$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa File: acf96eac-505d-42a3-ad3b-20402c0f43ed.roa (raw, json) Hash identifier: O7Sj43VEudNTeCLDLe34T4hhZ8XTjqoiyzO4eHWFIzc= Subject key identifier: 0F:3B:20:96:6B:85:FA:D9:EF:04:68:AA:AA:EA:E0:4E:08:65:9D:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2D496597332A27D6FE6AB0E946585EE3A210608E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa Signing time: Tue 10 Jun 2025 15:51:09 +0000 ROA not before: Tue 10 Jun 2025 15:51:09 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1d::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:49:65:97:33:2a:27:d6:fe:6a:b0:e9:46:58:5e:e3:a2:10:60:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:51:09 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=701306b03d340f0c03bc479188bbc3f6383c3ddf75b8a356215a3819066e7404, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:7d:aa:62:a9:cd:9e:a5:e9:76:5e:18:8e:b6: 76:a7:cc:83:39:85:5c:a5:64:78:63:3b:dc:19:81: 1d:df:e4:bc:4c:04:e6:df:fc:0f:8e:74:8f:87:a0: 98:e7:05:f7:6a:08:a0:16:ee:94:fb:74:d0:cb:ee: bd:8f:88:86:b3:e3:6b:ab:31:2f:56:5f:a5:d6:52: 6a:46:d0:c5:5c:1d:a2:b2:8f:7d:f5:e2:a0:13:d4: aa:c3:91:d1:fe:6c:9e:33:84:b2:82:ce:3e:70:d3: 63:50:e5:6d:f7:e2:c0:b8:ee:6e:3b:b0:ab:6d:10: 23:fc:99:42:db:03:74:70:31:14:51:67:11:6a:be: 34:31:42:fb:1f:ee:ad:45:67:b6:f3:5e:82:6c:8c: 92:f9:fb:3b:cc:cf:ae:2e:a3:a1:b9:f1:ba:e4:57: a6:b7:05:38:ee:62:f5:f2:dd:97:a6:fa:fb:16:e5: 84:6e:91:fa:01:ae:dd:79:a2:92:bf:c1:fa:ff:34: 78:ea:3c:9b:d0:16:73:8f:c4:19:5a:4c:d1:4f:5f: 8b:f7:a6:ba:75:86:53:e8:c9:dc:99:f3:2a:a9:aa: 8e:c7:b2:14:bc:c5:e9:f6:77:51:9b:8d:fa:c1:07: c9:7a:ec:74:e8:9e:d8:5d:06:a1:24:9a:5f:57:83: 74:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:3B:20:96:6B:85:FA:D9:EF:04:68:AA:AA:EA:E0:4E:08:65:9D:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1d::/36 Signature Algorithm: sha256WithRSAEncryption c0:74:a2:25:ea:5e:df:cb:5e:7a:3f:9b:d1:79:cf:40:a5:c8: e4:c8:9e:ac:99:e7:e3:81:90:b4:88:ee:31:33:83:14:3e:3f: 78:4f:fd:53:1e:2e:dd:80:89:d2:23:3e:4e:90:8f:c7:85:4d: 68:13:b6:d1:f9:08:f3:f3:2d:69:bf:03:62:b8:fb:fa:5d:1b: b3:fd:36:be:c8:dd:5e:c4:8e:a9:a5:65:95:f0:32:62:8c:99: e7:38:50:c3:59:24:5c:3b:66:cd:af:20:5b:87:af:6d:65:f0: 2a:30:e2:04:2d:fe:f0:18:d5:63:bc:de:49:a9:04:e5:48:68: 89:8d:d6:69:49:0c:5e:93:d4:50:9e:ac:c6:96:31:45:35:95: 87:98:7f:bc:05:2f:4c:c9:88:fd:3a:7d:a7:1b:6d:40:36:df: ca:f6:23:14:e9:66:a6:dd:06:02:cd:fe:a3:bd:09:36:6f:d0: af:3d:d6:21:e4:3c:d4:df:e0:7d:51:a2:55:58:6b:ab:a0:db: 15:e9:c8:31:ad:77:03:60:b3:de:6b:28:93:8f:4c:dd:6b:c3: 60:8c:3a:12:e2:3c:b3:93:b9:6d:1f:68:20:74:10:2c:f7:63: 08:c0:cf:92:93:6e:a4:d0:f3:a0:fa:e8:dc:de:3e:91:4d:7c: 47:27:06:66 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULUlllzMqJ9b+arDpRlhe46IQYI4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NTEwOVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANzAxMzA2YjAzZDM0MGYwYzAzYmM0 NzkxODhiYmMzZjYzODNjM2RkZjc1YjhhMzU2MjE1YTM4MTkwNjZlNzQwNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH2qYqnNnqXpdl4YjrZ2p8yDOYVc pWR4YzvcGYEd3+S8TATm3/wPjnSPh6CY5wX3agigFu6U+3TQy+69j4iGs+NrqzEv Vl+l1lJqRtDFXB2iso999eKgE9Sqw5HR/myeM4Sygs4+cNNjUOVt9+LAuO5uO7Cr bRAj/JlC2wN0cDEUUWcRar40MUL7H+6tRWe2816CbIyS+fs7zM+uLqOhufG65Fem twU47mL18t2Xpvr7FuWEbpH6Aa7deaKSv8H6/zR46jyb0BZzj8QZWkzRT1+L96a6 dYZT6MncmfMqqaqOx7IUvMXp9ndRm436wQfJeux06J7YXQahJJpfV4N0/QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA87IJZrhfrZ7wRoqqrq4E4IZZ0KMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjZjk2ZWFjLTUwNWQtNDJhMy1hZDNiLTIwNDAyYzBmNDNlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaHQAwDQYJKoZIhvcNAQELBQADggEBAMB0oiXqXt/LXno/m9F5 z0ClyOTInqyZ5+OBkLSI7jEzgxQ+P3hP/VMeLt2AidIjPk6Qj8eFTWgTttH5CPPz LWm/A2K4+/pdG7P9Nr7I3V7EjqmlZZXwMmKMmec4UMNZJFw7Zs2vIFuHr21l8Cow 4gQt/vAY1WO83kmpBOVIaImN1mlJDF6T1FCerMaWMUU1lYeYf7wFL0zJiP06facb bUA238r2IxTpZqbdBgLN/qO9CTZv0K891iHkPNTf4H1RolVYa6ug2xXpyDGtdwNg s95rKJOPTN1rw2CMOhLiPLOTuW0faCB0ECz3YwjAz5KTbqTQ86D66NzePpFNfEcn BmY= -----END CERTIFICATE-----Generated at Sat Jun 14 06:16:20 2025 by rpki-client