$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec40eb60-4cf6-48e4-b0a8-80630ca1e584.roa File: ec40eb60-4cf6-48e4-b0a8-80630ca1e584.roa (raw, json) Hash identifier: J/2vv7GCNDt+Px/Oy1Sw0JvsncqQVA4XYvH392vfXgE= Subject key identifier: E6:D9:47:1A:57:FF:15:52:91:86:C6:DE:B9:B6:DC:7C:A1:25:58:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 174A9AB37D4763DCF00AB469B432689C201A4B28 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec40eb60-4cf6-48e4-b0a8-80630ca1e584.roa Signing time: Mon 09 Jun 2025 15:30:19 +0000 ROA not before: Mon 09 Jun 2025 15:30:19 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:40e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:4a:9a:b3:7d:47:63:dc:f0:0a:b4:69:b4:32:68:9c:20:1a:4b:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:30:19 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=4383de904e15bd515c194e9ef656d266aa63f9242c81426c6786b5d568dd6e63, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0a:34:0e:90:38:dc:db:a2:26:53:69:53:ae: 74:8b:4c:19:e9:08:fb:69:ef:27:83:3c:86:56:ac: 0f:09:2a:18:a9:fb:c4:9d:b3:2f:c7:d8:56:d1:4f: 62:be:62:4c:31:fa:6f:0c:5e:d9:30:a0:64:fb:bf: 69:43:fe:f4:ea:2d:bf:70:28:d4:ac:59:53:d4:88: f6:d1:d0:48:4d:4e:bd:0c:9b:51:d0:b7:48:f8:d3: cc:82:34:66:b8:14:85:b7:33:1d:f8:00:ea:7a:93: 7c:3d:60:a2:a1:db:50:98:c0:bd:33:72:21:f8:0b: fb:e2:ff:50:ff:97:7b:d7:ae:6d:48:1c:97:63:c9: ef:c7:a4:cf:bf:5e:5e:1e:a7:0b:bf:a8:a2:a9:34: ca:5f:60:5d:70:66:5d:28:69:5b:6f:cd:2d:2c:52: 3a:0d:53:aa:f2:0b:a9:58:04:ae:35:54:82:fa:46: ea:7e:50:15:10:ab:ec:61:28:c0:a5:aa:11:0a:d5: 52:55:1c:7a:fd:65:85:9e:ce:eb:a3:36:1a:1b:e2: 71:6a:4c:97:db:bb:da:4f:14:e5:9a:cc:39:2b:d1: a2:83:80:60:ba:b5:a3:9e:28:30:00:b5:6e:0a:b0: 6f:d9:4a:23:07:c4:15:4d:18:94:9d:07:21:8c:68: 37:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:D9:47:1A:57:FF:15:52:91:86:C6:DE:B9:B6:DC:7C:A1:25:58:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec40eb60-4cf6-48e4-b0a8-80630ca1e584.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:40e0::/48 Signature Algorithm: sha256WithRSAEncryption 93:6b:c1:d4:80:77:43:ad:c6:20:5d:b4:ea:88:d3:b9:ae:db: 0e:ae:49:3a:fe:91:0c:a9:57:49:70:0d:a1:f4:a0:2b:5c:9b: c4:05:3d:65:50:2e:c1:d7:a7:77:a5:b6:7e:3f:56:0c:6d:cb: d2:dc:0f:bb:d4:dc:17:a0:bb:26:20:e8:ac:8f:e6:57:3a:e4: d2:38:d6:69:f0:63:17:37:cc:14:2c:45:a6:8a:52:bd:ca:3f: 90:90:6f:a6:d8:e2:43:e5:40:40:1e:92:10:2a:48:2c:7b:19: 9a:8f:6b:b7:16:34:75:06:ee:9b:b7:e5:d7:82:d2:c9:3f:6d: 2c:4a:b6:22:8e:67:b3:b9:03:b2:d1:80:7d:84:b7:39:60:2d: bd:10:b2:54:3c:7d:f3:d0:f0:72:1d:e9:38:4e:9b:bc:92:41: 98:36:7f:72:6d:1d:31:b7:61:87:7e:ec:0d:de:a2:c0:d3:18: 5e:b7:63:7d:31:49:86:11:85:4f:57:01:d6:da:3b:c7:16:7d: 7b:bf:8c:c9:ab:55:88:4a:3b:f3:14:89:63:fc:96:b2:c6:9f: 41:72:06:d4:ce:6f:8d:42:90:5a:c7:79:f9:be:ee:02:a5:0d: 2e:58:4d:d8:72:6f:4e:8b:09:95:dc:d6:e3:8f:60:03:22:4a: 34:16:9d:75 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUF0qas31HY9zwCrRptDJonCAaSygwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MzAxOVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNANDM4M2RlOTA0ZTE1YmQ1MTVjMTk0 ZTllZjY1NmQyNjZhYTYzZjkyNDJjODE0MjZjNjc4NmI1ZDU2OGRkNmU2MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQo0DpA43NuiJlNpU650i0wZ6Qj7 ae8ngzyGVqwPCSoYqfvEnbMvx9hW0U9ivmJMMfpvDF7ZMKBk+79pQ/706i2/cCjU rFlT1Ij20dBITU69DJtR0LdI+NPMgjRmuBSFtzMd+ADqepN8PWCiodtQmMC9M3Ih +Av74v9Q/5d7165tSByXY8nvx6TPv15eHqcLv6iiqTTKX2BdcGZdKGlbb80tLFI6 DVOq8gupWASuNVSC+kbqflAVEKvsYSjApaoRCtVSVRx6/WWFns7rozYaG+JxakyX 27vaTxTlmsw5K9Gig4BgurWjnigwALVuCrBv2UojB8QVTRiUnQchjGg3fQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFObZRxpX/xVSkYbG3rm23HyhJVhYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VjNDBlYjYwLTRjZjYtNDhlNC1iMGE4LTgwNjMwY2ExZTU4NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEDgMA0GCSqGSIb3DQEBCwUAA4IBAQCTa8HUgHdDrcYgXbTq iNO5rtsOrkk6/pEMqVdJcA2h9KArXJvEBT1lUC7B16d3pbZ+P1YMbcvS3A+71NwX oLsmIOisj+ZXOuTSONZp8GMXN8wULEWmilK9yj+QkG+m2OJD5UBAHpIQKkgsexma j2u3FjR1Bu6bt+XXgtLJP20sSrYijmezuQOy0YB9hLc5YC29ELJUPH3z0PByHek4 Tpu8kkGYNn9ybR0xt2GHfuwN3qLA0xhet2N9MUmGEYVPVwHW2jvHFn17v4zJq1WI SjvzFIlj/Jayxp9BcgbUzm+NQpBax3n5vu4CpQ0uWE3Ycm9OiwmV3Nbjj2ADIko0 Fp11 -----END CERTIFICATE-----Generated at Sat Jun 14 06:09:42 2025 by rpki-client