$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa File: b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa (raw, json) Hash identifier: loJff77F7SQNFP7HgkCGhWOcif8YtnMxd8Q5y3jJmb0= Subject key identifier: AE:44:2E:FE:20:9A:E1:C7:69:85:86:90:09:C8:3E:01:D5:B7:DE:FD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 069C0B9EAA06A40322541546CC9C57CED07C016E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa Signing time: Sat 07 Jun 2025 00:10:16 +0000 ROA not before: Sat 07 Jun 2025 00:10:16 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:9c:0b:9e:aa:06:a4:03:22:54:15:46:cc:9c:57:ce:d0:7c:01:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:10:16 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=fc4b7827d10d91154f7b53372c70c6ea409841eaccee0c9245012447f34e3350, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:41:22:5b:80:99:59:05:5d:76:e9:7f:eb:9b: e5:e7:61:ac:83:6a:54:21:77:a2:02:02:30:16:34: 8d:a1:ff:81:c5:51:fe:c8:1f:b3:c4:4f:b0:85:87: 40:ba:d3:54:31:dc:7e:fd:f4:77:f1:c8:53:68:0c: fb:52:d8:ca:31:10:87:20:27:63:33:f4:13:10:15: 56:4e:4f:cc:9f:6c:38:a2:69:b0:5b:36:50:87:dc: df:1e:c3:ab:bd:c5:8f:c0:9d:db:a0:23:a6:c3:98: 81:be:f5:53:c8:b4:c4:e8:99:62:ab:5d:13:4f:22: 5c:a4:f2:1b:70:7a:45:e8:75:a9:ce:26:d5:5d:9b: dd:c4:82:8a:46:a4:77:5e:05:9e:9a:8b:39:78:7b: 30:9c:4d:dc:0c:63:53:ad:40:26:6e:0a:c3:f4:97: d3:60:89:03:ff:27:3f:c0:28:2c:4a:48:36:e9:e2: fe:2b:38:e5:1f:66:93:1d:ac:18:b5:1c:dd:cd:71: d9:70:44:c9:6d:6b:26:1a:91:c4:34:a3:27:5a:11: 9d:e2:cc:53:40:dd:03:56:e2:99:a6:64:42:00:ad: 97:67:33:0f:b7:72:32:39:53:9c:74:4f:2e:98:e5: 86:d4:01:10:23:95:85:6a:5c:1f:d9:6b:35:0f:40: 12:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:44:2E:FE:20:9A:E1:C7:69:85:86:90:09:C8:3E:01:D5:B7:DE:FD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:8080::/48 Signature Algorithm: sha256WithRSAEncryption c5:78:fd:26:5b:d5:83:d3:84:40:95:f3:fa:e1:14:fe:b3:f9: 53:e8:b4:b9:00:72:0a:d8:48:de:15:41:9f:3f:94:57:b2:d7: ce:de:c7:7e:3d:13:fa:56:2e:93:88:af:01:a5:25:4f:8a:76: 6b:76:89:26:73:23:6c:3a:63:3e:f6:f5:b0:a9:64:a6:cd:87: eb:66:fa:f7:4c:17:21:c1:cb:a4:8e:4c:8f:45:2d:c4:e9:7a: 59:23:cc:08:b0:f4:32:8f:8a:08:b8:c5:a1:bd:eb:e3:c4:92: 91:16:9e:a9:fe:39:e1:c5:5a:7a:28:61:3e:04:b9:ea:3f:48: 16:dd:a5:98:99:95:a3:63:d8:07:9e:37:75:d6:24:7a:d1:98: 90:cb:78:ee:d0:be:29:14:22:01:8a:73:0f:f7:de:72:69:f7: f6:5d:6f:ab:50:15:5f:e0:6b:a3:fb:e1:a4:fe:a7:4a:4a:a3: 9f:8c:86:22:8c:00:b2:a8:9f:6f:35:63:82:5f:a0:23:3b:d2: 3d:f6:70:08:d2:93:57:0d:b8:9b:9a:62:e5:64:d0:27:41:9e: 65:8c:86:a0:06:19:b9:55:16:aa:94:91:b6:88:63:fc:62:a8: 6d:b7:f5:95:44:3f:8e:8a:1b:10:16:30:83:28:b6:7e:70:9e: 4d:a0:53:e4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBpwLnqoGpAMiVBVGzJxXztB8AW4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMTAxNloX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAZmM0Yjc4MjdkMTBkOTExNTRmN2I1 MzM3MmM3MGM2ZWE0MDk4NDFlYWNjZWUwYzkyNDUwMTI0NDdmMzRlMzM1MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUEiW4CZWQVddul/65vl52Gsg2pU IXeiAgIwFjSNof+BxVH+yB+zxE+whYdAutNUMdx+/fR38chTaAz7UtjKMRCHICdj M/QTEBVWTk/Mn2w4ommwWzZQh9zfHsOrvcWPwJ3boCOmw5iBvvVTyLTE6Jliq10T TyJcpPIbcHpF6HWpzibVXZvdxIKKRqR3XgWemos5eHswnE3cDGNTrUAmbgrD9JfT YIkD/yc/wCgsSkg26eL+KzjlH2aTHawYtRzdzXHZcETJbWsmGpHENKMnWhGd4sxT QN0DVuKZpmRCAK2XZzMPt3IyOVOcdE8umOWG1AEQI5WFalwf2Ws1D0ASlQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFK5ELv4gmuHHaYWGkAnIPgHVt979MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IxYTI0YTI1LTliM2EtNDJlNC04N2JkLWIyMTJmN2ZkNzljOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8oCAMA0GCSqGSIb3DQEBCwUAA4IBAQDFeP0mW9WD04RAlfP6 4RT+s/lT6LS5AHIK2EjeFUGfP5RXstfO3sd+PRP6Vi6TiK8BpSVPinZrdokmcyNs OmM+9vWwqWSmzYfrZvr3TBchwcukjkyPRS3E6XpZI8wIsPQyj4oIuMWhvevjxJKR Fp6p/jnhxVp6KGE+BLnqP0gW3aWYmZWjY9gHnjd11iR60ZiQy3ju0L4pFCIBinMP 995yaff2XW+rUBVf4Guj++Gk/qdKSqOfjIYijACyqJ9vNWOCX6AjO9I99nAI0pNX DbibmmLlZNAnQZ5ljIagBhm5VRaqlJG2iGP8Yqhtt/WVRD+OihsQFjCDKLZ+cJ5N oFPk -----END CERTIFICATE-----Generated at Sat Jun 14 06:18:22 2025 by rpki-client