$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7927220-65f6-4672-9bc9-acf8cfe8adf4.roa File: b7927220-65f6-4672-9bc9-acf8cfe8adf4.roa (raw, json) Hash identifier: CMzFantRLZWOvu/jwLBbyVq96qNJ6GE5OzaaVGoUX7o= Subject key identifier: 96:CD:23:6E:5E:AB:FC:C3:89:2B:02:50:AB:1F:AE:38:9D:60:06:84 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6F877366D9C42D13AD485A328B8A39451E2D9CD8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7927220-65f6-4672-9bc9-acf8cfe8adf4.roa Signing time: Mon 09 Jun 2025 15:01:36 +0000 ROA not before: Mon 09 Jun 2025 15:01:36 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:f0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:87:73:66:d9:c4:2d:13:ad:48:5a:32:8b:8a:39:45:1e:2d:9c:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:01:36 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=78e2ed05a10f3bf7e7a02e19868d98443ed180b18561e0d8d792dc55e0a07d6d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:57:b2:e0:0f:4c:ff:f1:1d:39:50:c1:70:13: 0f:50:2e:5e:21:f5:14:b4:6e:93:e5:f0:7f:8e:20: cb:4a:35:6e:bb:77:07:f5:87:13:0f:f6:ac:c7:46: 07:dc:ef:ce:97:28:1b:b5:b2:36:07:7f:07:9a:c9: b3:e2:d2:71:55:73:22:fe:a8:f2:a0:79:06:20:99: bc:31:0b:94:74:e5:39:21:eb:34:3f:d7:33:7d:49: 98:b8:39:fb:43:68:24:bc:84:33:9c:02:79:9e:14: 9b:a5:f1:04:8f:e6:67:d5:37:bc:00:01:a5:50:92: 30:6e:ea:e6:55:f3:74:f5:77:b1:1f:16:4f:4d:fd: d2:90:eb:c0:7c:e9:19:ee:5a:21:e0:fa:2c:a6:0f: 13:b5:ca:f3:06:9e:10:fc:51:48:30:03:41:f7:13: 2c:34:d7:bb:3c:aa:6c:48:f8:63:46:8a:c6:a5:fc: 3c:fb:be:fd:72:63:a8:9e:46:5e:49:dd:a9:83:fb: 94:2d:b8:23:1e:c9:10:69:4c:3a:3d:1d:43:59:12: 8d:2b:74:e6:02:71:42:0b:8b:fd:63:85:6d:3c:2e: e4:a4:2a:29:6a:ca:fa:e7:13:1a:fa:30:3b:85:9d: ec:22:74:89:a8:db:29:b6:7b:40:26:a5:23:71:3c: a0:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:CD:23:6E:5E:AB:FC:C3:89:2B:02:50:AB:1F:AE:38:9D:60:06:84 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7927220-65f6-4672-9bc9-acf8cfe8adf4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:f0c0::/48 Signature Algorithm: sha256WithRSAEncryption 2d:94:08:d5:22:14:73:93:25:56:37:68:ac:75:e7:26:d8:9e: e8:af:b9:f1:a4:a7:c6:5e:ce:14:5d:94:de:7f:d0:3e:76:94: ac:ed:fa:b1:0b:87:13:ca:4e:3d:79:9c:96:97:33:d7:0c:cb: c1:cc:96:a2:8a:b4:f5:e8:2d:7d:48:64:d5:df:b5:ab:e5:85: 13:f7:d6:50:d1:da:f5:dd:5d:e1:5d:c8:81:8f:48:e7:e1:e3: 84:15:1a:cc:70:3b:20:21:55:69:2c:5a:e1:6b:ce:2a:c6:c8: f0:60:6b:7d:9c:b5:5e:9b:db:d8:7b:46:f5:02:7c:b4:9a:c7: 3e:72:ee:de:b1:06:e8:bb:c8:5e:e2:07:bb:87:de:81:59:c5: 79:80:f4:d0:87:49:4c:c2:cf:2e:6c:87:ca:34:ee:c0:30:3e: 96:a2:11:65:24:e2:cd:67:68:93:29:a2:d5:ee:b8:a1:f5:b8: cd:f2:56:ba:74:1a:5d:d6:ca:31:c8:15:ea:a0:5f:da:a8:f1: 3a:11:cf:32:de:01:c2:38:12:e4:00:8d:6b:70:5e:40:2a:5d: 84:5a:95:67:b6:2d:f2:7f:3a:c1:38:66:5f:ef:8f:99:7e:ce: a5:af:b1:36:5f:e3:aa:71:fa:b7:06:36:66:17:8d:50:d6:00: 40:51:a0:4a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUb4dzZtnELROtSFoyi4o5RR4tnNgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MDEzNloX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNANzhlMmVkMDVhMTBmM2JmN2U3YTAy ZTE5ODY4ZDk4NDQzZWQxODBiMTg1NjFlMGQ4ZDc5MmRjNTVlMGEwN2Q2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1ey4A9M//EdOVDBcBMPUC5eIfUU tG6T5fB/jiDLSjVuu3cH9YcTD/asx0YH3O/OlygbtbI2B38Hmsmz4tJxVXMi/qjy oHkGIJm8MQuUdOU5Ies0P9czfUmYuDn7Q2gkvIQznAJ5nhSbpfEEj+Zn1Te8AAGl UJIwburmVfN09XexHxZPTf3SkOvAfOkZ7loh4Pospg8TtcrzBp4Q/FFIMANB9xMs NNe7PKpsSPhjRorGpfw8+779cmOonkZeSd2pg/uULbgjHskQaUw6PR1DWRKNK3Tm AnFCC4v9Y4VtPC7kpCopasr65xMa+jA7hZ3sInSJqNsptntAJqUjcTygMQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJbNI25eq/zDiSsCUKsfrjidYAaEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I3OTI3MjIwLTY1ZjYtNDY3Mi05YmM5LWFjZjhjZmU4YWRmNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAPDAMA0GCSqGSIb3DQEBCwUAA4IBAQAtlAjVIhRzkyVWN2is decm2J7or7nxpKfGXs4UXZTef9A+dpSs7fqxC4cTyk49eZyWlzPXDMvBzJaiirT1 6C19SGTV37Wr5YUT99ZQ0dr13V3hXciBj0jn4eOEFRrMcDsgIVVpLFrha84qxsjw YGt9nLVem9vYe0b1Any0msc+cu7esQbou8he4ge7h96BWcV5gPTQh0lMws8ubIfK NO7AMD6WohFlJOLNZ2iTKaLV7rih9bjN8la6dBpd1soxyBXqoF/aqPE6Ec8y3gHC OBLkAI1rcF5AKl2EWpVnti3yfzrBOGZf74+Zfs6lr7E2X+Oqcfq3BjZmF41Q1gBA UaBK -----END CERTIFICATE-----Generated at Sat Jun 14 06:23:09 2025 by rpki-client