$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8788082-9bee-454b-a32c-e6d016b76179.roa File: c8788082-9bee-454b-a32c-e6d016b76179.roa (raw, json) Hash identifier: rI0VkO19HLGPuME8IpVe1KYT6z1fQ1aWHcYV+m1FMzQ= Subject key identifier: 09:92:7F:86:1E:11:45:BB:1E:1C:D0:5B:40:31:BC:7F:12:5E:E3:75 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2634DABB9BA495DCB3BF9BC3C80418226D483A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8788082-9bee-454b-a32c-e6d016b76179.roa Signing time: Fri 13 Jun 2025 00:00:53 +0000 ROA not before: Fri 13 Jun 2025 00:00:53 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da20:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:34:da:bb:9b:a4:95:dc:b3:bf:9b:c3:c8:04:18:22:6d:48:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:00:53 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=fa31ed6d2417c145f7b17846ab8bbeb1b76c51d50dc131626a3e00b915ed9f9d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:84:de:27:9c:85:33:05:b4:db:30:53:4c:71: 75:55:27:e7:e0:ba:29:d4:fc:b7:ed:83:f8:a1:18: c4:a9:33:70:46:1f:8f:25:04:6e:2e:f4:5e:20:ea: 3b:e6:c5:d6:e8:12:f5:e7:c2:ef:10:cb:a3:d0:f7: 97:c9:f5:96:af:15:29:47:75:67:18:a4:b9:18:1d: 58:f8:b2:93:56:d2:ec:c4:42:4e:e0:36:fd:3d:90: 07:0a:1d:a5:95:5a:3c:c4:ae:04:78:23:8d:0d:6c: b9:3d:b3:4b:cc:8d:94:77:6d:f0:bc:9b:41:bc:46: e7:63:6d:1b:74:d5:e2:10:b9:ca:da:b6:67:b9:f5: 4a:c5:a1:6f:4d:10:4b:f1:27:8b:28:6c:09:49:00: ff:86:48:aa:a2:19:76:45:c7:43:78:24:c1:1e:26: 09:c7:e7:c3:76:b4:62:d7:3b:8b:73:2b:66:31:78: 9f:4b:46:87:bb:4a:7a:c1:79:38:2f:32:9a:0c:f8: 36:b6:6e:4c:a0:9f:fc:7f:77:83:3a:c1:67:27:f4: 2e:4c:f3:95:63:7c:8c:cf:7b:65:b5:bd:36:56:c5: 33:a2:74:ba:e8:66:c2:70:59:61:b4:f9:93:ae:31: 47:24:7a:59:e6:1c:ff:15:c6:fc:b1:2d:70:79:94: 27:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:92:7F:86:1E:11:45:BB:1E:1C:D0:5B:40:31:BC:7F:12:5E:E3:75 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8788082-9bee-454b-a32c-e6d016b76179.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da20:8000::/36 Signature Algorithm: sha256WithRSAEncryption 77:e3:5b:15:25:0e:ea:41:fa:b0:3f:e5:5f:02:f0:8a:39:3d: 0e:9d:e8:44:17:13:4d:2c:50:e5:6a:1f:bd:ec:6d:02:17:69: e0:df:ad:60:0b:2d:ba:ea:ed:f4:ab:52:46:ab:8b:2a:8b:19: a8:f5:5f:f4:f2:a5:ce:3e:4c:2e:fc:1a:17:16:6f:9f:c2:10: 90:99:d3:b4:64:e8:e8:0d:2e:67:06:e9:41:56:d3:92:fc:20: 19:ab:14:50:b9:ce:9f:fe:47:7f:a1:44:f2:a9:e1:34:f3:08: 3a:f4:90:37:52:f3:15:70:b1:0c:b4:38:c8:18:68:19:d7:df: cf:d5:bb:d9:5c:c9:0b:21:f5:d6:75:a9:3f:26:5a:b2:52:c0: 55:28:d1:eb:cc:52:a5:c2:9e:71:8b:b0:ff:bf:68:4c:b4:5b: fc:ea:73:e6:c7:83:fa:ca:60:17:66:0a:15:f9:c1:fb:9d:fb: 9a:54:26:61:e2:7c:5b:8b:75:f2:18:b3:f5:9a:0d:53:eb:52: e1:63:aa:6a:11:e5:58:3d:e6:80:90:0b:22:1b:a8:95:35:c6: d6:a8:2f:d6:4f:c3:5b:f1:14:24:9d:8f:9f:5e:f8:02:18:10: 88:2e:8a:e1:33:6b:9d:f0:23:56:8d:07:a9:21:91:0e:26:84: 19:34:cb:f0 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITJjTau5ukldyzv5vDyAQYIm1IOjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwNjEzMDAwMDUzWhcN MjUwNzE4MjM1OTU5WjB6MUkwRwYDVQQFE0BmYTMxZWQ2ZDI0MTdjMTQ1ZjdiMTc4 NDZhYjhiYmViMWI3NmM1MWQ1MGRjMTMxNjI2YTNlMDBiOTE1ZWQ5ZjlkMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4hN4nnIUzBbTbMFNMcXVVJ+fguinU /Lftg/ihGMSpM3BGH48lBG4u9F4g6jvmxdboEvXnwu8Qy6PQ95fJ9ZavFSlHdWcY pLkYHVj4spNW0uzEQk7gNv09kAcKHaWVWjzErgR4I40NbLk9s0vMjZR3bfC8m0G8 RudjbRt01eIQucratme59UrFoW9NEEvxJ4sobAlJAP+GSKqiGXZFx0N4JMEeJgnH 58N2tGLXO4tzK2YxeJ9LRoe7SnrBeTgvMpoM+Da2bkygn/x/d4M6wWcn9C5M85Vj fIzPe2W1vTZWxTOidLroZsJwWWG0+ZOuMUckelnmHP8VxvyxLXB5lCdjAgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQUCZJ/hh4RRbseHNBbQDG8fxJe43UwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv Yzg3ODgwODItOWJlZS00NTRiLWEzMmMtZTZkMDE2Yjc2MTc5LnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgQkBtoggDANBgkqhkiG9w0BAQsFAAOCAQEAd+NbFSUO6kH6sD/lXwLw ijk9Dp3oRBcTTSxQ5WofvextAhdp4N+tYAstuurt9KtSRquLKosZqPVf9PKlzj5M LvwaFxZvn8IQkJnTtGTo6A0uZwbpQVbTkvwgGasUULnOn/5Hf6FE8qnhNPMIOvSQ N1LzFXCxDLQ4yBhoGdffz9W72VzJCyH11nWpPyZaslLAVSjR68xSpcKecYuw/79o TLRb/Opz5seD+spgF2YKFfnB+537mlQmYeJ8W4t18hiz9ZoNU+tS4WOqahHlWD3m gJALIhuolTXG1qgv1k/DW/EUJJ2Pn174AhgQiC6K4TNrnfAjVo0HqSGRDiaEGTTL 8A== -----END CERTIFICATE-----Generated at Sat Jun 14 05:57:00 2025 by rpki-client