$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa File: 9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa (raw, json) Hash identifier: kP1WzyARwQCGcOIp0tea89GflCjo3ZjYgM64PDOzRY4= Subject key identifier: 2E:DB:8B:16:E0:A9:8D:9E:3D:1E:0F:9F:8B:F0:6B:FF:18:79:5A:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 16435DE39FF358C69BEB368B09DD107D3CF283C1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa Signing time: Tue 10 Jun 2025 00:51:10 +0000 ROA not before: Tue 10 Jun 2025 00:51:10 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:1040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:43:5d:e3:9f:f3:58:c6:9b:eb:36:8b:09:dd:10:7d:3c:f2:83:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:51:10 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=c40526bfaf187a5590386f1ac672c82a2b79faa5c1f1f60220700104895d7df5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:b1:50:80:95:75:45:41:4f:e7:cc:38:ae:cb: be:de:73:c8:24:15:11:5b:86:cc:25:0b:26:8f:0a: ac:27:7f:a8:43:66:26:d4:4c:e5:79:3a:74:ad:68: 25:0b:14:c8:1a:98:b2:51:f4:b4:e4:24:51:a7:b1: 35:f1:5e:90:7b:62:cf:6b:7f:4f:7c:ec:f2:f2:f2: 58:0c:04:3a:d6:a3:c0:2e:db:7f:2c:53:4a:00:c8: 2e:57:8f:a6:03:a1:af:e2:56:ad:24:e6:2e:2a:6a: 88:0c:a6:97:ab:f7:d2:a8:7f:1a:9f:91:9b:e1:86: 55:a2:f0:ae:40:9f:bf:15:76:8b:c5:8c:d8:9f:2b: bc:1c:eb:8b:81:6c:ad:b0:89:d1:23:ab:74:43:61: 60:31:7e:cd:b9:b4:d9:60:08:e6:be:22:22:ca:0d: 8b:8c:57:6c:19:04:af:7a:ac:82:f5:2b:b5:7f:ff: 3f:9d:55:9c:6a:ca:f4:98:64:ec:ef:d6:88:b0:c5: 9e:2f:f4:34:aa:0f:0d:0c:04:89:f1:bd:77:fe:ca: e3:4e:3a:ef:f2:7f:50:5c:50:24:88:ff:6b:6c:eb: 3a:38:f6:a6:74:66:1a:59:5c:87:45:d1:28:28:57: 1f:9e:62:92:6d:3d:69:10:97:7d:ba:f5:b2:6b:0e: 69:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:DB:8B:16:E0:A9:8D:9E:3D:1E:0F:9F:8B:F0:6B:FF:18:79:5A:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:1040::/46 Signature Algorithm: sha256WithRSAEncryption aa:f2:a7:6b:79:1c:38:46:6a:ca:92:4f:82:35:45:aa:64:fd: e9:34:84:2d:bc:bc:20:96:f0:53:3d:8d:5b:3f:db:17:97:e8: a8:6f:8e:a8:ed:2d:c7:d8:9e:ad:bc:ee:6b:79:f2:c5:ba:05: 63:ce:80:46:8a:ee:72:56:c2:1c:7f:b9:82:3c:68:45:e2:f5: 78:14:4f:85:02:0d:40:eb:ff:ce:20:32:d8:f3:3d:e7:85:be: ee:78:d9:00:7d:1b:1e:76:bf:00:58:e9:5f:ea:48:5a:2e:8d: 6a:6a:0b:e2:bd:b2:26:94:28:a4:99:c0:07:4e:a4:70:3f:35: 05:b0:3d:1c:79:d5:41:2f:a9:d2:ad:f1:cf:b5:bb:d8:33:ad: 95:b3:5a:d9:1d:8b:ec:b6:dc:44:f2:78:7e:c6:e1:a2:28:1c: e4:ed:1a:a2:e0:85:d7:60:f6:0a:5d:1c:fc:10:9d:0b:18:ef: a3:f4:7a:ff:41:db:cd:55:72:ef:df:49:78:9a:6f:e9:3b:81: 47:c5:02:e6:c3:38:30:c0:47:5a:3e:ac:e8:f3:dc:d7:6f:c8: 70:83:43:d2:00:58:3f:cd:a0:60:3d:05:ca:b5:35:f2:8a:09: a4:e8:77:86:bc:b1:93:e2:6e:42:ff:d0:71:c7:88:9d:83:82: 7f:eb:10:80 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFkNd45/zWMab6zaLCd0QfTzyg8EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwNTExMFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAYzQwNTI2YmZhZjE4N2E1NTkwMzg2 ZjFhYzY3MmM4MmEyYjc5ZmFhNWMxZjFmNjAyMjA3MDAxMDQ4OTVkN2RmNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbFQgJV1RUFP58w4rsu+3nPIJBUR W4bMJQsmjwqsJ3+oQ2Ym1EzleTp0rWglCxTIGpiyUfS05CRRp7E18V6Qe2LPa39P fOzy8vJYDAQ61qPALtt/LFNKAMguV4+mA6Gv4latJOYuKmqIDKaXq/fSqH8an5Gb 4YZVovCuQJ+/FXaLxYzYnyu8HOuLgWytsInRI6t0Q2FgMX7NubTZYAjmviIiyg2L jFdsGQSveqyC9Su1f/8/nVWcasr0mGTs79aIsMWeL/Q0qg8NDASJ8b13/srjTjrv 8n9QXFAkiP9rbOs6OPamdGYaWVyHRdEoKFcfnmKSbT1pEJd9uvWyaw5pfwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC7bixbgqY2ePR4Pn4vwa/8YeVqaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzllYmU4YmI5LWMzYWYtNDQ1OC1iMDE4LWI2YjU5NTQ2YTg2YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba9xBAMA0GCSqGSIb3DQEBCwUAA4IBAQCq8qdreRw4RmrKkk+C NUWqZP3pNIQtvLwglvBTPY1bP9sXl+iob46o7S3H2J6tvO5refLFugVjzoBGiu5y VsIcf7mCPGhF4vV4FE+FAg1A6//OIDLY8z3nhb7ueNkAfRsedr8AWOlf6khaLo1q agvivbImlCikmcAHTqRwPzUFsD0cedVBL6nSrfHPtbvYM62Vs1rZHYvsttxE8nh+ xuGiKBzk7Rqi4IXXYPYKXRz8EJ0LGO+j9Hr/QdvNVXLv30l4mm/pO4FHxQLmwzgw wEdaPqzo89zXb8hwg0PSAFg/zaBgPQXKtTXyigmk6HeGvLGT4m5C/9Bxx4idg4J/ 6xCA -----END CERTIFICATE-----Generated at Sat Jun 14 06:17:24 2025 by rpki-client