$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa File: a894812d-493e-43f7-8c3a-76a64ad96de7.roa (raw, json) Hash identifier: f/scP3eIlsj7QCH2iY5WRFetw54hqThNADfyeD79bB0= Subject key identifier: 08:9D:33:9A:65:F5:8D:AE:25:E1:84:1C:C3:B4:F1:2B:BE:74:0F:24 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0776F885D21D4C9E0F1938DC4489542E509AD895 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa Signing time: Sat 07 Jun 2025 00:00:21 +0000 ROA not before: Sat 07 Jun 2025 00:00:21 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:76:f8:85:d2:1d:4c:9e:0f:19:38:dc:44:89:54:2e:50:9a:d8:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:00:21 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=f5fc49fb09ba68db7cc5363fd3f22f25b85a00a228d90fa70acbda378a703975, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:9f:0c:48:98:2f:19:50:94:db:2f:80:88:08: b2:3d:b7:bb:59:9d:77:73:e1:8b:5b:b7:4e:36:75: d6:50:21:21:bb:73:2a:72:8d:f2:ef:89:b8:01:67: 55:7d:c7:95:bd:69:1c:66:67:64:73:59:89:8b:31: 2d:3a:48:00:eb:cb:a9:8b:7f:33:8d:b8:98:c0:f3: 0b:aa:98:3b:48:4a:dd:0e:6e:41:65:b6:06:6d:69: e9:6c:07:c6:9a:d9:0e:a4:fb:74:0b:33:31:88:67: b8:d9:8c:d7:98:c9:1b:97:26:cc:81:ed:53:42:eb: 7c:c7:81:e4:52:9a:d4:78:19:df:3a:3c:15:88:56: 28:6b:97:d4:59:1e:f4:b4:8d:37:bf:9c:08:c9:b4: 87:38:5b:01:3d:d9:7c:ba:aa:60:09:e9:79:fc:ce: 4a:f2:2d:53:9f:51:ac:5d:33:87:fa:4c:d2:bf:40: 65:d2:19:68:14:b4:59:0e:25:16:64:81:0f:d5:45: 36:31:51:72:8b:fe:c1:57:b9:fb:d2:5f:47:d7:5e: a2:97:96:b3:14:26:7f:fc:33:2e:6a:cb:81:52:fd: f3:da:55:1b:1c:57:60:07:35:65:d2:64:9e:a6:6b: da:44:95:c6:8e:04:99:70:12:09:dc:04:f2:76:a4: 62:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:9D:33:9A:65:F5:8D:AE:25:E1:84:1C:C3:B4:F1:2B:BE:74:0F:24 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:4040::/48 Signature Algorithm: sha256WithRSAEncryption 7e:f7:59:cb:38:a8:20:85:19:3b:4f:f8:bc:fc:a7:09:5f:55: fa:7f:bd:cb:9e:cb:ee:aa:a3:67:8b:71:b0:23:c7:a6:76:cf: 4d:a9:b8:2d:dc:64:a4:de:f1:d1:fb:aa:a6:b5:42:71:3d:73: 31:a0:f0:be:2a:4e:ef:14:ea:5b:51:0e:bf:74:a3:78:9b:97: bc:73:43:3c:b1:3a:be:aa:b9:76:6f:cf:78:48:3a:18:7f:2b: 91:c2:c5:71:63:cc:88:9a:d3:19:41:10:c2:e1:07:7b:8d:16: b7:fc:09:07:b8:ea:7c:8b:40:99:ba:f5:0d:83:f4:59:d3:d9: bf:5a:66:de:19:a9:2c:01:78:8b:bf:11:b4:d8:69:15:1f:22: a5:55:ad:6b:10:f2:7e:7b:65:2e:4e:23:7b:b6:9b:f9:92:e3: 75:4e:c1:50:47:a7:a0:08:84:80:f5:95:5d:17:91:90:e0:33: ba:98:5e:45:d9:d9:57:04:c0:fc:eb:fe:40:27:42:e6:a3:8b: 7d:6c:48:16:93:10:29:10:18:7f:1b:34:c3:42:46:c0:60:d5: 61:1d:69:aa:dc:24:d4:d1:b0:59:fb:af:ac:21:ef:f5:57:8d: 88:6f:55:c0:bf:f7:f0:60:69:b4:c0:99:75:8a:d9:e1:13:a9: ae:39:4f:89 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUB3b4hdIdTJ4PGTjcRIlULlCa2JUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMDAyMVoX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAZjVmYzQ5ZmIwOWJhNjhkYjdjYzUz NjNmZDNmMjJmMjViODVhMDBhMjI4ZDkwZmE3MGFjYmRhMzc4YTcwMzk3NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ8MSJgvGVCU2y+AiAiyPbe7WZ13 c+GLW7dONnXWUCEhu3Mqco3y74m4AWdVfceVvWkcZmdkc1mJizEtOkgA68upi38z jbiYwPMLqpg7SErdDm5BZbYGbWnpbAfGmtkOpPt0CzMxiGe42YzXmMkblybMge1T Qut8x4HkUprUeBnfOjwViFYoa5fUWR70tI03v5wIybSHOFsBPdl8uqpgCel5/M5K 8i1Tn1GsXTOH+kzSv0Bl0hloFLRZDiUWZIEP1UU2MVFyi/7BV7n70l9H116il5az FCZ//DMuasuBUv3z2lUbHFdgBzVl0mSepmvaRJXGjgSZcBIJ3ATydqRizwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAidM5pl9Y2uJeGEHMO08Su+dA8kMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4OTQ4MTJkLTQ5M2UtNDNmNy04YzNhLTc2YTY0YWQ5NmRlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYUBAMA0GCSqGSIb3DQEBCwUAA4IBAQB+91nLOKgghRk7T/i8 /KcJX1X6f73LnsvuqqNni3GwI8emds9Nqbgt3GSk3vHR+6qmtUJxPXMxoPC+Kk7v FOpbUQ6/dKN4m5e8c0M8sTq+qrl2b894SDoYfyuRwsVxY8yImtMZQRDC4Qd7jRa3 /AkHuOp8i0CZuvUNg/RZ09m/WmbeGaksAXiLvxG02GkVHyKlVa1rEPJ+e2UuTiN7 tpv5kuN1TsFQR6egCISA9ZVdF5GQ4DO6mF5F2dlXBMD86/5AJ0Lmo4t9bEgWkxAp EBh/GzTDQkbAYNVhHWmq3CTU0bBZ+6+sIe/1V42Ib1XAv/fwYGm0wJl1itnhE6mu OU+J -----END CERTIFICATE-----Generated at Sat Jun 14 06:04:17 2025 by rpki-client