$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b32b6b6a-d0ef-46e3-a090-87e6f059ee91.roa File: b32b6b6a-d0ef-46e3-a090-87e6f059ee91.roa (raw, json) Hash identifier: 0FY2y+9YQCEzNkVLEtyavSd4h8k9eg4l9fj0wTj93Dc= Subject key identifier: 2D:2D:A3:20:78:17:D2:73:2E:78:85:85:80:07:71:65:86:94:8C:C1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4B0E8E0A2A690C1E3E22B44A752B67BFA4D22922 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b32b6b6a-d0ef-46e3-a090-87e6f059ee91.roa Signing time: Mon 09 Jun 2025 15:20:53 +0000 ROA not before: Mon 09 Jun 2025 15:20:53 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:48c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:0e:8e:0a:2a:69:0c:1e:3e:22:b4:4a:75:2b:67:bf:a4:d2:29:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:20:53 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=aab18f334da2f838077298b50632f65f2a9315be4d4ce4accbdb77d47ddfb854, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a4:c7:c6:c4:12:ba:1c:9e:dc:b1:96:36:21: 4d:fc:0d:b1:98:e8:f9:94:47:ad:88:94:f5:67:40: 35:63:59:eb:0b:6e:06:f7:32:f1:42:f7:a7:d5:3d: f5:2e:91:e7:54:91:37:46:94:1f:9b:64:40:23:a3: 2c:ea:50:80:56:d4:5d:29:7a:03:fd:9b:bc:a0:ce: 9a:89:96:16:a0:2d:91:42:be:e9:97:71:f6:85:a4: ef:8f:b3:1c:03:39:85:b9:ce:72:cd:01:c9:d4:b3: 12:d8:ee:c4:40:8b:c9:bc:f3:0c:2b:b3:fb:3c:c5: d5:24:24:4f:37:67:c4:2b:d5:93:b9:8f:01:77:61: c6:df:03:f1:44:5f:16:1f:6f:87:cf:52:ec:11:b4: e8:c7:25:40:2d:96:81:51:11:2b:98:47:81:86:c4: 61:53:ca:f2:f3:f3:b9:98:52:af:15:bd:d5:f3:0b: 76:71:08:e1:48:6f:61:86:40:87:e8:47:2d:5a:fa: a1:7e:d1:11:4d:d6:23:4e:ef:a4:4b:e4:1b:30:a2: f5:92:a6:b5:09:7a:ec:71:4a:ac:34:d2:3e:0e:7f: 4d:fe:85:53:66:ad:aa:58:fa:7a:33:4d:9f:f3:68: 98:0b:89:63:2f:cf:13:62:f2:c9:03:2a:e0:06:84: de:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:2D:A3:20:78:17:D2:73:2E:78:85:85:80:07:71:65:86:94:8C:C1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b32b6b6a-d0ef-46e3-a090-87e6f059ee91.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:48c0::/48 Signature Algorithm: sha256WithRSAEncryption 0e:db:c8:18:4d:17:77:bf:f3:e4:08:30:61:bb:23:f2:ba:b6: 61:91:42:14:56:86:37:42:38:3f:5f:25:c8:8c:45:e1:5b:e8: ef:b4:c4:af:98:44:3c:72:13:93:75:21:28:2f:81:2c:14:b5: a0:4f:b2:d0:3b:04:5d:32:02:97:3e:25:fa:06:e4:3f:15:42: cf:5e:90:9f:77:20:00:41:54:fc:d9:0b:62:94:30:1d:b5:cc: f1:70:ee:c4:4f:77:d8:26:c7:5e:ad:27:ca:04:92:f6:53:fa: d7:a6:8b:16:2b:65:ef:57:8c:71:55:4a:c0:1e:35:3f:0c:5f: 79:e6:ac:3f:30:18:fd:72:7a:f5:6e:62:af:1b:f5:ee:9a:80: dd:4c:f1:f0:1d:53:9f:ac:cd:ff:e4:6b:6c:8c:fb:24:bb:ae: 17:be:6a:25:a3:fe:54:21:ea:2b:10:55:52:0f:b5:71:e3:9d: 7a:68:8e:0f:b2:7d:c6:d1:27:48:d7:b1:a7:c2:a3:0e:5a:b5: 12:fd:2d:89:5c:68:8d:30:90:bf:5c:bf:3b:fd:fb:90:86:c7: 9f:f7:f4:1f:ff:36:44:0e:9c:99:cd:c6:fe:41:04:dd:9b:63: bd:9c:fe:c5:43:e7:3a:f1:4f:09:80:f1:71:bc:67:15:fb:e9: f0:ce:05:cd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSw6OCippDB4+IrRKdStnv6TSKSIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MjA1M1oX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAYWFiMThmMzM0ZGEyZjgzODA3NzI5 OGI1MDYzMmY2NWYyYTkzMTViZTRkNGNlNGFjY2JkYjc3ZDQ3ZGRmYjg1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqTHxsQSuhye3LGWNiFN/A2xmOj5 lEetiJT1Z0A1Y1nrC24G9zLxQven1T31LpHnVJE3RpQfm2RAI6Ms6lCAVtRdKXoD /Zu8oM6aiZYWoC2RQr7pl3H2haTvj7McAzmFuc5yzQHJ1LMS2O7EQIvJvPMMK7P7 PMXVJCRPN2fEK9WTuY8Bd2HG3wPxRF8WH2+Hz1LsEbToxyVALZaBURErmEeBhsRh U8ry8/O5mFKvFb3V8wt2cQjhSG9hhkCH6EctWvqhftERTdYjTu+kS+QbMKL1kqa1 CXrscUqsNNI+Dn9N/oVTZq2qWPp6M02f82iYC4ljL88TYvLJAyrgBoTe6QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC0toyB4F9JzLniFhYAHcWWGlIzBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IzMmI2YjZhLWQwZWYtNDZlMy1hMDkwLTg3ZTZmMDU5ZWU5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEjAMA0GCSqGSIb3DQEBCwUAA4IBAQAO28gYTRd3v/PkCDBh uyPyurZhkUIUVoY3Qjg/XyXIjEXhW+jvtMSvmEQ8chOTdSEoL4EsFLWgT7LQOwRd MgKXPiX6BuQ/FULPXpCfdyAAQVT82QtilDAdtczxcO7ET3fYJsderSfKBJL2U/rX posWK2XvV4xxVUrAHjU/DF955qw/MBj9cnr1bmKvG/XumoDdTPHwHVOfrM3/5Gts jPsku64Xvmolo/5UIeorEFVSD7Vx4516aI4Psn3G0SdI17GnwqMOWrUS/S2JXGiN MJC/XL87/fuQhsef9/Qf/zZEDpyZzcb+QQTdm2O9nP7FQ+c68U8JgPFxvGcV++nw zgXN -----END CERTIFICATE-----Generated at Sat Jun 14 06:03:08 2025 by rpki-client