$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf35e264-b53a-4b49-a7c8-5b159b7ccfd7.roa File: cf35e264-b53a-4b49-a7c8-5b159b7ccfd7.roa (raw, json) Hash identifier: SHJyk0qUVmBzb1RDfycznh6slGfOf6rDbTIENX04Cdg= Subject key identifier: 4B:BE:B2:57:BA:0A:18:02:B7:39:C1:A6:AF:A0:7F:E5:7A:1B:1D:B6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3A78432D98809E656EF71DC331C9D98CB92B7A30 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf35e264-b53a-4b49-a7c8-5b159b7ccfd7.roa Signing time: Tue 10 Jun 2025 15:21:43 +0000 ROA not before: Tue 10 Jun 2025 15:21:43 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:78:43:2d:98:80:9e:65:6e:f7:1d:c3:31:c9:d9:8c:b9:2b:7a:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:21:43 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=d4d8fade90539d325ed84f400b49200e599274e41497097ea34c95fe8268c655, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:7e:31:95:69:c1:36:63:51:ef:d2:e0:34:57: b9:35:54:cc:07:e5:7a:f8:bc:94:cb:9d:c3:ae:b6: 74:0d:0f:2d:a7:61:97:f7:ee:a2:5e:ca:10:cb:45: b2:9c:32:c3:ff:99:b7:7e:55:95:8e:bd:d4:77:2e: 0c:d1:2c:49:80:26:28:32:ee:32:cf:e3:8b:78:d5: 12:94:52:92:4c:b8:9c:65:ef:01:f7:01:58:1f:fe: 2d:a5:7e:32:cb:8c:5f:d1:df:2b:3f:a5:08:58:a0: 87:4c:60:c0:0e:22:92:9e:97:64:c5:62:c9:b2:1a: 77:a8:2c:1e:12:b0:28:ae:f1:56:92:b2:f3:5a:5f: 47:fb:62:d1:8c:99:4f:7e:b4:19:c3:69:bd:65:77: 8e:bd:51:34:e2:c9:d0:ae:d6:3e:6d:ea:38:ca:1c: 69:90:39:dc:87:32:f5:1b:7f:22:4a:83:31:8f:2a: 5e:e9:30:99:1d:70:5c:1f:3b:4f:d8:f8:7c:7f:9f: 29:86:86:64:3d:7d:7b:7c:db:36:10:4f:20:5e:bc: 50:ba:0d:51:b5:b0:f5:1b:f7:a9:76:4d:c6:46:7f: ab:46:77:d7:51:f6:7f:fb:1b:a2:7d:e4:5d:9f:e7: 6d:ed:81:94:21:cc:d6:4f:6e:3f:ae:c9:38:3b:00: 22:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:BE:B2:57:BA:0A:18:02:B7:39:C1:A6:AF:A0:7F:E5:7A:1B:1D:B6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf35e264-b53a-4b49-a7c8-5b159b7ccfd7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:4800::/40 Signature Algorithm: sha256WithRSAEncryption 9f:eb:29:59:8f:94:08:d1:ff:76:73:fa:c3:df:7b:be:60:63: 2d:f0:f7:6e:dd:7a:2e:f7:96:8e:47:c5:1f:de:9f:e1:08:4c: ec:51:f9:46:46:67:c7:b5:7f:46:b0:0a:d3:0e:cd:40:e7:fa: ee:fc:0e:0d:ed:df:e3:6a:d6:32:b1:63:07:72:2e:f7:d7:ac: 55:0a:27:7f:92:29:55:ff:c6:8a:08:d4:7e:c0:d5:08:7b:2b: 25:a5:65:b0:d9:af:37:68:9a:a6:28:3e:3b:55:4d:92:29:69: 28:32:2d:25:ea:4f:a5:4c:d4:61:cd:18:9c:0e:cd:a5:c6:f8: 47:63:ef:72:b4:05:38:37:3e:8a:7f:6e:c6:34:e5:1c:d4:dd: f5:e6:5f:4f:00:c4:0f:e6:f6:ec:ec:4e:4b:e7:3b:63:f8:7b: 1d:90:bc:9e:e3:e4:6a:86:48:c0:4c:a0:0c:d5:a8:76:e6:f7: f8:ba:5c:6f:12:e3:85:1d:f1:45:ff:25:83:d1:9a:db:3c:e5: e4:6f:de:ae:41:42:b0:93:7e:e1:e0:77:e4:68:64:3d:51:57: f8:50:b3:2b:58:72:e4:0f:7b:62:21:5e:54:2d:b7:1c:1b:2a: 45:3c:07:b3:e5:6f:7c:f5:2f:ae:b5:82:57:f7:b1:1b:05:1b: ab:e9:1c:74 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOnhDLZiAnmVu9x3DMcnZjLkrejAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MjE0M1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZDRkOGZhZGU5MDUzOWQzMjVlZDg0 ZjQwMGI0OTIwMGU1OTkyNzRlNDE0OTcwOTdlYTM0Yzk1ZmU4MjY4YzY1NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH4xlWnBNmNR79LgNFe5NVTMB+V6 +LyUy53DrrZ0DQ8tp2GX9+6iXsoQy0WynDLD/5m3flWVjr3Udy4M0SxJgCYoMu4y z+OLeNUSlFKSTLicZe8B9wFYH/4tpX4yy4xf0d8rP6UIWKCHTGDADiKSnpdkxWLJ shp3qCweErAorvFWkrLzWl9H+2LRjJlPfrQZw2m9ZXeOvVE04snQrtY+beo4yhxp kDnchzL1G38iSoMxjype6TCZHXBcHztP2Ph8f58phoZkPX17fNs2EE8gXrxQug1R tbD1G/epdk3GRn+rRnfXUfZ/+xuifeRdn+dt7YGUIczWT24/rsk4OwAicwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEu+sle6ChgCtznBpq+gf+V6Gx22MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmMzVlMjY0LWI1M2EtNGI0OS1hN2M4LTViMTU5YjdjY2ZkNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8UgwDQYJKoZIhvcNAQELBQADggEBAJ/rKVmPlAjR/3Zz+sPf e75gYy3w927dei73lo5HxR/en+EITOxR+UZGZ8e1f0awCtMOzUDn+u78Dg3t3+Nq 1jKxYwdyLvfXrFUKJ3+SKVX/xooI1H7A1Qh7KyWlZbDZrzdomqYoPjtVTZIpaSgy LSXqT6VM1GHNGJwOzaXG+Edj73K0BTg3Pop/bsY05RzU3fXmX08AxA/m9uzsTkvn O2P4ex2QvJ7j5GqGSMBMoAzVqHbm9/i6XG8S44Ud8UX/JYPRmts85eRv3q5BQrCT fuHgd+RoZD1RV/hQsytYcuQPe2IhXlQttxwbKkU8B7Plb3z1L661glf3sRsFG6vp HHQ= -----END CERTIFICATE-----Generated at Sat Jun 14 06:01:02 2025 by rpki-client