$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3435dbb-5d1e-4948-8027-e6433f72bfc1.roa File: d3435dbb-5d1e-4948-8027-e6433f72bfc1.roa (raw, json) Hash identifier: m/fWs5ZJbrNK5J1iE+7b51CE+yvmCp4OH1lSNpXvCBg= Subject key identifier: F6:AF:7C:4F:A3:CC:D8:29:AF:C3:26:AA:79:59:C2:F3:23:E6:FF:21 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E3AB9717A1160B645E62A5493D696CC76219B59 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3435dbb-5d1e-4948-8027-e6433f72bfc1.roa Signing time: Mon 09 Jun 2025 15:01:21 +0000 ROA not before: Mon 09 Jun 2025 15:01:21 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c0a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:3a:b9:71:7a:11:60:b6:45:e6:2a:54:93:d6:96:cc:76:21:9b:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:01:21 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=26e1b9c70d946e7ae3885b1e37bf8375c2b27eb2608fcae69eb2afdbbe7ab3ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:bf:a0:fd:d1:3b:c0:87:9c:5d:2f:5d:a3:7c: 05:5d:d5:f1:ad:e6:01:5b:d9:ab:0a:fd:2b:e7:0b: c4:db:c2:6f:c7:82:9a:95:13:9a:9f:20:05:68:91: 1b:33:e3:d1:aa:06:55:15:0c:1f:37:f8:a0:e2:8d: e0:23:dd:63:97:8a:76:88:2a:6c:91:77:79:3a:8c: 6f:ba:1e:09:da:c6:b4:52:65:94:01:08:30:b0:e2: 2a:e2:75:08:d7:e5:7f:16:05:cb:f7:2d:b0:24:c4: 59:12:3e:30:a7:3e:96:37:7d:a6:d6:29:15:f4:fe: 7d:55:80:20:f6:b4:89:a8:9d:97:24:9f:7d:3a:5f: df:a0:dd:47:8e:9c:77:b6:bc:05:d6:d5:40:99:fe: 68:c4:be:94:06:d8:26:b8:6e:b0:e1:c0:1e:16:d4: d2:2f:96:49:61:20:91:cc:b4:6a:be:c1:89:a6:59: 63:2a:a3:f6:78:44:cf:0a:36:77:1a:92:20:79:50: 5b:73:e6:bf:a9:76:c9:85:82:e3:df:c5:0f:6e:a1: 3c:5d:aa:b6:c4:0a:63:80:19:99:c0:24:17:b9:5b: cc:75:e4:75:b8:26:00:09:b8:58:8d:27:75:77:28: 97:8f:1e:b8:1d:6e:e0:87:5b:eb:38:77:27:91:50: 0f:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:AF:7C:4F:A3:CC:D8:29:AF:C3:26:AA:79:59:C2:F3:23:E6:FF:21 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3435dbb-5d1e-4948-8027-e6433f72bfc1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c0a0::/48 Signature Algorithm: sha256WithRSAEncryption 98:fc:e2:2d:d4:f5:ce:66:0b:24:7d:8c:9d:f4:cf:8e:9f:ff: 82:c1:a3:5d:25:9c:02:1b:b2:3d:1d:90:23:1f:03:c1:a2:89: d3:dd:44:4d:bc:b3:77:76:d2:f0:fa:aa:ba:3b:59:9c:ee:25: 08:fc:e8:42:5b:e1:c1:d9:e1:06:ed:9e:79:11:20:3d:6f:a5: 46:bc:b0:17:6a:4c:57:5c:2a:a2:0a:09:8c:0d:0b:6f:10:ca: af:ce:7d:81:0f:59:a8:cc:8b:cf:0f:c2:d2:7d:31:c7:40:c4: 23:86:7d:70:66:b4:35:9a:fb:4f:70:2b:81:cd:e0:45:2c:5c: 83:84:db:ca:f7:49:7f:3d:23:a4:42:49:0a:87:c6:ed:94:58: 64:a9:79:34:4d:96:d8:ab:7c:21:20:14:12:ff:7a:f8:79:96: f7:cf:53:6f:5d:69:e8:32:29:b8:a1:fe:d5:77:65:e1:ec:4b: 89:94:cd:10:1b:71:07:52:f2:f7:86:3f:82:21:07:d7:05:69: 1c:89:c3:8f:36:11:3f:8e:6b:c1:46:9c:51:bd:e3:82:bb:c9: 1c:e5:95:09:6f:73:1b:9d:c5:95:c1:87:56:96:c4:60:4c:09: 0c:ec:39:2b:06:c1:a5:2c:16:24:86:a6:0a:cf:ee:4e:11:3a: 15:07:b6:2a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPjq5cXoRYLZF5ipUk9aWzHYhm1kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MDEyMVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAMjZlMWI5YzcwZDk0NmU3YWUzODg1 YjFlMzdiZjgzNzVjMmIyN2ViMjYwOGZjYWU2OWViMmFmZGJiZTdhYjNhYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L+g/dE7wIecXS9do3wFXdXxreYB W9mrCv0r5wvE28Jvx4KalROanyAFaJEbM+PRqgZVFQwfN/ig4o3gI91jl4p2iCps kXd5Ooxvuh4J2sa0UmWUAQgwsOIq4nUI1+V/FgXL9y2wJMRZEj4wpz6WN32m1ikV 9P59VYAg9rSJqJ2XJJ99Ol/foN1Hjpx3trwF1tVAmf5oxL6UBtgmuG6w4cAeFtTS L5ZJYSCRzLRqvsGJplljKqP2eETPCjZ3GpIgeVBbc+a/qXbJhYLj38UPbqE8Xaq2 xApjgBmZwCQXuVvMdeR1uCYACbhYjSd1dyiXjx64HW7gh1vrOHcnkVAPlwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPavfE+jzNgpr8MmqnlZwvMj5v8hMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QzNDM1ZGJiLTVkMWUtNDk0OC04MDI3LWU2NDMzZjcyYmZjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8CgMA0GCSqGSIb3DQEBCwUAA4IBAQCY/OIt1PXOZgskfYyd 9M+On/+CwaNdJZwCG7I9HZAjHwPBoonT3URNvLN3dtLw+qq6O1mc7iUI/OhCW+HB 2eEG7Z55ESA9b6VGvLAXakxXXCqiCgmMDQtvEMqvzn2BD1mozIvPD8LSfTHHQMQj hn1wZrQ1mvtPcCuBzeBFLFyDhNvK90l/PSOkQkkKh8btlFhkqXk0TZbYq3whIBQS /3r4eZb3z1NvXWnoMim4of7Vd2Xh7EuJlM0QG3EHUvL3hj+CIQfXBWkcicOPNhE/ jmvBRpxRveOCu8kc5ZUJb3MbncWVwYdWlsRgTAkM7DkrBsGlLBYkhqYKz+5OEToV B7Yq -----END CERTIFICATE-----Generated at Sat Jun 14 06:12:58 2025 by rpki-client