$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b990f5b3-241d-4db7-8197-5e39d9181be8.roa File: b990f5b3-241d-4db7-8197-5e39d9181be8.roa (raw, json) Hash identifier: pJdyFOqo+dOlASlBf5XhZ7QbASN9vNaxdGcoZ62g1IQ= Subject key identifier: 4B:B4:71:1C:5D:D7:9C:D5:DC:04:A3:49:E0:A5:31:84:B1:9F:59:AB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E8D7BB63CBE520612419A7DDA0D5788EC75337C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b990f5b3-241d-4db7-8197-5e39d9181be8.roa Signing time: Mon 09 Jun 2025 15:30:22 +0000 ROA not before: Mon 09 Jun 2025 15:30:22 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:2840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:8d:7b:b6:3c:be:52:06:12:41:9a:7d:da:0d:57:88:ec:75:33:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:30:22 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=0e6d09e7f0e80d31dca92a34673c7faa28b65a1232d2493d90df6e71637ae72a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:fd:54:99:ef:be:7e:fe:50:1a:66:63:c0:95: e6:da:6f:e5:a0:bb:d3:fa:5f:06:b3:70:22:e2:e8: 79:68:2b:7a:bd:43:02:45:e4:5e:64:d6:43:70:84: 6a:a8:a5:6c:90:0e:8d:77:9d:c8:90:7d:77:92:da: d0:2e:7e:04:1a:f1:31:5d:70:6e:65:94:f1:95:1d: 87:12:c8:88:f1:5f:3c:1b:50:bd:54:67:df:aa:89: fe:91:82:f6:4f:c9:66:78:82:a3:c6:48:c3:f2:da: b9:7f:eb:0f:1e:b5:48:5b:9f:05:08:d1:f6:46:56: 6f:4d:cc:79:ef:22:51:b5:7b:e0:1c:b9:0a:c8:17: 76:8f:72:46:5a:86:b4:06:d0:e8:e9:c8:a7:2e:20: a2:13:dd:ae:75:18:e9:e1:ea:2f:fa:b0:23:50:f6: cc:39:52:3c:d9:ac:df:ad:75:58:4c:a3:fe:93:11: a4:80:07:c7:65:9d:87:1f:8a:d1:3b:98:dd:b4:a1: 81:25:ea:58:cb:67:78:3c:62:dd:19:7a:71:95:3c: 36:44:aa:53:99:c8:b5:b4:32:7c:5f:03:9c:33:ce: 85:c8:87:14:1a:ff:56:1f:11:22:d1:14:e0:be:ee: 25:5d:0b:d8:a9:73:06:8d:6e:a1:66:eb:d8:31:ee: 6b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:B4:71:1C:5D:D7:9C:D5:DC:04:A3:49:E0:A5:31:84:B1:9F:59:AB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b990f5b3-241d-4db7-8197-5e39d9181be8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:2840::/48 Signature Algorithm: sha256WithRSAEncryption 4b:d5:37:dd:93:d3:84:1b:ee:63:92:1b:ea:f8:01:d3:e2:8a: aa:9e:13:59:50:40:66:75:d4:d4:e6:cf:d9:dc:95:2a:1f:12: b9:10:13:43:ea:8d:67:30:6f:33:a6:1f:c1:45:cc:89:8d:18: 74:b4:0f:f1:8a:64:80:f8:7e:4b:34:e0:f7:30:25:5b:81:4a: 01:dc:cd:64:19:27:55:61:92:c9:34:85:e0:8e:1b:17:e2:3b: 84:51:78:e8:66:b9:8d:bd:87:13:7a:20:98:1a:62:d2:95:a6: 02:8d:00:ce:65:86:0e:53:c4:8f:66:d6:6f:cf:db:4a:45:0b: 83:9a:72:e2:7a:03:3a:fe:71:64:97:b8:81:58:a7:a2:00:de: 56:85:05:2b:37:7a:21:ed:8d:27:96:da:68:01:86:05:4b:a6: bf:34:e4:fe:a3:49:9a:1d:69:fa:16:f8:da:76:1c:be:ac:1b: d8:dc:1d:8d:97:73:5b:e1:b2:5a:90:3b:22:2c:e0:8b:8a:7a: db:1a:5b:8d:68:1e:45:b4:87:24:4b:d8:f2:fa:08:f7:d8:8a: be:7a:91:26:53:15:b4:6a:2a:5f:43:4b:cc:7d:a1:ea:32:e6: 7b:10:4c:a3:d4:ee:a2:f7:7f:31:ef:b1:13:ef:f5:95:82:93: 47:8b:f1:d8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPo17tjy+UgYSQZp92g1XiOx1M3wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MzAyMloX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAMGU2ZDA5ZTdmMGU4MGQzMWRjYTky YTM0NjczYzdmYWEyOGI2NWExMjMyZDI0OTNkOTBkZjZlNzE2MzdhZTcyYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7v1Ume++fv5QGmZjwJXm2m/loLvT +l8Gs3Ai4uh5aCt6vUMCReReZNZDcIRqqKVskA6Nd53IkH13ktrQLn4EGvExXXBu ZZTxlR2HEsiI8V88G1C9VGffqon+kYL2T8lmeIKjxkjD8tq5f+sPHrVIW58FCNH2 RlZvTcx57yJRtXvgHLkKyBd2j3JGWoa0BtDo6cinLiCiE92udRjp4eov+rAjUPbM OVI82azfrXVYTKP+kxGkgAfHZZ2HH4rRO5jdtKGBJepYy2d4PGLdGXpxlTw2RKpT mci1tDJ8XwOcM86FyIcUGv9WHxEi0RTgvu4lXQvYqXMGjW6hZuvYMe5rRQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEu0cRxd15zV3ASjSeClMYSxn1mrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I5OTBmNWIzLTI0MWQtNGRiNy04MTk3LTVlMzlkOTE4MWJlOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8ihAMA0GCSqGSIb3DQEBCwUAA4IBAQBL1Tfdk9OEG+5jkhvq +AHT4oqqnhNZUEBmddTU5s/Z3JUqHxK5EBND6o1nMG8zph/BRcyJjRh0tA/ximSA +H5LNOD3MCVbgUoB3M1kGSdVYZLJNIXgjhsX4juEUXjoZrmNvYcTeiCYGmLSlaYC jQDOZYYOU8SPZtZvz9tKRQuDmnLiegM6/nFkl7iBWKeiAN5WhQUrN3oh7Y0nltpo AYYFS6a/NOT+o0maHWn6Fvjadhy+rBvY3B2Nl3Nb4bJakDsiLOCLinrbGluNaB5F tIckS9jy+gj32Iq+epEmUxW0aipfQ0vMfaHqMuZ7EEyj1O6i938x77ET7/WVgpNH i/HY -----END CERTIFICATE-----Generated at Sat Jun 14 06:36:31 2025 by rpki-client