$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa File: e32899b9-14c3-4649-a1dc-82fec0214193.roa (raw, json) Hash identifier: oWOj+92N3A2031HB3QUYULFbi2/rByxntad3rlfYfgA= Subject key identifier: C3:5B:F7:85:50:8B:81:E2:75:1C:57:D7:F7:EF:13:10:64:1B:DD:A1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1C5A06A11F48DD431BD36C1996AE9FF1516191FF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa Signing time: Sat 07 Jun 2025 00:00:53 +0000 ROA not before: Sat 07 Jun 2025 00:00:53 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:5a:06:a1:1f:48:dd:43:1b:d3:6c:19:96:ae:9f:f1:51:61:91:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:00:53 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=3d70f2abe11dc4362dbafb2a68f09b7c58156539564121e0a8fb4806799f531f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d3:bd:e4:56:b8:ca:3f:4a:5d:45:74:3b:99: e6:93:54:c1:cf:42:db:fb:f4:0c:4f:60:5e:f4:af: 53:5d:9f:ad:ac:08:c1:7e:a0:e1:87:fb:1a:43:03: 09:35:fa:9e:07:be:4f:c4:9f:ef:00:ec:1c:ce:7f: e8:eb:6d:fc:ca:ab:38:58:66:40:b5:ad:69:37:aa: b4:32:13:8c:a0:f5:38:3a:2b:b5:9c:a3:d0:15:02: 74:db:d4:ee:a7:31:29:19:5e:fe:ee:98:51:7b:7d: 30:de:8b:dd:82:24:61:21:68:eb:a6:65:20:46:aa: f5:41:3a:c9:7d:c8:3b:57:7a:34:5e:6d:4e:1e:eb: e5:7e:0b:16:0b:65:de:04:a7:b0:c4:bb:63:75:8d: 19:9b:13:aa:9e:f2:b7:c4:6f:7f:28:09:fc:07:cc: be:cc:9b:80:dd:ce:57:54:97:a3:ab:a7:5f:6a:bc: c6:98:31:1b:32:98:d3:ac:f6:75:83:64:9f:03:36: 8e:a4:46:ad:f7:92:37:3d:9d:c7:18:b2:e1:62:b0: 8c:28:46:dc:36:1b:d1:78:7f:49:7c:9b:ff:fd:35: 59:ef:19:8e:e5:a8:da:a7:56:bf:3d:2c:3a:eb:50: 75:d0:56:6d:69:4b:f7:34:ce:9a:97:6a:4c:9c:83: ca:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:5B:F7:85:50:8B:81:E2:75:1C:57:D7:F7:EF:13:10:64:1B:DD:A1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:e080::/48 Signature Algorithm: sha256WithRSAEncryption 3d:c5:12:6a:35:50:5b:c2:32:dc:b4:be:bb:a3:22:fd:c3:a4: 8f:30:0a:97:d2:56:b4:e5:9a:73:1b:08:5c:2a:99:7c:5c:3c: 7d:12:56:3e:bd:26:5c:bb:be:b4:11:ed:18:e1:09:d7:a0:c9: 58:da:76:82:87:28:91:8c:6d:ba:07:0a:0c:58:1b:03:c0:e7: 40:82:99:d3:dc:80:e6:9b:7c:ea:22:d6:37:ad:1e:cb:00:b8: c6:db:08:9c:dd:dd:49:34:14:df:3d:cd:0d:f5:6c:1e:ad:8c: d4:c7:4a:6a:bc:60:fc:d6:88:8e:68:0e:75:86:56:0e:9f:b2: 0c:90:d3:6b:d3:81:68:94:ef:4c:2f:4d:0b:09:41:2b:08:0c: 21:a2:3d:e4:84:b7:1f:c3:9e:97:bd:1b:f8:0c:e3:15:d8:34: 61:14:5d:69:bc:bf:6b:9f:16:d3:c8:84:9d:19:12:08:a6:31: a5:62:66:cf:4c:bb:45:31:50:f9:17:f7:f1:53:0e:e1:9f:e7: b8:ec:24:cb:b4:87:7b:a7:55:e0:a1:5b:f0:1d:68:0c:43:e0: eb:a0:6a:7b:03:4c:ce:b1:24:d2:b7:86:20:d5:8a:b8:ec:b7: 96:8f:e6:3f:09:9c:69:cb:71:09:e6:35:ba:41:4d:30:3d:d4: 4c:00:01:48 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHFoGoR9I3UMb02wZlq6f8VFhkf8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMDA1M1oX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAM2Q3MGYyYWJlMTFkYzQzNjJkYmFm YjJhNjhmMDliN2M1ODE1NjUzOTU2NDEyMWUwYThmYjQ4MDY3OTlmNTMxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tO95Fa4yj9KXUV0O5nmk1TBz0Lb +/QMT2Be9K9TXZ+trAjBfqDhh/saQwMJNfqeB75PxJ/vAOwczn/o6238yqs4WGZA ta1pN6q0MhOMoPU4Oiu1nKPQFQJ029TupzEpGV7+7phRe30w3ovdgiRhIWjrpmUg Rqr1QTrJfcg7V3o0Xm1OHuvlfgsWC2XeBKewxLtjdY0ZmxOqnvK3xG9/KAn8B8y+ zJuA3c5XVJejq6dfarzGmDEbMpjTrPZ1g2SfAzaOpEat95I3PZ3HGLLhYrCMKEbc NhvReH9JfJv//TVZ7xmO5ajap1a/PSw661B10FZtaUv3NM6al2pMnIPKlwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMNb94VQi4HidRxX1/fvExBkG92hMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzMjg5OWI5LTE0YzMtNDY0OS1hMWRjLTgyZmVjMDIxNDE5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAOCAMA0GCSqGSIb3DQEBCwUAA4IBAQA9xRJqNVBbwjLctL67 oyL9w6SPMAqX0la05ZpzGwhcKpl8XDx9ElY+vSZcu760Ee0Y4QnXoMlY2naChyiR jG26BwoMWBsDwOdAgpnT3IDmm3zqItY3rR7LALjG2wic3d1JNBTfPc0N9WwerYzU x0pqvGD81oiOaA51hlYOn7IMkNNr04FolO9ML00LCUErCAwhoj3khLcfw56XvRv4 DOMV2DRhFF1pvL9rnxbTyISdGRIIpjGlYmbPTLtFMVD5F/fxUw7hn+e47CTLtId7 p1XgoVvwHWgMQ+DroGp7A0zOsSTSt4Yg1Yq47LeWj+Y/CZxpy3EJ5jW6QU0wPdRM AAFI -----END CERTIFICATE-----Generated at Sat Jun 14 06:27:13 2025 by rpki-client