$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db5682b0-dca6-45be-b164-56698b11cc97.roa File: db5682b0-dca6-45be-b164-56698b11cc97.roa (raw, json) Hash identifier: lExK6XdHOD6AB/lCXtmYh5h5pWEjELfNllRkV/y7NK8= Subject key identifier: 42:30:77:80:38:22:C8:0F:FD:0C:28:78:17:45:50:C0:D6:D8:A9:98 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2F889197669BE07383CC6968E3A69E6DCB6C45B9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db5682b0-dca6-45be-b164-56698b11cc97.roa Signing time: Mon 09 Jun 2025 15:31:16 +0000 ROA not before: Mon 09 Jun 2025 15:31:16 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:88:91:97:66:9b:e0:73:83:cc:69:68:e3:a6:9e:6d:cb:6c:45:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:31:16 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=2a0060334cc7f8a2f7b2f4e46484eaa05d068592bdf01958294948e2522666ad, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:19:ab:3f:51:05:2f:40:5f:2e:9d:8d:a9:91: 09:41:f0:00:03:bb:46:2e:d1:ab:f7:b5:bf:df:56: fc:a3:35:37:0c:37:0d:f2:89:ed:c4:a9:18:6c:8c: d4:5e:a5:0d:6d:6a:49:df:4d:54:09:33:82:b9:01: 79:01:b9:49:7c:f8:e3:f0:0b:41:7a:4c:67:04:c9: d8:62:e0:61:8b:84:bd:05:2d:1c:04:e3:d1:1e:5d: 6e:df:06:44:de:c1:0a:61:cc:fc:3e:a5:35:62:f0: 06:6c:fb:00:59:80:0e:c8:79:c4:d0:33:7e:eb:39: 45:32:d3:e5:42:fa:d0:bb:54:7e:45:7e:b1:39:44: 1c:0c:33:b0:a4:57:0d:28:c7:ff:48:0e:0f:19:7f: 85:ba:ca:84:ff:45:e8:fe:e4:bf:06:81:cd:94:03: f9:f2:b7:a4:62:7c:b1:fe:f4:c6:61:3d:95:ab:e1: a1:c6:73:c0:f7:5f:1b:a2:86:ba:c6:2f:4b:d9:07: ec:38:65:f3:47:dc:b2:0a:6b:b4:d7:8f:72:36:f4: e7:14:7d:12:8f:1a:25:08:6b:34:ef:01:22:ea:78: 4c:3d:04:bf:cf:ff:7c:60:d3:1b:0d:e2:43:4a:e2: 72:5f:86:b3:51:5f:a7:d0:9b:72:63:10:16:79:f9: 93:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:30:77:80:38:22:C8:0F:FD:0C:28:78:17:45:50:C0:D6:D8:A9:98 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db5682b0-dca6-45be-b164-56698b11cc97.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:10c0::/48 Signature Algorithm: sha256WithRSAEncryption c4:b2:c1:e9:ec:d3:83:b9:76:a9:6d:bb:86:25:55:ba:89:12: bb:03:17:54:9f:67:63:6e:70:7b:db:36:37:14:56:f3:54:b6: 3b:98:d9:fd:15:b6:82:5c:ea:ac:e6:2d:19:30:3c:f8:28:18: 87:3c:68:c6:98:8c:07:21:9c:c2:d8:de:30:07:10:4e:39:ab: 59:bd:29:8c:fe:e6:b4:31:23:7c:fc:93:bf:d6:e9:d2:4b:46: d3:19:ce:35:47:d8:f9:e5:d1:32:fd:d3:5f:48:9f:93:e7:bd: e9:22:26:ec:89:47:02:d0:9a:11:9b:f0:c2:f0:af:6e:e6:1a: 7b:88:dc:80:94:e0:94:ac:97:c2:a8:8f:0b:73:95:57:59:32: c7:f2:0c:4e:5f:5e:24:a5:24:6c:19:99:b4:58:19:0c:08:a8: d3:ca:bb:a5:d4:c6:bc:de:c3:d0:5a:3f:f4:b5:1e:a9:9b:8e: 4f:a2:c4:9d:91:4b:77:6b:ac:7a:e8:37:45:05:b2:4a:e5:4a: ae:f6:c9:05:0c:3b:45:e3:6a:8c:08:da:e1:73:f4:ec:15:f9: 28:62:06:32:05:d8:41:29:e8:cf:33:4d:06:e5:3d:f1:6d:f2: 62:ef:93:42:02:43:51:7a:fe:92:e0:c9:f8:a9:30:87:c3:6b: ed:4c:e2:63 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUL4iRl2ab4HODzGlo46aebctsRbkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MzExNloX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAMmEwMDYwMzM0Y2M3ZjhhMmY3YjJm NGU0NjQ4NGVhYTA1ZDA2ODU5MmJkZjAxOTU4Mjk0OTQ4ZTI1MjI2NjZhZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBmrP1EFL0BfLp2NqZEJQfAAA7tG LtGr97W/31b8ozU3DDcN8ontxKkYbIzUXqUNbWpJ301UCTOCuQF5AblJfPjj8AtB ekxnBMnYYuBhi4S9BS0cBOPRHl1u3wZE3sEKYcz8PqU1YvAGbPsAWYAOyHnE0DN+ 6zlFMtPlQvrQu1R+RX6xOUQcDDOwpFcNKMf/SA4PGX+FusqE/0Xo/uS/BoHNlAP5 8rekYnyx/vTGYT2Vq+GhxnPA918booa6xi9L2QfsOGXzR9yyCmu0149yNvTnFH0S jxolCGs07wEi6nhMPQS/z/98YNMbDeJDSuJyX4azUV+n0JtyYxAWefmTSQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEIwd4A4IsgP/QwoeBdFUMDW2KmYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiNTY4MmIwLWRjYTYtNDViZS1iMTY0LTU2Njk4YjExY2M5Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8hDAMA0GCSqGSIb3DQEBCwUAA4IBAQDEssHp7NODuXapbbuG JVW6iRK7AxdUn2djbnB72zY3FFbzVLY7mNn9FbaCXOqs5i0ZMDz4KBiHPGjGmIwH IZzC2N4wBxBOOatZvSmM/ua0MSN8/JO/1unSS0bTGc41R9j55dEy/dNfSJ+T573p IibsiUcC0JoRm/DC8K9u5hp7iNyAlOCUrJfCqI8Lc5VXWTLH8gxOX14kpSRsGZm0 WBkMCKjTyrul1Ma83sPQWj/0tR6pm45PosSdkUt3a6x66DdFBbJK5Uqu9skFDDtF 42qMCNrhc/TsFfkoYgYyBdhBKejPM00G5T3xbfJi75NCAkNRev6S4Mn4qTCHw2vt TOJj -----END CERTIFICATE-----Generated at Sat Jun 14 06:37:30 2025 by rpki-client