$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca0c8ab7-0eda-4bcf-8475-be256fcdcaf5.roa File: ca0c8ab7-0eda-4bcf-8475-be256fcdcaf5.roa (raw, json) Hash identifier: e6xZ8JDY02Z8nPSve0UtepfqY+wKhgqlYyTSdT27SzA= Subject key identifier: CA:1A:28:C6:67:1A:BD:8A:13:40:42:97:45:35:D1:8D:95:4C:C0:AA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 768A7C3E7832F1A6F29E8CAF950EBC518262D952 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca0c8ab7-0eda-4bcf-8475-be256fcdcaf5.roa Signing time: Tue 10 Jun 2025 15:11:18 +0000 ROA not before: Tue 10 Jun 2025 15:11:18 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:8a:7c:3e:78:32:f1:a6:f2:9e:8c:af:95:0e:bc:51:82:62:d9:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:11:18 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=e356cc2365116a5e4a2addad10b88a84301bf17d14140c6654d809a4851e4132, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:48:00:62:0a:f3:59:42:3c:14:0c:af:ad:80: 7a:6f:fa:82:70:cf:ff:bc:64:61:e7:65:c1:cf:3d: c1:dd:cb:2e:75:ca:4e:88:5b:f1:39:87:b8:28:e1: 95:9a:19:b7:0c:60:a6:c7:f6:e7:9b:16:9b:14:96: 23:79:31:e5:59:d0:06:8e:92:c2:73:8c:27:0a:80: a0:a0:4a:a2:3a:b0:e4:9c:71:2b:fc:2e:dd:37:c7: 15:e7:f5:e2:eb:57:27:af:d6:56:b9:98:c7:4e:c6: 56:16:43:84:bd:f1:7f:d5:b8:bf:75:0e:d5:a4:19: 7d:e9:ca:b3:d8:28:48:48:30:14:a4:68:af:34:fd: 2c:ca:5f:f2:be:1b:5d:83:f3:24:1b:db:71:d5:d0: d2:74:bf:4b:48:4f:5e:da:bd:aa:7b:92:fb:97:b7: d2:2c:91:67:41:03:a6:e0:9d:5b:28:0c:72:dd:a1: 19:56:9a:fd:19:5e:06:01:43:a8:cd:20:6f:47:ab: 5d:a3:a0:08:20:a0:5f:3b:b2:87:10:91:cc:04:b2: 5d:a6:8f:f5:d0:04:7c:8d:de:17:68:c8:db:cf:35: 2a:1d:eb:a1:3a:f3:60:20:61:56:ea:54:31:07:22: f1:a3:63:7f:47:47:70:c6:c9:67:ce:ab:c0:4b:79: 1c:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:1A:28:C6:67:1A:BD:8A:13:40:42:97:45:35:D1:8D:95:4C:C0:AA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca0c8ab7-0eda-4bcf-8475-be256fcdcaf5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:c000::/40 Signature Algorithm: sha256WithRSAEncryption 62:21:04:c7:2b:a6:d4:cd:35:0a:16:d0:d3:b3:76:a8:4e:4f: 17:c5:53:6d:83:e5:09:d7:f0:03:2e:f6:77:86:d8:70:82:89: 83:8b:70:77:7b:b3:e5:47:31:24:d9:3e:80:f4:ec:41:3e:87: f3:ed:de:67:a8:75:42:37:2c:21:3d:15:cf:2f:0d:76:c8:bf: 1b:97:05:cf:c9:ce:84:31:58:3c:c0:00:37:7e:8e:69:43:4d: e0:f5:da:39:4f:25:82:72:ec:fd:07:27:54:15:05:6b:ac:fb: 70:96:29:41:77:3d:62:b5:2e:33:9e:2c:46:a0:ec:6a:68:00: a3:d0:43:7c:33:bf:25:2e:df:be:69:1f:fc:97:f3:60:46:f5: 6e:b7:c7:63:16:11:7b:a7:69:44:49:d7:02:71:8a:8c:30:67: 69:a8:92:86:7d:84:2f:4f:99:4f:b4:ed:ce:48:f4:ab:44:4d: 47:1b:fb:16:2e:94:26:4e:d7:b9:1f:b9:29:bd:c6:ac:38:73: 26:38:bd:00:bd:61:b5:96:7f:28:3d:b3:a0:b0:15:0b:ad:9e: 22:d3:ca:ec:11:68:24:9c:78:81:6d:cd:f9:23:3a:21:c8:38: 9f:ab:3e:af:02:48:e5:eb:04:42:26:06:4c:cb:6d:7d:05:63: 6e:d5:30:f1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdop8Pngy8abynoyvlQ68UYJi2VIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTExOFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZTM1NmNjMjM2NTExNmE1ZTRhMmFk ZGFkMTBiODhhODQzMDFiZjE3ZDE0MTQwYzY2NTRkODA5YTQ4NTFlNDEzMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEgAYgrzWUI8FAyvrYB6b/qCcM// vGRh52XBzz3B3csudcpOiFvxOYe4KOGVmhm3DGCmx/bnmxabFJYjeTHlWdAGjpLC c4wnCoCgoEqiOrDknHEr/C7dN8cV5/Xi61cnr9ZWuZjHTsZWFkOEvfF/1bi/dQ7V pBl96cqz2ChISDAUpGivNP0syl/yvhtdg/MkG9tx1dDSdL9LSE9e2r2qe5L7l7fS LJFnQQOm4J1bKAxy3aEZVpr9GV4GAUOozSBvR6tdo6AIIKBfO7KHEJHMBLJdpo/1 0AR8jd4XaMjbzzUqHeuhOvNgIGFW6lQxByLxo2N/R0dwxslnzqvAS3kc6QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMoaKMZnGr2KE0BCl0U10Y2VTMCqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NhMGM4YWI3LTBlZGEtNGJjZi04NDc1LWJlMjU2ZmNkY2FmNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/sAwDQYJKoZIhvcNAQELBQADggEBAGIhBMcrptTNNQoW0NOz dqhOTxfFU22D5QnX8AMu9neG2HCCiYOLcHd7s+VHMSTZPoD07EE+h/Pt3meodUI3 LCE9Fc8vDXbIvxuXBc/JzoQxWDzAADd+jmlDTeD12jlPJYJy7P0HJ1QVBWus+3CW KUF3PWK1LjOeLEag7GpoAKPQQ3wzvyUu375pH/yX82BG9W63x2MWEXunaURJ1wJx iowwZ2mokoZ9hC9PmU+07c5I9KtETUcb+xYulCZO17kfuSm9xqw4cyY4vQC9YbWW fyg9s6CwFQutniLTyuwRaCSceIFtzfkjOiHIOJ+rPq8CSOXrBEImBkzLbX0FY27V MPE= -----END CERTIFICATE-----Generated at Sat Jun 14 06:45:42 2025 by rpki-client