$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa File: e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa (raw, json) Hash identifier: Zrv9xn7bBkM3cJzYPdvx2w0p9hW+/TnofigLHWV29bI= Subject key identifier: BD:96:3C:5A:F7:4B:3D:C4:39:45:C6:49:AC:B2:59:DB:0C:37:76:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3386F4B03709FDF65130550734760926DF6669E0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa Signing time: Sat 07 Jun 2025 00:11:43 +0000 ROA not before: Sat 07 Jun 2025 00:11:43 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:86:f4:b0:37:09:fd:f6:51:30:55:07:34:76:09:26:df:66:69:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:11:43 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=1b6222f1449b1182f0f0b56cc7199811c54618c00cc0c8cfc3d647cff56240ba, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:59:92:24:7d:21:65:04:38:cf:d0:b3:2c:b8: 19:75:e1:ce:91:f2:92:44:f8:32:c4:a4:c6:f5:4b: 89:5c:57:99:40:06:30:7b:9f:6e:9a:08:82:2d:ee: 7b:8b:70:9e:aa:c3:88:97:69:85:76:a1:f5:47:e7: b2:17:ae:35:8b:ed:7e:43:68:f3:58:bc:e8:c1:fb: e1:6a:4e:96:2c:88:1f:6c:67:81:fe:6d:6d:6a:0a: cb:64:78:8f:78:07:7e:74:af:db:c1:77:7a:ba:85: 68:65:f7:30:58:8f:0d:78:d5:02:5d:65:6f:cb:e1: 80:24:e5:53:78:89:91:ca:2f:1a:31:dc:a1:12:e5: ef:e8:ef:ad:7b:7c:3d:bd:f2:97:f9:35:72:57:72: 7f:84:28:7b:c2:df:e1:73:12:b5:9a:51:f2:77:d7: 73:ce:58:ce:3c:4a:c0:26:29:f4:54:f8:82:40:e4: d9:fb:d7:cd:8e:75:a4:d7:03:9f:c2:fe:4d:f0:ba: 90:2b:e0:ce:64:fa:30:e2:65:3d:5d:ca:ee:ae:2f: 6b:14:27:8f:2a:a1:65:f3:e2:34:fc:d8:c6:17:13: d5:c0:eb:42:eb:a4:1e:de:e1:9f:d5:0e:b0:ad:2d: fe:1c:62:11:ec:96:88:2b:55:9b:95:6d:66:1b:42: 8f:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:96:3C:5A:F7:4B:3D:C4:39:45:C6:49:AC:B2:59:DB:0C:37:76:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 39:2c:72:4b:c4:60:b2:2b:95:2d:b7:bc:59:dc:05:82:da:19: 9c:f5:6e:02:55:8d:f0:7c:2a:b6:60:e2:52:90:be:79:13:ee: 79:12:1d:55:43:b9:5e:f6:c9:9a:28:7e:bc:73:6f:ed:d4:a0: 12:49:a0:5d:d5:cd:c5:ea:6c:81:0f:ef:92:cc:c0:f3:6e:59: 69:74:f8:14:e9:7a:6c:07:72:c8:d2:61:4b:22:04:53:32:96: f7:98:b7:27:ea:ff:f3:b4:75:f4:6f:c6:d7:75:0e:69:e2:74: 76:c9:67:97:84:96:6d:5f:5c:63:9f:3c:06:df:c0:9a:5c:99: 7b:d7:10:f3:ee:12:3f:9f:3b:bd:b7:66:44:25:a5:48:26:f9: 34:d4:66:d5:74:0a:23:3f:87:03:aa:d0:ec:d7:e3:4c:7a:3d: b4:de:b6:65:34:98:93:2c:9a:80:30:d9:e1:b6:2e:23:7f:fb: 07:5c:1c:fb:83:dc:20:6c:2c:f7:33:51:f5:4c:dc:be:72:f1: ed:21:5b:f7:b2:71:4f:8e:73:40:fc:e4:05:e9:57:c0:5d:a2: 6d:7f:b2:31:c4:5b:2d:b4:0c:6f:1a:04:10:a6:a3:fb:6f:da: 79:27:f8:93:b2:95:81:e2:76:4b:7d:4b:bc:71:7b:91:dc:f3: 82:00:b3:87 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUM4b0sDcJ/fZRMFUHNHYJJt9maeAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMTE0M1oX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAMWI2MjIyZjE0NDliMTE4MmYwZjBi NTZjYzcxOTk4MTFjNTQ2MThjMDBjYzBjOGNmYzNkNjQ3Y2ZmNTYyNDBiYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FmSJH0hZQQ4z9CzLLgZdeHOkfKS RPgyxKTG9UuJXFeZQAYwe59umgiCLe57i3CeqsOIl2mFdqH1R+eyF641i+1+Q2jz WLzowfvhak6WLIgfbGeB/m1tagrLZHiPeAd+dK/bwXd6uoVoZfcwWI8NeNUCXWVv y+GAJOVTeImRyi8aMdyhEuXv6O+te3w9vfKX+TVyV3J/hCh7wt/hcxK1mlHyd9dz zljOPErAJin0VPiCQOTZ+9fNjnWk1wOfwv5N8LqQK+DOZPow4mU9Xcruri9rFCeP KqFl8+I0/NjGFxPVwOtC66Qe3uGf1Q6wrS3+HGIR7JaIK1WblW1mG0KPMQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL2WPFr3Sz3EOUXGSayyWdsMN3b4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzZGVkNWM0LWYyZDYtNGRjNC1iMDFjLTU5MDkyNzA3MmUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYYDAMA0GCSqGSIb3DQEBCwUAA4IBAQA5LHJLxGCyK5Utt7xZ 3AWC2hmc9W4CVY3wfCq2YOJSkL55E+55Eh1VQ7le9smaKH68c2/t1KASSaBd1c3F 6myBD++SzMDzbllpdPgU6XpsB3LI0mFLIgRTMpb3mLcn6v/ztHX0b8bXdQ5p4nR2 yWeXhJZtX1xjnzwG38CaXJl71xDz7hI/nzu9t2ZEJaVIJvk01GbVdAojP4cDqtDs 1+NMej203rZlNJiTLJqAMNnhti4jf/sHXBz7g9wgbCz3M1H1TNy+cvHtIVv3snFP jnNA/OQF6VfAXaJtf7IxxFsttAxvGgQQpqP7b9p5J/iTspWB4nZLfUu8cXuR3POC ALOH -----END CERTIFICATE-----Generated at Sat Jun 14 06:02:11 2025 by rpki-client