$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c71bce5d-19d0-4490-bbf0-f89c982ac8d8.roa File: c71bce5d-19d0-4490-bbf0-f89c982ac8d8.roa (raw, json) Hash identifier: TWz/WS72iTgmDSuZbYyA6QrlQXg/aPEM1AJmVzPudvo= Subject key identifier: E2:14:64:C4:0B:70:13:24:8F:FB:75:8C:DE:29:60:BD:44:49:90:0D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6FF45B10C636F92CBAFD992623B666BB1B281962 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c71bce5d-19d0-4490-bbf0-f89c982ac8d8.roa Signing time: Tue 10 Jun 2025 15:41:50 +0000 ROA not before: Tue 10 Jun 2025 15:41:50 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da18::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:f4:5b:10:c6:36:f9:2c:ba:fd:99:26:23:b6:66:bb:1b:28:19:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:41:50 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=cf880d413bd48267edd785088097ecf80c0dca5e90b778412f22f257b01f564d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:7c:ae:f7:ae:ec:73:5f:1d:f5:5b:13:39:18: d7:c0:a4:7f:0f:c2:42:f6:4b:17:9c:2a:6c:23:e5: c0:c8:56:5d:e1:0c:a1:ad:28:63:b3:1a:f4:75:90: e5:95:78:40:08:b0:9c:9c:33:ac:0c:de:e3:21:5a: a9:b7:b7:f1:e2:54:36:7c:10:8d:8b:77:1c:86:50: e9:d7:d9:d9:ba:9d:d6:42:a7:2d:23:09:f4:44:5d: 00:d9:9d:a5:07:16:d8:0d:85:61:9b:85:83:69:b5: 73:3c:4d:5f:e0:2d:23:29:8d:c0:6d:e7:10:ed:48: 85:24:ba:f5:df:cb:0b:ce:f6:97:f3:7f:02:72:26: 98:e1:4e:5b:9d:55:89:60:2b:1c:ca:aa:a5:b0:53: 99:ea:8f:b0:b8:b8:0d:09:f1:0f:b2:48:47:9c:e2: ae:df:71:de:cb:80:58:d2:15:b3:c0:af:c8:f1:bf: 40:12:02:96:78:2f:84:f8:a0:5b:90:40:e9:37:e7: 42:96:77:2a:65:e3:63:9d:b5:c7:b0:f1:7d:cd:d2: de:fe:56:3e:a9:5c:ff:a3:66:6f:08:fc:c1:52:3f: 10:84:0d:fc:c4:ea:59:19:b3:48:84:24:2f:bf:48: 67:86:57:fb:42:7e:1e:7c:92:75:c4:b3:67:7d:78: 65:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:14:64:C4:0B:70:13:24:8F:FB:75:8C:DE:29:60:BD:44:49:90:0D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c71bce5d-19d0-4490-bbf0-f89c982ac8d8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da18::/36 Signature Algorithm: sha256WithRSAEncryption 73:4b:be:58:e0:b2:ba:91:6e:b2:64:62:22:f7:64:77:06:41: fa:7e:95:46:d5:8b:e5:96:28:13:1f:2b:46:b6:d7:4a:5e:86: 0b:f7:80:ef:15:98:fe:7c:48:94:e2:f6:84:35:0c:c5:e4:39: 3a:ed:69:0f:68:f5:46:e6:11:e6:15:78:3d:0b:a9:b2:b1:16: 47:06:a7:d6:9f:c5:ce:36:9d:2a:d3:2f:f1:b9:52:85:f1:6f: 26:4f:7f:52:95:c3:2a:25:f0:65:d4:b7:87:71:95:96:07:4e: 2b:de:51:76:84:6f:1a:39:71:39:dc:fe:fe:8e:ac:ad:e3:1c: 1c:0b:64:a2:3e:b7:20:1b:c5:33:2c:f0:ea:11:5e:97:63:b7: 75:20:14:7a:a0:b9:57:72:cd:8a:8c:03:98:ce:0c:d2:f6:af: 3c:ee:15:be:8e:f3:3c:42:c6:9b:20:1e:6d:b1:9f:dd:43:a9: 4c:33:6d:56:dd:fc:7f:18:16:fe:75:a5:8d:9a:b3:90:d6:3f: d1:c5:51:f3:3f:ee:3c:ef:79:88:e4:19:d3:59:6e:24:f0:c0: de:90:00:80:92:fe:e4:0c:e3:c6:7f:da:47:26:d8:a6:2d:4a: 56:ef:e1:61:fa:d6:fb:47:be:8e:99:e6:08:ea:7a:69:8a:46: 57:9c:50:98 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUb/RbEMY2+Sy6/ZkmI7ZmuxsoGWIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NDE1MFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAY2Y4ODBkNDEzYmQ0ODI2N2VkZDc4 NTA4ODA5N2VjZjgwYzBkY2E1ZTkwYjc3ODQxMmYyMmYyNTdiMDFmNTY0ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnyu967sc18d9VsTORjXwKR/D8JC 9ksXnCpsI+XAyFZd4QyhrShjsxr0dZDllXhACLCcnDOsDN7jIVqpt7fx4lQ2fBCN i3cchlDp19nZup3WQqctIwn0RF0A2Z2lBxbYDYVhm4WDabVzPE1f4C0jKY3AbecQ 7UiFJLr138sLzvaX838CciaY4U5bnVWJYCscyqqlsFOZ6o+wuLgNCfEPskhHnOKu 33Hey4BY0hWzwK/I8b9AEgKWeC+E+KBbkEDpN+dClncqZeNjnbXHsPF9zdLe/lY+ qVz/o2ZvCPzBUj8QhA38xOpZGbNIhCQvv0hnhlf7Qn4efJJ1xLNnfXhlDwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOIUZMQLcBMkj/t1jN4pYL1ESZANMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3MWJjZTVkLTE5ZDAtNDQ5MC1iYmYwLWY4OWM5ODJhYzhkOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGAAwDQYJKoZIhvcNAQELBQADggEBAHNLvljgsrqRbrJkYiL3 ZHcGQfp+lUbVi+WWKBMfK0a210pehgv3gO8VmP58SJTi9oQ1DMXkOTrtaQ9o9Ubm EeYVeD0LqbKxFkcGp9afxc42nSrTL/G5UoXxbyZPf1KVwyol8GXUt4dxlZYHTive UXaEbxo5cTnc/v6OrK3jHBwLZKI+tyAbxTMs8OoRXpdjt3UgFHqguVdyzYqMA5jO DNL2rzzuFb6O8zxCxpsgHm2xn91DqUwzbVbd/H8YFv51pY2as5DWP9HFUfM/7jzv eYjkGdNZbiTwwN6QAICS/uQM48Z/2kcm2KYtSlbv4WH61vtHvo6Z5gjqemmKRlec UJg= -----END CERTIFICATE-----Generated at Sat Jun 14 06:07:22 2025 by rpki-client