$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa File: d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa (raw, json) Hash identifier: oSobMW7A2G8cdKE5ik0kpnoDz00k6Zhsi3d+YU9uYoI= Subject key identifier: C4:7F:A9:E0:26:52:A8:91:43:D0:8C:97:76:36:CE:AD:F6:B4:27:F4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68ADFB6636332E673915985197CCFE4CA681E61C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa Signing time: Mon 09 Jun 2025 15:10:25 +0000 ROA not before: Mon 09 Jun 2025 15:10:25 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4090::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:ad:fb:66:36:33:2e:67:39:15:98:51:97:cc:fe:4c:a6:81:e6:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:10:25 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=c52fd03e0bb94e901c82a9de5695b635fa2e0f5594c000bbcf5e206d504a7aef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d9:67:93:70:81:6f:1b:e7:97:93:e0:f0:b7: 59:d8:05:d7:4d:0c:d9:4e:25:f0:be:68:85:36:14: dc:0b:19:f0:18:4d:8d:04:48:5e:97:af:cc:0d:be: 20:6d:19:4e:e7:ba:cd:2d:06:f9:96:a5:f6:3b:7a: f3:b0:3b:49:fa:be:bc:a7:64:ce:cb:b8:28:be:49: 18:5b:72:04:9f:58:41:26:9f:32:35:f6:86:1a:30: f1:75:10:22:c1:a3:e7:9f:e0:50:d0:03:3b:f5:61: ff:c6:d8:d1:da:77:6b:4c:7c:00:49:82:a2:04:01: 08:e1:b2:7e:6f:9a:30:69:bd:55:a7:c2:ca:e2:17: f9:11:bd:f4:58:ad:e6:c2:a1:b4:4f:7d:9b:61:ee: 30:f7:8a:25:f5:fc:d8:f6:33:e6:61:73:e3:98:33: 32:32:21:ea:38:33:37:90:ad:ed:3a:29:60:78:bf: 06:ef:a3:e4:be:e8:1c:86:cc:d5:12:a7:65:bd:c4: 4b:c5:60:d1:63:f4:6b:d9:bf:90:2c:62:ec:d5:fe: 4b:ff:6e:d3:7a:15:4c:3a:cc:92:8e:3c:24:f6:a7: 40:94:d7:eb:2c:fd:6c:0b:1a:ea:a0:f3:1a:e2:90: 59:ac:41:84:d9:96:d9:c9:a9:a3:e0:d1:6f:22:c9: eb:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:7F:A9:E0:26:52:A8:91:43:D0:8C:97:76:36:CE:AD:F6:B4:27:F4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4090::/48 Signature Algorithm: sha256WithRSAEncryption c9:59:77:df:53:a1:64:03:31:5c:da:d1:d1:af:a0:e0:a2:fe: ba:7f:22:9a:7e:49:a1:31:49:b9:e9:fb:42:14:84:7f:77:1a: 33:ed:3b:43:e2:1f:e3:f5:46:7e:68:19:36:b6:09:25:bf:56: 8e:de:01:69:8d:00:99:ce:2c:5e:76:84:b8:3a:76:62:ee:21: 82:82:f4:ca:94:1c:79:cd:1f:c7:db:63:62:ef:e9:4b:30:72: cf:a4:18:6a:e3:5a:ed:c7:57:5c:19:42:bd:0e:b0:95:df:cf: 9a:c9:83:19:37:e3:76:41:26:a4:93:f1:84:d9:92:d5:01:63: 01:4b:99:b8:37:cb:96:29:b3:6e:a7:f8:04:4f:a6:88:cf:3d: ac:ac:35:c1:7d:c6:92:1c:55:ec:d6:43:e6:be:a5:0d:14:1e: d2:41:3e:f0:8f:16:30:ed:ce:1f:c1:79:ad:3d:88:8a:f1:2c: 31:d6:b7:a8:07:0f:e9:c7:bd:c5:cc:81:2d:f4:65:6b:c6:38: 29:59:3e:a8:23:2e:47:88:6f:ce:43:85:c9:8a:8a:c8:bf:0c: 7b:57:04:08:34:2b:f1:27:bb:2d:ef:dd:31:5b:16:29:fc:82: 2d:58:e1:5b:f7:64:23:ca:55:b0:2b:e0:c2:14:75:00:65:da: 42:e1:aa:c0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaK37ZjYzLmc5FZhRl8z+TKaB5hwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MTAyNVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAYzUyZmQwM2UwYmI5NGU5MDFjODJh OWRlNTY5NWI2MzVmYTJlMGY1NTk0YzAwMGJiY2Y1ZTIwNmQ1MDRhN2FlZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Nlnk3CBbxvnl5Pg8LdZ2AXXTQzZ TiXwvmiFNhTcCxnwGE2NBEhel6/MDb4gbRlO57rNLQb5lqX2O3rzsDtJ+r68p2TO y7govkkYW3IEn1hBJp8yNfaGGjDxdRAiwaPnn+BQ0AM79WH/xtjR2ndrTHwASYKi BAEI4bJ+b5owab1Vp8LK4hf5Eb30WK3mwqG0T32bYe4w94ol9fzY9jPmYXPjmDMy MiHqODM3kK3tOilgeL8G76PkvugchszVEqdlvcRLxWDRY/Rr2b+QLGLs1f5L/27T ehVMOsySjjwk9qdAlNfrLP1sCxrqoPMa4pBZrEGE2ZbZyamj4NFvIsnrswIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMR/qeAmUqiRQ9CMl3Y2zq32tCf0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4YjI3NWM3LTY3ZGQtNDFhNS1hNmM3LTY2NjhlMzI4OTlmZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAECQMA0GCSqGSIb3DQEBCwUAA4IBAQDJWXffU6FkAzFc2tHR r6Dgov66fyKafkmhMUm56ftCFIR/dxoz7TtD4h/j9UZ+aBk2tgklv1aO3gFpjQCZ zixedoS4OnZi7iGCgvTKlBx5zR/H22Ni7+lLMHLPpBhq41rtx1dcGUK9DrCV38+a yYMZN+N2QSakk/GE2ZLVAWMBS5m4N8uWKbNup/gET6aIzz2srDXBfcaSHFXs1kPm vqUNFB7SQT7wjxYw7c4fwXmtPYiK8Swx1reoBw/px73FzIEt9GVrxjgpWT6oIy5H iG/OQ4XJiorIvwx7VwQINCvxJ7st790xWxYp/IItWOFb92QjylWwK+DCFHUAZdpC 4arA -----END CERTIFICATE-----Generated at Sat Jun 14 06:18:24 2025 by rpki-client