM+GDvatq/+D/9a4JFkR+2u /a3ijHcWcnE07nFYpKxK8/PWuxTA+vp3tIq/jqHnjBVtUXBOuYnk1ArxvKcHga+E EkFpUslES68duIQyKZSZABz1CmbB6Gg9dVREe9kb0tFV4ySoKA9bLsNLLavRIpXS dIHHwpSIhE5eGZyjwKl4ROGFhrP+9z+MTb+NinHlUwtF0mxyco1HS5c70iZuvpG3 GCTC -----END CERTIFICATE-----Generated at Sat Jun 14 06:15:12 2025 by rpki-client