$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa File: c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa (raw, json) Hash identifier: EQKlLMnxGO22tuO5qo4mKEBgKlTX2wcdiP0rxYFRCEg= Subject key identifier: 1B:82:10:26:8F:CB:BE:B6:2D:83:1F:CC:9B:21:C8:39:79:7C:5F:50 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D8B0B9EA271444AF1437B85232DEF77CA679B47 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa Signing time: Tue 10 Jun 2025 15:41:06 +0000 ROA not before: Tue 10 Jun 2025 15:41:06 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12:8400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:8b:0b:9e:a2:71:44:4a:f1:43:7b:85:23:2d:ef:77:ca:67:9b:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:41:06 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=31e8f8962a9830bd1765f097617503c14c82f8110d388090fa114a70feae06e2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:ae:6d:2d:e5:e8:fe:e0:ee:b2:52:cc:a4:9c: 5b:95:b7:e7:e4:4b:74:3a:46:38:a6:18:a6:d9:7e: 30:6d:27:f5:f3:3d:fc:44:47:ec:c5:61:36:17:18: a3:e3:95:5f:50:a3:29:a6:5c:74:44:6e:15:0f:b6: f9:71:f9:30:67:0c:c4:45:fa:d5:e0:29:1d:aa:15: 65:6d:3e:b4:7e:0f:6f:01:8b:b8:4d:55:24:98:1c: 3f:8d:a0:41:a3:f2:4b:0e:d8:9d:88:9c:05:a5:e5: a4:d5:ce:1c:41:69:03:56:3e:03:5b:4c:a4:0d:67: 57:3a:26:09:3c:57:9a:6a:b4:f2:34:a0:fa:1a:34: e1:d7:4c:cd:f0:cf:a5:b3:33:1a:7c:90:59:c7:3f: bf:e0:16:4e:94:f4:bd:db:48:21:71:1d:d7:9e:b1: 02:b0:87:e3:77:71:a7:85:fa:ce:14:ee:3e:da:8b: c1:ba:d3:c6:9b:3b:d7:04:b2:9f:c7:59:d5:d0:f2: 1c:eb:c3:ff:de:ab:09:49:80:fb:8b:aa:4e:b2:a6: 6c:84:15:cf:e6:7f:23:4d:23:e1:f1:f2:55:a6:4a: 80:67:e6:6b:23:be:50:1d:7d:9d:78:51:a5:62:b8: 3b:79:14:1c:11:22:b6:1c:e8:bd:8b:ad:9f:20:f7: 98:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:82:10:26:8F:CB:BE:B6:2D:83:1F:CC:9B:21:C8:39:79:7C:5F:50 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12:8400::/38 Signature Algorithm: sha256WithRSAEncryption 3d:82:62:7c:58:3e:e7:32:0e:ca:8e:11:b8:42:e2:4d:83:33: db:1b:e5:af:47:da:f8:b4:ed:45:73:65:37:16:63:3e:b8:2d: c2:8e:d6:8d:0c:c9:3e:38:17:d9:72:8a:33:de:46:a5:82:4f: 1e:e6:1c:fc:6b:ae:62:58:6d:2c:af:87:2f:4a:41:3c:ec:53: 73:6e:0a:8a:d7:85:4f:7b:95:81:70:79:f9:87:4c:56:99:09: 23:66:b6:4f:65:3b:4c:b2:73:76:89:2f:95:79:d5:b0:6e:d0: 3f:7b:d6:03:36:44:aa:cf:7f:dd:92:42:dd:b2:52:5e:9e:9d: b4:a0:f9:d0:4f:c3:0c:25:a3:0d:79:9d:b3:9d:56:a2:d2:d5: fa:72:37:7a:5c:f3:5d:fa:54:24:b4:af:64:d8:02:d2:41:ea: de:0e:b3:a5:47:bf:29:8f:da:0e:ee:4c:6e:a2:cd:28:54:af: 56:17:73:88:84:c2:4d:f9:b9:78:99:0c:3f:3c:da:7e:1f:2e: 09:ad:47:2a:14:ac:2b:08:42:e2:15:81:f6:bf:2f:b8:00:ce: 2d:e9:2f:58:09:1d:e0:e4:b2:0a:b4:83:3c:85:21:55:cf:2a: 6e:ad:9f:db:9f:93:03:da:54:d4:a1:6b:1b:01:88:23:23:8f: 44:7c:3c:49 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPYsLnqJxRErxQ3uFIy3vd8pnm0cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NDEwNloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMzFlOGY4OTYyYTk4MzBiZDE3NjVm MDk3NjE3NTAzYzE0YzgyZjgxMTBkMzg4MDkwZmExMTRhNzBmZWFlMDZlMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA165tLeXo/uDuslLMpJxblbfn5Et0 OkY4phim2X4wbSf18z38REfsxWE2Fxij45VfUKMpplx0RG4VD7b5cfkwZwzERfrV 4CkdqhVlbT60fg9vAYu4TVUkmBw/jaBBo/JLDtidiJwFpeWk1c4cQWkDVj4DW0yk DWdXOiYJPFeaarTyNKD6GjTh10zN8M+lszMafJBZxz+/4BZOlPS920ghcR3XnrEC sIfjd3GnhfrOFO4+2ovButPGmzvXBLKfx1nV0PIc68P/3qsJSYD7i6pOsqZshBXP 5n8jTSPh8fJVpkqAZ+ZrI75QHX2deFGlYrg7eRQcESK2HOi9i62fIPeYKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBuCECaPy762LYMfzJshyDl5fF9QMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M1YTFhMWEwLTRmNGYtNDczZC1iZmFjLWZkNDZmZjgyNjAwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEoQwDQYJKoZIhvcNAQELBQADggEBAD2CYnxYPucyDsqOEbhC 4k2DM9sb5a9H2vi07UVzZTcWYz64LcKO1o0MyT44F9lyijPeRqWCTx7mHPxrrmJY bSyvhy9KQTzsU3NuCorXhU97lYFwefmHTFaZCSNmtk9lO0yyc3aJL5V51bBu0D97 1gM2RKrPf92SQt2yUl6enbSg+dBPwwwlow15nbOdVqLS1fpyN3pc8136VCS0r2TY AtJB6t4Os6VHvymP2g7uTG6izShUr1YXc4iEwk35uXiZDD882n4fLgmtRyoUrCsI QuIVgfa/L7gAzi3pL1gJHeDksgq0gzyFIVXPKm6tn9ufkwPaVNShaxsBiCMjj0R8 PEk= -----END CERTIFICATE-----Generated at Sat Jun 14 05:50:44 2025 by rpki-client