$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a22c3d64-afd9-44fd-96c2-3def5d30f274.roa File: a22c3d64-afd9-44fd-96c2-3def5d30f274.roa (raw, json) Hash identifier: w1Sk+JcDd+32tnKww6YP590QOxe7j9+kkvGeKpedP94= Subject key identifier: 95:F8:AC:71:37:5D:34:A0:B7:77:D3:53:D1:B5:DA:21:BA:66:5B:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5A0303D84ED9A2EE436C6ACC10A015F81CD7B75F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a22c3d64-afd9-44fd-96c2-3def5d30f274.roa Signing time: Mon 09 Jun 2025 15:41:41 +0000 ROA not before: Mon 09 Jun 2025 15:41:41 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:03:03:d8:4e:d9:a2:ee:43:6c:6a:cc:10:a0:15:f8:1c:d7:b7:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:41:41 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=a22bdef60cb36eaa59b7a0f284ffc422fba102a0c4165263aca44272317f1b6f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:e6:2b:d7:f2:5b:0e:a2:ce:63:b4:20:50:b2: 35:3b:99:b1:ee:fe:73:db:dc:64:4f:a6:38:ec:5e: 4a:2e:12:ba:6e:b1:d0:50:af:48:d4:e9:30:fe:c4: 5f:d5:2a:11:b1:cf:ce:5b:52:81:96:3b:20:4c:b1: 17:0d:b9:b7:71:de:1f:b6:df:86:bc:5c:92:d3:c0: 6d:21:8c:87:17:78:a1:e0:a8:84:e9:4f:d8:f8:62: c2:93:5e:0b:f3:86:12:0a:8f:b8:5c:bd:b4:2e:23: 2a:42:c0:9d:17:30:e3:93:8b:4d:85:7b:62:3b:07: 34:05:dd:58:64:5e:a3:1a:cb:fe:42:06:19:21:6b: 3f:82:a2:91:07:11:3b:39:39:70:69:ae:d8:96:9f: 3b:48:6d:d5:28:35:02:c7:c6:98:be:74:18:75:66: 42:53:23:6c:c0:8d:37:06:3c:3c:45:91:d2:bc:2d: 7f:09:b0:e3:2d:48:55:d3:f7:39:71:64:3c:fc:5b: 81:d0:84:59:c5:80:3f:93:c3:62:f9:9d:73:e4:4f: 4e:ff:a5:68:7c:34:50:64:aa:88:25:55:9b:6d:c7: 25:46:d8:b8:20:7e:fb:1c:52:4e:9f:5a:33:00:6b: f9:f3:b9:b6:d8:1f:ec:b2:34:6c:c1:b8:63:50:67: a4:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:F8:AC:71:37:5D:34:A0:B7:77:D3:53:D1:B5:DA:21:BA:66:5B:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a22c3d64-afd9-44fd-96c2-3def5d30f274.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:8c0::/48 Signature Algorithm: sha256WithRSAEncryption 74:8d:c8:39:e0:4c:d3:4d:7b:cb:2f:e0:71:00:52:22:d8:0e: 4b:ec:31:c6:e5:56:cb:74:f0:bc:63:f7:c8:9d:1e:fe:c9:3e: 0c:ae:b5:18:ce:2c:fa:fb:f1:2d:83:26:1f:29:e8:27:59:55: 95:11:17:8e:00:30:31:65:78:f1:19:92:53:24:d3:52:ea:93: e7:49:2a:9b:f8:fe:ac:3a:fe:dc:98:b2:36:8f:79:57:fa:94: 3a:3c:a8:9c:c3:02:f3:0c:e2:cb:b4:2a:b4:bc:a9:99:9a:31: 4f:55:31:31:71:fc:d6:41:90:ed:79:7c:4f:0f:29:90:98:3b: c6:76:60:a9:92:0c:0b:91:1f:10:76:08:e5:bd:79:27:a4:9a: 6f:db:37:f3:93:86:e9:6c:b8:fe:86:ef:86:4f:f3:7b:fe:24: 68:cb:31:36:3f:e1:52:8f:8b:05:0b:c9:d0:4e:a2:aa:b9:e2: 24:62:38:8a:b6:46:82:38:4c:f3:46:d7:ff:bc:8a:54:0b:9f: cb:73:ef:e8:ab:6a:c9:66:b7:cd:ea:6f:52:bb:f1:49:43:d1: 4a:dc:4d:85:c9:fa:82:27:27:60:5a:2b:3b:40:4c:41:22:44: 01:b2:71:21:58:4b:2a:6e:1b:7d:f1:eb:cf:b2:14:91:0f:e6: 2b:87:34:ef -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWgMD2E7Zou5DbGrMEKAV+BzXt18wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1NDE0MVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAYTIyYmRlZjYwY2IzNmVhYTU5Yjdh MGYyODRmZmM0MjJmYmExMDJhMGM0MTY1MjYzYWNhNDQyNzIzMTdmMWI2ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OYr1/JbDqLOY7QgULI1O5mx7v5z 29xkT6Y47F5KLhK6brHQUK9I1Okw/sRf1SoRsc/OW1KBljsgTLEXDbm3cd4ftt+G vFyS08BtIYyHF3ih4KiE6U/Y+GLCk14L84YSCo+4XL20LiMqQsCdFzDjk4tNhXti Owc0Bd1YZF6jGsv+QgYZIWs/gqKRBxE7OTlwaa7Ylp87SG3VKDUCx8aYvnQYdWZC UyNswI03Bjw8RZHSvC1/CbDjLUhV0/c5cWQ8/FuB0IRZxYA/k8Ni+Z1z5E9O/6Vo fDRQZKqIJVWbbcclRti4IH77HFJOn1ozAGv587m22B/ssjRswbhjUGekvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJX4rHE3XTSgt3fTU9G12iG6Zlt/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyMmMzZDY0LWFmZDktNDRmZC05NmMyLTNkZWY1ZDMwZjI3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYQjAMA0GCSqGSIb3DQEBCwUAA4IBAQB0jcg54EzTTXvLL+Bx AFIi2A5L7DHG5VbLdPC8Y/fInR7+yT4MrrUYziz6+/EtgyYfKegnWVWVEReOADAx ZXjxGZJTJNNS6pPnSSqb+P6sOv7cmLI2j3lX+pQ6PKicwwLzDOLLtCq0vKmZmjFP VTExcfzWQZDteXxPDymQmDvGdmCpkgwLkR8QdgjlvXknpJpv2zfzk4bpbLj+hu+G T/N7/iRoyzE2P+FSj4sFC8nQTqKqueIkYjiKtkaCOEzzRtf/vIpUC5/Lc+/oq2rJ ZrfN6m9Su/FJQ9FK3E2FyfqCJydgWis7QExBIkQBsnEhWEsqbht98evPshSRD+Yr hzTv -----END CERTIFICATE-----Generated at Sat Jun 14 06:09:43 2025 by rpki-client