$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dcb796cd-0001-4f06-a9c5-198757a8dde6.roa File: dcb796cd-0001-4f06-a9c5-198757a8dde6.roa (raw, json) Hash identifier: f3w6QnIZRuLhdvQwhU/3HVOwxZrj6SOARfocHDygtYA= Subject key identifier: 54:B3:78:C9:B4:FB:25:AD:5D:D5:7C:39:02:86:92:C5:AF:96:98:51 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1DD34AB3402A6545F6BF224F9FE0EA6B8709435B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dcb796cd-0001-4f06-a9c5-198757a8dde6.roa Signing time: Tue 10 Jun 2025 15:41:39 +0000 ROA not before: Tue 10 Jun 2025 15:41:39 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:d3:4a:b3:40:2a:65:45:f6:bf:22:4f:9f:e0:ea:6b:87:09:43:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:41:39 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=21522a5e8ea5967aaa60c0b0935f35b9d206efeb938776204d4e1e109f55ced1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:22:c6:1a:57:64:61:d5:48:24:d8:00:a3:57: 32:56:dd:3e:c2:a0:0a:11:d6:23:31:78:a1:92:0d: 2e:b2:4c:5c:dc:72:0c:44:48:63:78:df:65:b8:97: e7:7a:15:11:95:72:2f:bf:7f:de:40:af:9e:79:04: 27:0c:75:af:e6:f2:90:7f:bc:57:ea:37:cb:f1:67: 4b:d4:54:9f:c0:30:e3:e5:6f:17:3f:11:7a:4c:24: 89:c6:dd:a6:97:9c:0e:38:b6:ee:60:ce:c5:5b:e4: bc:65:66:19:6b:8a:78:db:7f:69:6a:35:57:3d:b0: ec:b1:5c:63:de:9c:11:2f:4e:ce:04:8b:2f:7c:8c: 61:29:29:26:17:c2:ac:51:30:a9:0b:08:e9:d0:15: d4:9c:d1:a7:79:6e:8b:65:ce:4c:c6:58:3f:f8:bd: 4e:5e:66:09:28:70:61:7a:f1:48:32:06:82:40:08: fa:6e:0d:cb:0d:2d:a0:1b:99:fc:47:98:25:5b:c8: 53:22:88:9c:b4:36:7c:d7:1a:65:7d:6f:63:b3:82: 64:2a:e6:86:26:6a:e3:2b:20:98:cf:1b:3a:65:af: 73:20:cb:fd:26:8c:27:55:53:30:a8:fb:3d:6f:76: d6:8a:ac:46:14:22:02:85:59:46:c8:a9:a0:eb:15: c2:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:B3:78:C9:B4:FB:25:AD:5D:D5:7C:39:02:86:92:C5:AF:96:98:51 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dcb796cd-0001-4f06-a9c5-198757a8dde6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14::/38 Signature Algorithm: sha256WithRSAEncryption c3:85:08:6d:7f:3e:a1:28:76:a1:08:f7:ab:0e:43:33:97:a4: 66:a7:56:25:1e:1e:b0:b3:c2:b4:dc:b1:47:22:7b:df:2d:2a: 20:26:01:bc:3e:55:00:c9:6f:fb:4d:0a:a5:35:2b:89:f5:53: b2:62:4a:52:54:dd:3c:76:fc:c6:74:99:84:92:a9:00:0c:52: 80:87:71:ad:50:4a:c5:da:ff:79:5b:a7:36:cd:4a:37:2d:92: c4:1c:18:b0:2d:37:d0:b2:97:fc:a1:89:ce:94:19:d1:fb:43: 71:ce:80:0d:87:c6:2b:68:5f:77:d3:29:5d:02:5d:ce:6f:7b: f8:67:49:17:a2:ef:e5:f5:1a:6c:49:9d:86:35:a9:7c:29:3b: 72:70:6f:7a:67:b7:0e:73:f2:63:4b:c1:bd:64:0b:4a:57:b6: f6:4e:06:83:1c:64:4d:17:e4:8a:72:e3:f4:86:8e:09:25:d7: a5:2b:0e:6c:2b:46:c0:2c:c7:e0:ed:2a:40:b2:d7:e2:1e:d6: 8f:6e:46:dc:2a:2e:11:75:0f:25:7c:65:ee:46:a8:9a:50:e2: 4c:c2:53:8a:0c:64:2f:84:4c:f5:9e:03:36:ca:90:40:8d:23: 30:b4:94:60:b2:90:c8:f3:cb:aa:c2:25:ba:d9:56:89:22:40: 77:fc:de:6f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHdNKs0AqZUX2vyJPn+Dqa4cJQ1swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NDEzOVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMjE1MjJhNWU4ZWE1OTY3YWFhNjBj MGIwOTM1ZjM1YjlkMjA2ZWZlYjkzODc3NjIwNGQ0ZTFlMTA5ZjU1Y2VkMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCLGGldkYdVIJNgAo1cyVt0+wqAK EdYjMXihkg0uskxc3HIMREhjeN9luJfnehURlXIvv3/eQK+eeQQnDHWv5vKQf7xX 6jfL8WdL1FSfwDDj5W8XPxF6TCSJxt2ml5wOOLbuYM7FW+S8ZWYZa4p4239pajVX PbDssVxj3pwRL07OBIsvfIxhKSkmF8KsUTCpCwjp0BXUnNGneW6LZc5Mxlg/+L1O XmYJKHBhevFIMgaCQAj6bg3LDS2gG5n8R5glW8hTIoictDZ81xplfW9js4JkKuaG JmrjKyCYzxs6Za9zIMv9JownVVMwqPs9b3bWiqxGFCIChVlGyKmg6xXCBwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFSzeMm0+yWtXdV8OQKGksWvlphRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RjYjc5NmNkLTAwMDEtNGYwNi1hOWM1LTE5ODc1N2E4ZGRlNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFAAwDQYJKoZIhvcNAQELBQADggEBAMOFCG1/PqEodqEI96sO QzOXpGanViUeHrCzwrTcsUcie98tKiAmAbw+VQDJb/tNCqU1K4n1U7JiSlJU3Tx2 /MZ0mYSSqQAMUoCHca1QSsXa/3lbpzbNSjctksQcGLAtN9Cyl/yhic6UGdH7Q3HO gA2HxitoX3fTKV0CXc5ve/hnSRei7+X1GmxJnYY1qXwpO3Jwb3pntw5z8mNLwb1k C0pXtvZOBoMcZE0X5Ipy4/SGjgkl16UrDmwrRsAsx+DtKkCy1+Ie1o9uRtwqLhF1 DyV8Ze5GqJpQ4kzCU4oMZC+ETPWeAzbKkECNIzC0lGCykMjzy6rCJbrZVokiQHf8 3m8= -----END CERTIFICATE-----Generated at Sat Jun 14 06:23:06 2025 by rpki-client