$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa File: ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa (raw, json) Hash identifier: 1Gy1W9qg0kaxOZsblAuyS5obkLjHwGsp5T9j1HK0Sow= Subject key identifier: FE:F5:6B:BA:1B:E4:73:BA:5A:ED:07:96:BE:92:C4:59:13:93:59:F3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 52B36BD2B1CF7280711D23D07ECE8BFE86BC24E8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa Signing time: Tue 10 Jun 2025 15:11:21 +0000 ROA not before: Tue 10 Jun 2025 15:11:21 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:b3:6b:d2:b1:cf:72:80:71:1d:23:d0:7e:ce:8b:fe:86:bc:24:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:11:21 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=d4ce8bb46d4ad0b1bc780843cb57a7e5f06852c732db6b80e5e6805b3e22282f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:76:12:4b:c2:48:7f:55:a8:f6:53:8d:a0:2b: c8:2e:9c:35:a7:07:90:bb:50:fa:61:f8:0f:8c:15: 29:60:76:19:f8:b2:3c:92:e8:5c:01:95:f0:a5:f4: bc:e5:8a:80:0f:ac:d9:d5:72:e5:d1:36:c7:d0:68: bf:1d:57:50:96:4c:51:2e:ef:18:4f:63:0d:0e:9b: ff:77:b4:8a:a5:61:b9:b2:a0:af:81:0e:14:84:cc: f0:2c:c7:fe:2a:87:65:a7:d5:64:a6:cb:ec:2c:37: a1:8c:6b:69:d3:32:83:8f:ae:3c:81:f8:c5:86:7e: 43:5f:bb:48:99:53:6a:da:e7:93:59:aa:d3:82:72: 27:e6:cf:66:51:6d:e4:7b:79:ea:a3:ff:02:9d:68: 3f:d8:71:9b:13:09:a8:d9:ff:35:04:07:3c:e5:c4: 24:5e:98:a4:7a:0f:dc:35:ca:31:27:29:7d:80:89: 1e:06:96:2c:45:9e:e1:18:4c:46:fc:b9:c3:a3:7a: 11:98:b2:30:fe:b0:91:ee:f8:c2:8a:da:ac:d9:cf: 98:c8:62:97:43:d0:37:f4:f6:0a:3e:91:d3:45:a2: 69:e5:fe:a6:da:d2:c8:20:69:3e:78:ca:ed:dc:82: 64:e4:f1:4b:c7:2d:51:f0:dd:f3:32:f3:66:0e:54: 9b:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:F5:6B:BA:1B:E4:73:BA:5A:ED:07:96:BE:92:C4:59:13:93:59:F3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:4000::/40 Signature Algorithm: sha256WithRSAEncryption b6:98:98:ba:13:8c:7e:c5:c8:1e:15:d0:e7:0b:38:bc:6d:15: 39:00:bf:5c:d8:d3:84:09:ef:b0:84:91:b5:45:9f:fd:10:30: 33:49:9c:66:10:c8:9c:48:09:9a:26:31:59:fe:e3:ad:44:24: e9:76:1b:f0:12:ff:ca:4f:60:7e:ec:7d:7b:fb:76:54:41:a3: 46:be:ea:b4:87:99:2d:3f:13:0b:0f:bd:38:e5:5f:3c:d8:b0: 4f:4a:6b:90:a3:f4:9d:64:da:e2:b4:b9:80:0c:d8:9c:0c:12: ed:1d:25:96:75:02:80:c3:df:bc:8e:8b:df:a0:2c:8d:2f:57: ea:4a:ae:ea:f5:bc:0a:ec:2f:3a:39:02:7e:58:8b:e1:f5:90: ee:bc:ca:4c:28:6c:94:2c:30:3a:9e:4b:eb:2d:3b:5c:a9:82: 23:de:7a:9f:d3:21:29:1d:5f:75:2e:99:05:75:88:1e:19:72: 3f:ac:3e:46:64:15:ab:c9:91:81:93:de:9f:e3:0c:64:ac:4c: 53:83:82:45:c5:1d:29:c7:c8:47:3e:b2:e9:12:be:2d:59:6f: 49:9a:52:4d:b5:04:b2:45:63:ad:2e:e3:d7:6f:1c:67:5a:c5: bf:bb:8a:39:bc:15:c6:50:15:54:0b:42:1f:b6:bb:44:a0:ad: 21:53:59:36 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUrNr0rHPcoBxHSPQfs6L/oa8JOgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTEyMVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZDRjZThiYjQ2ZDRhZDBiMWJjNzgw ODQzY2I1N2E3ZTVmMDY4NTJjNzMyZGI2YjgwZTVlNjgwNWIzZTIyMjgyZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nYSS8JIf1Wo9lONoCvILpw1pweQ u1D6YfgPjBUpYHYZ+LI8kuhcAZXwpfS85YqAD6zZ1XLl0TbH0Gi/HVdQlkxRLu8Y T2MNDpv/d7SKpWG5sqCvgQ4UhMzwLMf+Kodlp9VkpsvsLDehjGtp0zKDj648gfjF hn5DX7tImVNq2ueTWarTgnIn5s9mUW3ke3nqo/8CnWg/2HGbEwmo2f81BAc85cQk Xpikeg/cNcoxJyl9gIkeBpYsRZ7hGExG/LnDo3oRmLIw/rCR7vjCitqs2c+YyGKX Q9A39PYKPpHTRaJp5f6m2tLIIGk+eMrt3IJk5PFLxy1R8N3zMvNmDlSbqwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP71a7ob5HO6Wu0Hlr6SxFkTk1nzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JhMDY1OWVhLThlZDktNGE3ZS04NGMzLTEzMWQ0ZDViYTI1Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/kAwDQYJKoZIhvcNAQELBQADggEBALaYmLoTjH7FyB4V0OcL OLxtFTkAv1zY04QJ77CEkbVFn/0QMDNJnGYQyJxICZomMVn+461EJOl2G/AS/8pP YH7sfXv7dlRBo0a+6rSHmS0/EwsPvTjlXzzYsE9Ka5Cj9J1k2uK0uYAM2JwMEu0d JZZ1AoDD37yOi9+gLI0vV+pKrur1vArsLzo5An5Yi+H1kO68ykwobJQsMDqeS+st O1ypgiPeep/TISkdX3UumQV1iB4Zcj+sPkZkFavJkYGT3p/jDGSsTFODgkXFHSnH yEc+sukSvi1Zb0maUk21BLJFY60u49dvHGdaxb+7ijm8FcZQFVQLQh+2u0SgrSFT WTY= -----END CERTIFICATE-----Generated at Sat Jun 14 06:29:14 2025 by rpki-client