$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f7f81d5-9939-43d6-b333-dd2d090500da.roa File: 9f7f81d5-9939-43d6-b333-dd2d090500da.roa (raw, json) Hash identifier: QzDNdNdz8bQBL4/mTi27s20QP74f157b/YZDxLXI/6E= Subject key identifier: A9:6C:53:22:F6:D3:B6:75:4E:AB:62:1C:47:56:4B:0F:36:72:5B:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0705A42047EAF325929BC7F8576095F3DD4341CE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f7f81d5-9939-43d6-b333-dd2d090500da.roa Signing time: Tue 10 Jun 2025 15:10:34 +0000 ROA not before: Tue 10 Jun 2025 15:10:34 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:05:a4:20:47:ea:f3:25:92:9b:c7:f8:57:60:95:f3:dd:43:41:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:10:34 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=e930b1ea2db9edf4e3c790c534c3044f7d41f81a1628e856f1361d6bcf8af30e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ef:fd:41:4a:ff:76:09:bd:ea:b9:1f:5b:4e: 92:03:ec:b8:c0:e8:8c:62:d5:38:2a:f6:f3:9b:4f: 80:02:ac:48:4c:e6:00:e1:fd:48:28:be:97:dd:c8: fc:4b:82:d6:a2:54:de:07:3f:e6:3d:6d:f7:08:f8: 15:eb:13:3b:dd:84:c3:d7:ee:97:e5:59:b2:04:a1: 67:b4:22:2b:c5:e2:93:34:ac:c4:93:c5:66:94:7c: de:20:21:4e:2a:74:47:18:58:b3:52:9c:b3:cc:35: 37:84:35:93:66:a3:a2:a0:81:20:79:05:cf:93:72: bf:16:e2:89:bb:1e:fe:80:56:13:4d:3c:19:a0:02: b9:75:79:bf:ba:bb:50:70:0f:ff:6f:7d:c4:fe:14: 7c:6a:40:a8:31:64:3b:5e:40:b7:e7:07:42:61:6e: d1:4c:09:3b:8d:6c:e1:48:25:4d:53:72:01:1d:7e: e8:c7:a5:ca:a1:14:b7:66:e7:3f:b1:11:6c:8a:d5: 83:a7:0f:7e:33:ad:bd:57:a1:5d:c2:6f:07:2e:46: b3:9c:17:4f:74:b8:63:ad:db:3d:93:bf:af:02:cb: 58:e6:5d:c1:f4:8d:e5:a8:e0:71:d5:f1:8d:e0:3d: e1:74:8b:e6:dd:02:ec:e4:e9:c1:cb:a2:64:9f:fd: 6f:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:6C:53:22:F6:D3:B6:75:4E:AB:62:1C:47:56:4B:0F:36:72:5B:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f7f81d5-9939-43d6-b333-dd2d090500da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:8800::/40 Signature Algorithm: sha256WithRSAEncryption 28:11:38:59:d7:bb:e6:10:03:b1:fd:61:91:be:1f:c0:69:56: 9c:60:fb:c0:1e:60:8e:63:43:44:d1:d8:5f:40:fb:98:57:56: fe:91:64:09:15:79:b7:6e:40:9d:e8:78:8d:01:92:f1:fd:99: 27:1e:fc:6f:69:0c:4a:5c:5c:fe:2a:86:aa:57:cb:34:b2:4d: 3a:c5:eb:ea:e2:de:02:1d:bb:60:5d:a6:70:fc:f4:1e:db:7b: 8d:9b:68:d8:9e:c1:f1:13:3a:e8:56:51:11:fb:18:df:82:fb: 0a:5e:62:09:0f:9c:3b:bb:dd:6a:92:73:62:96:e5:d2:f1:90: bd:da:0b:f4:50:b4:80:72:0b:c0:1a:28:f0:82:1e:df:aa:b8: 22:ea:5a:88:ca:1b:c1:4a:bb:48:c2:d8:40:d2:1f:59:e8:d0: e6:e3:9f:a3:81:76:83:bd:00:03:59:fa:6c:ed:24:a7:80:26: 64:64:20:e2:c1:a0:15:ac:31:f9:c5:6f:78:45:62:8d:db:a1: 5a:dc:8c:7e:bb:48:d7:c0:d7:54:12:48:e3:88:01:97:f4:6a: 4d:84:93:29:8f:cb:6f:bc:98:81:9d:3f:69:98:f9:13:27:a2: 95:7c:e8:f5:0d:c9:ac:1f:ca:ed:49:45:d6:63:b1:3d:24:81: 8d:1e:08:aa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBwWkIEfq8yWSm8f4V2CV891DQc4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTAzNFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZTkzMGIxZWEyZGI5ZWRmNGUzYzc5 MGM1MzRjMzA0NGY3ZDQxZjgxYTE2MjhlODU2ZjEzNjFkNmJjZjhhZjMwZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxu/9QUr/dgm96rkfW06SA+y4wOiM YtU4Kvbzm0+AAqxITOYA4f1IKL6X3cj8S4LWolTeBz/mPW33CPgV6xM73YTD1+6X 5VmyBKFntCIrxeKTNKzEk8VmlHzeICFOKnRHGFizUpyzzDU3hDWTZqOioIEgeQXP k3K/FuKJux7+gFYTTTwZoAK5dXm/urtQcA//b33E/hR8akCoMWQ7XkC35wdCYW7R TAk7jWzhSCVNU3IBHX7ox6XKoRS3Zuc/sRFsitWDpw9+M629V6Fdwm8HLkaznBdP dLhjrds9k7+vAstY5l3B9I3lqOBx1fGN4D3hdIvm3QLs5OnBy6Jkn/1v4wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKlsUyL207Z1TqtiHEdWSw82clt0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlmN2Y4MWQ1LTk5MzktNDNkNi1iMzMzLWRkMmQwOTA1MDBkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacIgwDQYJKoZIhvcNAQELBQADggEBACgROFnXu+YQA7H9YZG+ H8BpVpxg+8AeYI5jQ0TR2F9A+5hXVv6RZAkVebduQJ3oeI0BkvH9mSce/G9pDEpc XP4qhqpXyzSyTTrF6+ri3gIdu2BdpnD89B7be42baNiewfETOuhWURH7GN+C+wpe YgkPnDu73WqSc2KW5dLxkL3aC/RQtIByC8AaKPCCHt+quCLqWojKG8FKu0jC2EDS H1no0Objn6OBdoO9AANZ+mztJKeAJmRkIOLBoBWsMfnFb3hFYo3boVrcjH67SNfA 11QSSOOIAZf0ak2EkymPy2+8mIGdP2mY+RMnopV86PUNyawfyu1JRdZjsT0kgY0e CKo= -----END CERTIFICATE-----Generated at Sat Jun 14 06:13:01 2025 by rpki-client