$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa File: 9add10b6-9103-4c19-a99b-242367ce96bd.roa (raw, json) Hash identifier: CIDpXAyzy+wedh4Od+mquhrh/OvQhhKyQ+1B2wmXBSk= Subject key identifier: 5D:AB:75:17:06:1A:9D:31:6D:88:74:B6:C9:0C:A3:7F:6D:AF:B4:C9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0698C5E17B2EDED44C28AE4C65966DE41D6D560E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa Signing time: Mon 09 Jun 2025 15:11:40 +0000 ROA not before: Mon 09 Jun 2025 15:11:40 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:98:c5:e1:7b:2e:de:d4:4c:28:ae:4c:65:96:6d:e4:1d:6d:56:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:11:40 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=c5b1b2ea68b8aff41abd9a8fe4b84d93408187b155581d1fd13895bf0b940eb3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:f2:35:b2:59:a7:8a:1a:5b:d1:ed:ab:75:a2: 87:1f:ea:5b:36:0a:de:40:c6:d2:8c:45:3e:41:44: fc:12:67:b1:a3:54:06:4e:cc:0f:00:43:9f:ee:d9: 69:91:33:1b:bc:b7:69:d7:2d:04:e4:5c:e1:40:b1: 2a:44:18:81:9f:fa:ed:14:a1:c4:b7:c3:6c:35:96: d8:c5:4a:14:82:dc:67:e3:09:26:32:69:8a:5a:5d: d1:31:0c:12:ed:c6:0b:ab:4f:d2:91:96:08:6a:b0: 8f:fc:2f:ef:a8:99:64:9b:ca:7f:7f:8c:72:b7:40: 48:91:bf:cc:9c:06:d9:df:aa:36:99:be:ce:fb:c7: 75:6c:3e:62:69:3e:24:ec:b4:86:f9:6c:5a:d6:c5: b0:ff:3a:cc:2d:1d:fc:3c:e4:08:88:18:4a:73:29: eb:ff:10:10:e4:8c:e5:42:1b:6f:ab:e5:f9:27:fc: 1f:b7:db:61:88:39:6f:e2:4b:9c:4a:61:74:ee:4b: 39:4e:de:88:a4:f3:75:92:d3:b5:11:d8:39:bc:a8: 0d:f7:a4:bd:a7:ec:ad:3c:a3:12:4f:cb:6a:64:2a: c3:55:15:e7:b5:e0:2f:a2:fe:f4:2a:d2:30:92:de: 15:96:ba:c8:54:36:fc:02:8d:e9:5b:92:18:53:f2: 35:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:AB:75:17:06:1A:9D:31:6D:88:74:B6:C9:0C:A3:7F:6D:AF:B4:C9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4840::/48 Signature Algorithm: sha256WithRSAEncryption 85:55:f3:bb:28:47:7e:c1:77:9f:c3:dd:aa:ad:80:fb:9e:9f: a7:bd:32:95:56:97:75:35:70:5b:b3:e7:69:a7:2a:27:ab:25: 45:1f:7f:fb:dc:f2:98:2e:3f:93:8e:c4:7e:dc:c1:2c:e0:c3: 91:08:f2:ab:57:e2:d3:ff:30:cb:1a:7e:e2:2b:1d:b0:b5:da: 16:c1:18:19:31:76:44:ed:ef:d1:49:81:07:13:f3:98:eb:2f: 6b:c2:ec:cd:02:9a:60:10:aa:c3:0a:97:7b:8b:e6:8b:69:1d: 59:d5:b7:35:e1:59:27:e7:5c:7e:da:d7:01:1a:a8:f5:c0:91: 2b:af:0e:a6:ae:70:02:50:39:3e:18:b9:c1:a5:37:98:4d:35: eb:08:5e:d6:a0:4e:33:3b:ba:59:47:e9:da:b3:9f:a1:5c:32: 35:32:d7:3d:de:66:a3:52:66:45:f3:93:9e:58:5b:e6:bc:32: 18:e2:89:38:8b:da:b5:70:5c:8a:55:24:1a:14:57:c8:24:9a: 52:e1:c5:7a:42:57:89:d7:5d:9b:e6:23:27:99:ec:67:ce:e6: 28:01:38:cd:fb:39:23:c7:94:16:24:2d:a1:8d:f9:9b:47:0e: 21:9f:e9:7d:c3:d1:7c:e2:b2:86:0e:90:bf:41:f1:b9:d4:fb: b9:da:63:5c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBpjF4Xsu3tRMKK5MZZZt5B1tVg4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MTE0MFoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAYzViMWIyZWE2OGI4YWZmNDFhYmQ5 YThmZTRiODRkOTM0MDgxODdiMTU1NTgxZDFmZDEzODk1YmYwYjk0MGViMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvI1slmnihpb0e2rdaKHH+pbNgre QMbSjEU+QUT8Emexo1QGTswPAEOf7tlpkTMbvLdp1y0E5FzhQLEqRBiBn/rtFKHE t8NsNZbYxUoUgtxn4wkmMmmKWl3RMQwS7cYLq0/SkZYIarCP/C/vqJlkm8p/f4xy t0BIkb/MnAbZ36o2mb7O+8d1bD5iaT4k7LSG+Wxa1sWw/zrMLR38POQIiBhKcynr /xAQ5IzlQhtvq+X5J/wft9thiDlv4kucSmF07ks5Tt6IpPN1ktO1Edg5vKgN96S9 p+ytPKMST8tqZCrDVRXnteAvov70KtIwkt4VlrrIVDb8Ao3pW5IYU/I11QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFF2rdRcGGp0xbYh0tskMo39tr7TJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhZGQxMGI2LTkxMDMtNGMxOS1hOTliLTI0MjM2N2NlOTZiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0hAMA0GCSqGSIb3DQEBCwUAA4IBAQCFVfO7KEd+wXefw92q rYD7np+nvTKVVpd1NXBbs+dppyonqyVFH3/73PKYLj+TjsR+3MEs4MORCPKrV+LT /zDLGn7iKx2wtdoWwRgZMXZE7e/RSYEHE/OY6y9rwuzNAppgEKrDCpd7i+aLaR1Z 1bc14Vkn51x+2tcBGqj1wJErrw6mrnACUDk+GLnBpTeYTTXrCF7WoE4zO7pZR+na s5+hXDI1Mtc93majUmZF85OeWFvmvDIY4ok4i9q1cFyKVSQaFFfIJJpS4cV6QleJ 112b5iMnmexnzuYoATjN+zkjx5QWJC2hjfmbRw4hn+l9w9F84rKGDpC/QfG51Pu5 2mNc -----END CERTIFICATE-----Generated at Sat Jun 14 06:44:13 2025 by rpki-client