$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e03a5801-427d-4783-a71e-c8578a0ffe7b.roa File: e03a5801-427d-4783-a71e-c8578a0ffe7b.roa (raw, json) Hash identifier: kJ8+FB4bGTdbw8Dc2GBjDK7Fr6rUtHzsPE7zd8GmHGA= Subject key identifier: A3:82:66:50:E2:51:9D:32:DA:87:36:E5:1B:46:BC:81:36:01:55:8A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 70153654089EE3FB1C38620EDEFD9824D8C27DF8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e03a5801-427d-4783-a71e-c8578a0ffe7b.roa Signing time: Tue 10 Jun 2025 15:21:11 +0000 ROA not before: Tue 10 Jun 2025 15:21:11 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:15:36:54:08:9e:e3:fb:1c:38:62:0e:de:fd:98:24:d8:c2:7d:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:21:11 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=36fe530e57d2d6ac0f01929391ee714673db5a009a9c5fd99b2dc52540dbada8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:8d:fd:f4:b1:b5:74:1b:57:03:c8:48:2c:ac: 15:d2:bd:a4:1c:78:16:3a:e9:2a:77:d4:5e:9d:80: db:88:a5:2e:f6:2b:f6:26:14:86:4c:03:9f:2d:af: a3:7c:ff:7a:a1:a6:dd:35:89:1e:3b:81:49:c3:83: 14:94:80:33:fb:ac:d1:6f:83:5e:21:bf:3a:62:45: 19:d2:dd:2a:15:af:48:46:81:71:df:f5:99:b7:2e: 84:36:56:e2:7b:87:db:55:67:dd:19:04:b4:9a:ec: f8:1d:65:3d:ea:68:d8:89:21:9e:15:c1:0a:8c:14: 7e:9a:80:a8:94:f0:04:0f:c0:7f:ec:b6:f4:a9:96: 26:f8:2e:0b:44:1f:fb:56:49:28:b4:8b:a8:52:61: f1:9d:7b:7e:e2:ff:ac:cd:88:d8:d3:ef:9b:db:e4: 4d:82:56:71:71:9b:2a:d5:24:6d:5c:7a:37:5c:88: 62:ba:e3:80:ff:b0:bb:c7:0f:6a:22:b0:62:f1:72: 81:bd:b5:af:a1:76:ae:7c:d8:43:39:5c:d0:a9:3a: ea:e3:91:22:be:97:0d:d5:21:90:57:1b:fe:48:9d: 96:5f:14:1c:d3:3e:99:9f:fe:e5:3b:d2:95:39:1d: 2c:25:56:eb:bb:33:7a:cf:c3:f3:88:7e:a8:c7:9e: b9:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:82:66:50:E2:51:9D:32:DA:87:36:E5:1B:46:BC:81:36:01:55:8A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e03a5801-427d-4783-a71e-c8578a0ffe7b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:4800::/40 Signature Algorithm: sha256WithRSAEncryption 03:43:17:9f:65:1a:f1:ba:aa:35:3e:b7:bc:4a:6b:a5:0f:39: 66:69:78:96:ac:5c:56:95:ed:9d:5d:a6:3c:ba:a0:e1:67:09: 7c:e1:50:23:77:1c:cc:40:ae:1e:7d:54:9d:ca:ab:f1:30:37: 41:f3:75:7e:43:fc:35:7e:e1:62:33:0f:72:f3:fc:56:88:c2: 1c:8c:7b:39:82:96:c6:cc:54:59:15:7d:70:1e:ab:eb:a4:b1: b4:4c:4c:da:47:4e:98:e0:28:57:c6:af:cf:0b:82:ba:19:49: 90:11:29:9e:06:3b:00:57:38:13:50:d4:64:70:10:37:f3:dc: e5:c6:22:4e:b1:c9:60:49:da:95:77:f3:1c:9f:1e:11:70:6c: fe:d4:55:d5:f6:7e:d0:94:24:0e:12:17:3d:1d:a7:5c:e8:6d: 8b:ad:fe:ea:47:01:e7:4e:00:bb:01:1d:b9:cb:e6:84:60:b8: c3:fc:61:5e:af:db:db:f7:f9:79:39:4b:dd:52:b9:d0:72:a8: a5:f3:9c:13:c4:89:ed:ca:8a:b0:09:15:4f:3e:77:e0:fc:2f: eb:20:37:28:cc:7e:17:59:8f:9e:53:bd:1e:46:e2:10:c8:13: b5:f7:db:79:d5:24:dd:64:fe:3f:7d:e0:94:6f:b5:50:fb:50: c1:c8:38:a3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcBU2VAie4/scOGIO3v2YJNjCffgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MjExMVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMzZmZTUzMGU1N2QyZDZhYzBmMDE5 MjkzOTFlZTcxNDY3M2RiNWEwMDlhOWM1ZmQ5OWIyZGM1MjU0MGRiYWRhODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I399LG1dBtXA8hILKwV0r2kHHgW Oukqd9RenYDbiKUu9iv2JhSGTAOfLa+jfP96oabdNYkeO4FJw4MUlIAz+6zRb4Ne Ib86YkUZ0t0qFa9IRoFx3/WZty6ENlbie4fbVWfdGQS0muz4HWU96mjYiSGeFcEK jBR+moColPAED8B/7Lb0qZYm+C4LRB/7VkkotIuoUmHxnXt+4v+szYjY0++b2+RN glZxcZsq1SRtXHo3XIhiuuOA/7C7xw9qIrBi8XKBvbWvoXaufNhDOVzQqTrq45Ei vpcN1SGQVxv+SJ2WXxQc0z6Zn/7lO9KVOR0sJVbruzN6z8PziH6ox5651wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKOCZlDiUZ0y2oc25RtGvIE2AVWKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwM2E1ODAxLTQyN2QtNDc4My1hNzFlLWM4NTc4YTBmZmU3Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9UgwDQYJKoZIhvcNAQELBQADggEBAANDF59lGvG6qjU+t7xK a6UPOWZpeJasXFaV7Z1dpjy6oOFnCXzhUCN3HMxArh59VJ3Kq/EwN0HzdX5D/DV+ 4WIzD3Lz/FaIwhyMezmClsbMVFkVfXAeq+uksbRMTNpHTpjgKFfGr88LgroZSZAR KZ4GOwBXOBNQ1GRwEDfz3OXGIk6xyWBJ2pV38xyfHhFwbP7UVdX2ftCUJA4SFz0d p1zobYut/upHAedOALsBHbnL5oRguMP8YV6v29v3+Xk5S91SudByqKXznBPEie3K irAJFU8+d+D8L+sgNyjMfhdZj55TvR5G4hDIE7X323nVJN1k/j994JRvtVD7UMHI OKM= -----END CERTIFICATE-----Generated at Sat Jun 14 06:29:14 2025 by rpki-client