$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa File: dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa (raw, json) Hash identifier: x45JFrFnyKQXSyyi12SMKGoSEkXi7RxdKWhpIIroaHs= Subject key identifier: 10:E3:3D:5E:3F:08:5F:43:4F:C0:27:0B:8E:3C:CC:D6:3B:CC:A4:0B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3EB9B1405E364145B7A1455EF1107C170C207820 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa Signing time: Tue 10 Jun 2025 15:12:11 +0000 ROA not before: Tue 10 Jun 2025 15:12:11 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:b9:b1:40:5e:36:41:45:b7:a1:45:5e:f1:10:7c:17:0c:20:78:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:12:11 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=ffd5d10404b735e424f6460de000c4b3e5e1cde8745b670f3b34cf1d8487c7eb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:cb:c5:c3:32:4f:63:e4:4d:a4:ff:90:bb:4a: 90:46:38:8a:d8:2f:68:46:73:41:72:bf:55:79:b1: 0c:54:7f:f2:42:f9:59:77:cf:52:0a:49:d7:dd:15: f9:d4:14:d9:85:d4:35:35:83:30:f5:d7:04:fd:47: 8f:ec:e8:f8:fc:e3:a3:72:5d:2f:0c:5b:9d:3e:3e: 56:a1:97:f4:18:43:90:21:80:53:a6:0f:4f:71:cb: 00:8f:f6:eb:0a:2e:4c:5d:ad:60:a6:92:d4:cd:ee: e9:de:c1:84:c5:f7:51:b9:35:47:57:88:62:cb:67: 4b:15:14:25:9f:10:d4:8f:dc:4e:f4:04:a6:2f:4f: df:a7:7b:62:ed:97:ae:e3:a4:9a:3e:ea:7f:97:bc: 39:7b:99:b1:21:c1:58:39:41:3e:f1:51:16:cb:68: 2b:86:40:81:7d:d3:0e:41:20:a5:34:eb:25:af:6c: 3f:ad:c3:8f:74:77:f7:7f:69:92:e6:8a:9f:6f:68: 77:44:06:9b:72:bd:1a:e9:77:71:a4:00:6f:75:2c: 73:2f:46:0c:12:4a:7a:2b:7c:76:4a:03:e1:f5:82: 23:ed:00:3f:c7:28:66:6e:4d:78:b8:e9:bf:bd:45: 71:d3:5d:a2:ca:52:54:0b:d3:41:c7:ee:d3:94:be: f8:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:E3:3D:5E:3F:08:5F:43:4F:C0:27:0B:8E:3C:CC:D6:3B:CC:A4:0B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:b000::/40 Signature Algorithm: sha256WithRSAEncryption 1a:4f:48:ad:14:d9:a6:b4:f7:09:ed:d8:63:90:be:19:26:59: 27:ff:dd:b1:39:c5:6e:27:e2:79:91:41:32:5c:9b:b5:90:a0: 96:12:89:4b:e8:fa:ef:2c:4a:78:25:7c:8c:0d:4c:09:99:cb: e7:e3:bc:42:b9:8a:81:9d:49:f8:3c:17:88:8a:56:93:b6:05: 5f:cb:96:d1:da:4f:5b:9d:6c:0c:a7:3b:0b:98:08:c2:ff:de: 1f:e9:9c:e1:48:92:9c:7d:77:c4:39:60:4a:37:f5:35:42:3b: fe:00:54:13:25:01:86:52:6f:5d:16:a0:5c:21:b7:34:cc:f6: b9:be:87:5f:52:80:4d:ea:b8:9c:c8:5c:fe:61:84:1b:f6:66: 10:31:dd:79:80:c2:88:08:e8:85:d3:cf:a8:cd:85:d7:ee:4b: 9b:09:00:3b:f8:b4:17:c7:43:99:42:ae:0e:79:95:24:0c:cd: 9d:35:a9:b1:76:5f:1d:9e:07:52:8c:81:35:32:ab:58:90:c8: 35:3c:34:54:ae:65:1e:aa:f0:2d:f0:e5:07:52:23:16:93:37: 32:28:d1:37:e3:04:d0:42:f8:82:b6:b9:a8:37:40:a5:9e:98: 29:bf:24:09:cc:32:15:e0:fc:33:7e:d5:5d:d1:66:86:9a:75: b9:72:ad:56 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPrmxQF42QUW3oUVe8RB8FwwgeCAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTIxMVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZmZkNWQxMDQwNGI3MzVlNDI0ZjY0 NjBkZTAwMGM0YjNlNWUxY2RlODc0NWI2NzBmM2IzNGNmMWQ4NDg3YzdlYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsvFwzJPY+RNpP+Qu0qQRjiK2C9o RnNBcr9VebEMVH/yQvlZd89SCknX3RX51BTZhdQ1NYMw9dcE/UeP7Oj4/OOjcl0v DFudPj5WoZf0GEOQIYBTpg9PccsAj/brCi5MXa1gppLUze7p3sGExfdRuTVHV4hi y2dLFRQlnxDUj9xO9ASmL0/fp3ti7Zeu46SaPup/l7w5e5mxIcFYOUE+8VEWy2gr hkCBfdMOQSClNOslr2w/rcOPdHf3f2mS5oqfb2h3RAabcr0a6XdxpABvdSxzL0YM Ekp6K3x2SgPh9YIj7QA/xyhmbk14uOm/vUVx012iylJUC9NBx+7TlL745wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBDjPV4/CF9DT8AnC448zNY7zKQLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RjM2E2OWJjLTBkOGItNDQzOC05MjkwLTdmNDFmNTkzNWU0Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+LAwDQYJKoZIhvcNAQELBQADggEBABpPSK0U2aa09wnt2GOQ vhkmWSf/3bE5xW4n4nmRQTJcm7WQoJYSiUvo+u8sSnglfIwNTAmZy+fjvEK5ioGd Sfg8F4iKVpO2BV/LltHaT1udbAynOwuYCML/3h/pnOFIkpx9d8Q5YEo39TVCO/4A VBMlAYZSb10WoFwhtzTM9rm+h19SgE3quJzIXP5hhBv2ZhAx3XmAwogI6IXTz6jN hdfuS5sJADv4tBfHQ5lCrg55lSQMzZ01qbF2Xx2eB1KMgTUyq1iQyDU8NFSuZR6q 8C3w5QdSIxaTNzIo0TfjBNBC+IK2uag3QKWemCm/JAnMMhXg/DN+1V3RZoaadbly rVY= -----END CERTIFICATE-----Generated at Sat Jun 14 06:18:18 2025 by rpki-client