$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9c913ee-ed05-4815-9620-c3c48eb368a1.roa File: b9c913ee-ed05-4815-9620-c3c48eb368a1.roa (raw, json) Hash identifier: ofuwi6AimT5oCDSjZtOWRbZoWRn6KiXFMUK4eaGq3+M= Subject key identifier: EF:F6:4D:BD:0F:5C:D0:32:5F:55:FD:41:C5:F8:A7:12:6D:90:68:85 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2FF02CD4D4D6AF63E85DE843F77959838F916C88 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9c913ee-ed05-4815-9620-c3c48eb368a1.roa Signing time: Tue 10 Jun 2025 00:51:22 +0000 ROA not before: Tue 10 Jun 2025 00:51:22 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:f0:2c:d4:d4:d6:af:63:e8:5d:e8:43:f7:79:59:83:8f:91:6c:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:51:22 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=1afae8fa5b3efc1aaab373bfaa3a64e549507954d7ec51cd0f345b11b0f8214f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:0a:7d:4b:82:8b:22:c2:48:d5:b0:7f:c1:bb: 3b:82:0c:3f:6f:c8:b2:70:30:0e:5c:ab:fa:0a:ba: 16:64:e9:00:e6:fa:ba:13:ff:a4:08:fc:91:77:19: 2c:26:5d:9a:21:e8:24:ec:58:0d:d9:d1:e5:76:85: eb:c9:0d:e0:90:84:b8:57:51:7c:b7:15:82:28:9f: b8:3e:80:64:e7:3b:8c:b1:35:5b:21:ca:4f:e4:24: 47:6f:33:68:3b:25:c6:6c:6d:e2:1b:fc:89:54:13: cc:84:59:14:96:34:f2:a4:cd:3b:03:77:6f:5f:8e: a4:ed:3f:bf:fd:e2:ba:16:4c:9c:ed:54:79:fb:1e: 15:fc:17:4f:9f:87:fb:ab:63:a5:21:15:bc:9f:de: 69:73:4d:ef:fb:d6:16:93:4f:a1:e4:a5:03:fa:9b: e2:7d:06:75:6b:cb:9b:68:fe:8a:cf:07:d8:aa:65: 19:6a:d4:21:c1:d7:43:7b:79:4b:75:8c:b3:5e:60: 5d:d3:14:bb:60:1e:61:c0:a2:cf:b1:e4:b5:52:c0: 0f:7c:7c:1a:2b:9d:14:11:34:e4:8c:98:bc:ad:e7: ad:8f:5e:51:b3:14:5d:02:5b:a3:45:13:5a:7a:7b: a6:1d:d9:67:c2:06:3f:75:e3:23:5b:47:e7:c3:39: e7:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:F6:4D:BD:0F:5C:D0:32:5F:55:FD:41:C5:F8:A7:12:6D:90:68:85 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9c913ee-ed05-4815-9620-c3c48eb368a1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:2800::/40 Signature Algorithm: sha256WithRSAEncryption 8c:ea:9f:39:29:44:0b:77:4a:08:68:9b:57:58:41:2f:23:62: 38:34:22:c7:7e:5d:23:40:70:cb:59:72:9a:7c:08:0b:cf:e0: 41:70:59:27:28:5c:21:96:3a:6a:13:8b:9f:10:9e:fd:98:4f: 0b:0c:cf:d8:c7:a0:46:b8:30:15:70:52:c9:34:b2:42:cc:60: a3:dc:ca:15:c5:b2:41:b7:6f:41:e9:ac:de:23:51:c7:00:5d: ee:9d:55:9e:3b:e1:6b:b6:41:3d:5f:f1:50:95:2a:16:98:d8: 14:e0:92:6a:68:33:06:00:0d:29:90:05:6b:8e:c8:79:35:ec: 37:e8:1e:18:29:87:d4:d0:30:19:5f:54:17:af:d7:72:de:6a: 78:fc:11:52:8c:97:07:2e:fd:33:04:a6:88:e4:30:46:ff:df: 09:72:e5:a8:17:0e:9b:a8:e7:e2:dc:39:69:ab:e9:89:c6:b4: ab:d3:04:21:f4:73:d0:f7:8a:cb:db:74:99:bc:ac:49:00:77: 68:10:42:1b:88:e5:a2:c0:56:f6:33:3c:f2:a9:87:ab:d5:fe: 73:a2:75:4a:8b:66:36:47:ea:dd:4e:30:1e:c4:03:53:b4:bc: cd:67:f0:23:d3:c6:71:40:25:a6:06:74:90:f0:8e:9f:e9:58: d8:97:5b:2a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUL/As1NTWr2PoXehD93lZg4+RbIgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwNTEyMloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMWFmYWU4ZmE1YjNlZmMxYWFhYjM3 M2JmYWEzYTY0ZTU0OTUwNzk1NGQ3ZWM1MWNkMGYzNDViMTFiMGY4MjE0ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgp9S4KLIsJI1bB/wbs7ggw/b8iy cDAOXKv6CroWZOkA5vq6E/+kCPyRdxksJl2aIegk7FgN2dHldoXryQ3gkIS4V1F8 txWCKJ+4PoBk5zuMsTVbIcpP5CRHbzNoOyXGbG3iG/yJVBPMhFkUljTypM07A3dv X46k7T+//eK6Fkyc7VR5+x4V/BdPn4f7q2OlIRW8n95pc03v+9YWk0+h5KUD+pvi fQZ1a8ubaP6KzwfYqmUZatQhwddDe3lLdYyzXmBd0xS7YB5hwKLPseS1UsAPfHwa K50UETTkjJi8reetj15RsxRdAlujRRNaenumHdlnwgY/deMjW0fnwznnQQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFO/2Tb0PXNAyX1X9QcX4pxJtkGiFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I5YzkxM2VlLWVkMDUtNDgxNS05NjIwLWMzYzQ4ZWIzNjhhMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaSgwDQYJKoZIhvcNAQELBQADggEBAIzqnzkpRAt3Sghom1dY QS8jYjg0Isd+XSNAcMtZcpp8CAvP4EFwWScoXCGWOmoTi58Qnv2YTwsMz9jHoEa4 MBVwUsk0skLMYKPcyhXFskG3b0HprN4jUccAXe6dVZ474Wu2QT1f8VCVKhaY2BTg kmpoMwYADSmQBWuOyHk17DfoHhgph9TQMBlfVBev13Leanj8EVKMlwcu/TMEpojk MEb/3wly5agXDpuo5+LcOWmr6YnGtKvTBCH0c9D3isvbdJm8rEkAd2gQQhuI5aLA VvYzPPKph6vV/nOidUqLZjZH6t1OMB7EA1O0vM1n8CPTxnFAJaYGdJDwjp/pWNiX Wyo= -----END CERTIFICATE-----Generated at Sat Jun 14 06:03:04 2025 by rpki-client