$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa File: b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa (raw, json) Hash identifier: YKBJ3RoCENFOs+mCQT4H5ePus3yf6T+sHI5wCkskBns= Subject key identifier: A4:24:32:35:F2:06:95:E1:D1:45:C9:9B:4A:41:D1:59:40:74:99:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 034067D2125CD5543C19E164FB97D34B6040E07D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa Signing time: Tue 10 Jun 2025 15:10:29 +0000 ROA not before: Tue 10 Jun 2025 15:10:29 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:40:67:d2:12:5c:d5:54:3c:19:e1:64:fb:97:d3:4b:60:40:e0:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:10:29 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=3a9a37ada9b4e0d5f694232b018b6ef1d1199576db2066946bc25404b0b6e6a8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:b0:56:3a:65:7b:fc:21:32:28:0d:0d:d5:ac: 7b:bc:e5:5e:ee:a2:e8:5f:bc:c3:82:59:3c:82:24: c6:13:3d:ab:a3:d4:09:81:22:3c:4d:04:77:4d:2e: a8:3a:c8:2b:d4:f6:3a:60:95:8b:be:a0:14:98:cf: 2b:f3:56:b4:e3:9f:62:f7:6b:d3:d5:01:45:48:80: 12:c1:e2:2f:84:c8:05:aa:f8:7a:3a:6f:09:31:a3: f9:83:e0:b3:ea:84:12:8f:94:45:c5:b0:3a:4a:e1: 70:aa:66:ce:f4:0c:ac:9e:6f:70:7b:f7:d6:6c:08: 04:bc:e6:03:4b:d3:f8:0a:3d:c7:0f:25:a3:f5:e6: 87:d3:bd:21:b8:ae:60:e1:5a:b8:a2:0b:b7:67:ed: a1:60:9c:c8:08:27:cf:40:d0:c1:1c:3a:50:ee:6f: 46:95:56:f9:02:68:c5:e2:44:8e:da:ed:a7:72:1d: b1:48:36:0f:6b:4f:25:92:15:ec:61:eb:20:41:4c: 38:e6:77:c2:a0:7f:b5:c5:e1:48:c6:40:77:57:1a: e3:a8:b9:f2:c8:1c:04:70:cc:2e:5e:ec:0e:0f:53: 74:34:5d:ba:38:ef:b4:d3:65:b7:99:c8:f0:43:ac: 7c:81:58:4a:98:da:c0:5c:63:b6:7d:34:44:90:d7: 1c:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:24:32:35:F2:06:95:E1:D1:45:C9:9B:4A:41:D1:59:40:74:99:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:b000::/40 Signature Algorithm: sha256WithRSAEncryption 90:f6:b6:60:9b:af:a1:ac:62:cb:b8:38:83:d1:35:4f:02:e6: 6e:4a:39:d2:ea:cc:08:59:bd:75:6e:33:d8:f2:f0:68:b0:3c: 05:5b:c4:64:07:d2:e7:f5:ce:a3:1b:5d:6c:f4:72:03:4e:e0: b4:20:39:87:52:7f:4b:e7:6f:e4:12:7a:89:91:46:ca:44:a3: 03:41:d6:3f:97:79:59:a9:a3:13:e2:23:b5:fa:30:91:ee:b8: 95:f3:40:a5:8e:f2:7b:f7:f1:db:16:d9:0b:a7:21:36:b2:92: 41:df:a1:5d:79:25:fb:6b:fd:ba:47:63:e2:dd:f6:6d:43:63: 5d:36:49:79:c7:88:e1:87:da:dc:c4:fc:b9:1c:d7:2e:66:a5: 96:53:66:8e:b1:10:64:e0:cf:5f:81:cd:fc:c7:0b:ab:b0:0c: 86:8c:08:23:9e:4a:48:e5:15:33:f8:14:37:88:d6:a8:df:1c: b4:59:54:ba:b7:1a:da:99:af:35:8d:eb:e7:7f:3b:1f:f2:d9: 2a:3e:eb:cd:b8:51:b8:68:f5:f3:0b:c8:d3:89:86:0c:e0:48: 70:ab:af:a6:57:f0:3a:00:0d:ee:8c:65:e1:5a:7e:e3:d1:99: 1b:f5:ae:77:46:df:52:05:c0:fd:e7:9e:e6:5c:5f:32:79:00: eb:d5:b3:f0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUA0Bn0hJc1VQ8GeFk+5fTS2BA4H0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTAyOVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAM2E5YTM3YWRhOWI0ZTBkNWY2OTQy MzJiMDE4YjZlZjFkMTE5OTU3NmRiMjA2Njk0NmJjMjU0MDRiMGI2ZTZhODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbBWOmV7/CEyKA0N1ax7vOVe7qLo X7zDglk8giTGEz2ro9QJgSI8TQR3TS6oOsgr1PY6YJWLvqAUmM8r81a0459i92vT 1QFFSIASweIvhMgFqvh6Om8JMaP5g+Cz6oQSj5RFxbA6SuFwqmbO9Aysnm9we/fW bAgEvOYDS9P4Cj3HDyWj9eaH070huK5g4Vq4ogu3Z+2hYJzICCfPQNDBHDpQ7m9G lVb5AmjF4kSO2u2nch2xSDYPa08lkhXsYesgQUw45nfCoH+1xeFIxkB3VxrjqLny yBwEcMwuXuwOD1N0NF26OO+002W3mcjwQ6x8gVhKmNrAXGO2fTREkNcciQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKQkMjXyBpXh0UXJm0pB0VlAdJk5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I3MTQ4YTFhLTRiMmQtNDA0NS1hZTc0LTFhZTIwMWRkY2FjYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaLAwDQYJKoZIhvcNAQELBQADggEBAJD2tmCbr6GsYsu4OIPR NU8C5m5KOdLqzAhZvXVuM9jy8GiwPAVbxGQH0uf1zqMbXWz0cgNO4LQgOYdSf0vn b+QSeomRRspEowNB1j+XeVmpoxPiI7X6MJHuuJXzQKWO8nv38dsW2QunITaykkHf oV15Jftr/bpHY+Ld9m1DY102SXnHiOGH2tzE/Lkc1y5mpZZTZo6xEGTgz1+BzfzH C6uwDIaMCCOeSkjlFTP4FDeI1qjfHLRZVLq3GtqZrzWN6+d/Ox/y2So+6824Ubho 9fMLyNOJhgzgSHCrr6ZX8DoADe6MZeFafuPRmRv1rndG31IFwP3nnuZcXzJ5AOvV s/A= -----END CERTIFICATE-----Generated at Sat Jun 14 06:34:17 2025 by rpki-client