$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec2f6208-6914-4802-9cae-8f5bdc6d9003.roa File: ec2f6208-6914-4802-9cae-8f5bdc6d9003.roa (raw, json) Hash identifier: eRTJTzyb6SeuBh/mULJTsptY4dD4bOHis6MhtDiMBSU= Subject key identifier: B1:78:95:1D:6B:E3:89:B2:4A:48:B3:CC:8D:2D:FA:7C:90:5A:D8:43 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 63EF201943DC74B016F578255216F09BFBB9BFA4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec2f6208-6914-4802-9cae-8f5bdc6d9003.roa Signing time: Mon 09 Jun 2025 15:11:36 +0000 ROA not before: Mon 09 Jun 2025 15:11:36 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:7080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:ef:20:19:43:dc:74:b0:16:f5:78:25:52:16:f0:9b:fb:b9:bf:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:11:36 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=e999b5f49352bddeb7d5549ecdf60ee96351c48ca4f1a62cec527e7e297411cf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:04:1f:a8:11:c8:78:c6:e5:f9:e6:91:d1:e4: f8:57:20:35:dc:5b:52:ee:d5:7c:79:3e:ef:6c:16: 75:85:9a:7a:b1:18:37:80:f4:0d:0c:d4:b8:ec:d1: 62:fb:fe:63:4b:8a:c4:ec:d8:58:6f:08:e4:33:d0: 7d:77:a1:46:1b:ac:fb:dc:f8:da:81:78:0f:e3:4b: 32:18:0d:a9:51:d9:f9:ed:0c:9d:3e:a2:89:3a:ea: 37:f3:53:89:04:92:01:3c:4c:bf:ee:ee:4c:76:80: c2:ea:d1:17:ea:d4:f4:9f:35:e0:74:88:8f:9c:e6: 48:4e:28:1d:8a:e4:05:7c:f7:4b:14:46:45:e3:7e: cc:56:b5:7f:59:77:46:ef:cd:74:89:f4:b3:ba:10: 25:c7:e9:be:3c:05:79:6c:a3:32:47:49:5b:30:64: 76:8d:d8:71:b2:b8:28:92:3e:97:d5:50:1f:43:9a: a7:e4:6d:f9:a1:4c:b9:3b:53:b8:13:c2:4b:0e:e5: 06:79:cf:96:37:15:ac:82:07:ec:59:24:20:1c:71: 86:21:36:61:b9:17:03:e7:69:cd:0a:22:60:48:e1: 33:5b:0d:cd:6c:d4:4c:63:c7:c3:3b:a0:4d:02:10: 98:4d:a2:e9:54:88:33:86:ab:37:2f:80:3a:99:01: e3:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:78:95:1D:6B:E3:89:B2:4A:48:B3:CC:8D:2D:FA:7C:90:5A:D8:43 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec2f6208-6914-4802-9cae-8f5bdc6d9003.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:7080::/48 Signature Algorithm: sha256WithRSAEncryption 8c:a9:d0:a1:75:bb:f2:88:23:31:87:ff:53:b4:a5:34:e7:75: e8:5a:ed:67:94:e4:03:6e:85:da:48:63:2f:ab:fd:c6:d7:dc: b8:d0:c0:38:e4:be:4e:3c:38:7d:e6:2e:9f:4a:3a:8e:db:2b: 37:f1:53:77:94:ca:ab:af:86:26:80:83:c0:78:3d:a6:1c:fc: 1c:30:ed:10:c7:fb:e1:6c:b2:ad:bf:ea:59:54:bf:3d:c0:7c: f4:41:2b:30:da:b2:dd:69:ae:78:4b:5a:3f:84:c3:a7:bf:2d: 61:07:05:69:4a:d0:2a:b0:d2:10:3e:8e:4c:e0:c2:23:36:28: 44:88:19:26:b7:62:60:ee:a8:23:30:4e:87:8d:99:7c:d0:10: e0:ee:9d:00:f1:19:57:36:46:3d:c7:6a:a6:dd:55:d2:f3:ec: 73:a2:e7:06:03:a7:df:a6:39:12:ef:36:b7:bd:37:c4:8c:28: b6:f8:26:42:61:14:81:9e:74:25:c9:ed:e3:f4:cb:d0:06:ea: b0:bc:11:88:96:8b:8b:42:11:b2:2c:61:b1:db:0b:50:b0:af: 82:f1:2b:eb:ea:4d:40:41:6d:ba:5d:1c:22:80:1b:79:24:14: 8f:6f:e1:98:db:a3:a1:0e:1d:b5:48:7e:47:06:19:3d:44:d7: 8f:37:44:72 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUY+8gGUPcdLAW9XglUhbwm/u5v6QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MTEzNloX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAZTk5OWI1ZjQ5MzUyYmRkZWI3ZDU1 NDllY2RmNjBlZTk2MzUxYzQ4Y2E0ZjFhNjJjZWM1MjdlN2UyOTc0MTFjZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQQfqBHIeMbl+eaR0eT4VyA13FtS 7tV8eT7vbBZ1hZp6sRg3gPQNDNS47NFi+/5jS4rE7NhYbwjkM9B9d6FGG6z73Pja gXgP40syGA2pUdn57QydPqKJOuo381OJBJIBPEy/7u5MdoDC6tEX6tT0nzXgdIiP nOZITigdiuQFfPdLFEZF437MVrV/WXdG7810ifSzuhAlx+m+PAV5bKMyR0lbMGR2 jdhxsrgokj6X1VAfQ5qn5G35oUy5O1O4E8JLDuUGec+WNxWsggfsWSQgHHGGITZh uRcD52nNCiJgSOEzWw3NbNRMY8fDO6BNAhCYTaLpVIgzhqs3L4A6mQHj0QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLF4lR1r44mySkizzI0t+nyQWthDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VjMmY2MjA4LTY5MTQtNDgwMi05Y2FlLThmNWJkYzZkOTAwMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAHCAMA0GCSqGSIb3DQEBCwUAA4IBAQCMqdChdbvyiCMxh/9T tKU053XoWu1nlOQDboXaSGMvq/3G19y40MA45L5OPDh95i6fSjqO2ys38VN3lMqr r4YmgIPAeD2mHPwcMO0Qx/vhbLKtv+pZVL89wHz0QSsw2rLdaa54S1o/hMOnvy1h BwVpStAqsNIQPo5M4MIjNihEiBkmt2Jg7qgjME6HjZl80BDg7p0A8RlXNkY9x2qm 3VXS8+xzoucGA6ffpjkS7za3vTfEjCi2+CZCYRSBnnQlye3j9MvQBuqwvBGIlouL QhGyLGGx2wtQsK+C8Svr6k1AQW26XRwigBt5JBSPb+GY26OhDh21SH5HBhk9RNeP N0Ry -----END CERTIFICATE-----Generated at Sat Jun 14 06:37:25 2025 by rpki-client