$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa File: ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa (raw, json) Hash identifier: vOakKDwEW0j4dT+NId7j7++oYBScNysaVyClIXl1SCs= Subject key identifier: 6E:FF:88:6E:FA:CA:0A:1E:F6:B6:08:1E:54:F0:63:F4:B3:B2:B2:82 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1855E86D11833F9F133E4EA94DFAFC66695F4957 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa Signing time: Tue 10 Jun 2025 00:51:24 +0000 ROA not before: Tue 10 Jun 2025 00:51:24 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:55:e8:6d:11:83:3f:9f:13:3e:4e:a9:4d:fa:fc:66:69:5f:49:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:51:24 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=b8c55ceb2b222910a7c95887048dc7eb09f46a96609cf26851bd2092060af359, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:5c:15:09:92:ca:c6:80:59:d9:4a:63:9d:06: 9d:2b:60:46:05:0d:dc:1a:36:67:f3:12:9a:40:9f: f5:76:b3:40:ee:78:ce:a7:1a:de:24:4e:1a:f9:9f: 67:2b:b9:88:5b:17:bb:ad:61:5b:ae:36:6b:d4:42: 79:5e:d2:16:12:ef:aa:ee:3f:2d:fb:f4:ef:9f:6e: a1:0f:db:89:8e:c7:8c:9b:25:3f:ab:99:34:cd:b4: ab:89:01:1e:28:24:ad:6e:fa:a0:a7:22:57:62:90: 07:c6:5f:66:0a:46:81:60:4d:ca:6b:ba:02:b8:13: f2:21:4e:96:59:47:d9:e5:11:82:2b:77:64:0b:f7: d3:0b:ae:bc:40:0b:d9:43:36:fe:97:b1:93:7a:0d: 4c:8e:1e:f7:5d:90:11:52:a5:43:f6:7b:bb:1b:83: 16:b2:d3:9c:cd:d3:40:a1:72:8f:45:aa:1f:ec:69: 63:2d:21:a6:91:f7:b6:53:db:87:7f:2c:b5:f4:36: 75:19:57:b8:b6:9e:bb:03:fa:f5:7b:c4:9b:ec:cd: 10:24:57:88:b1:27:c0:f0:56:ac:aa:bc:64:4c:85: f0:86:a4:27:45:f4:10:28:17:fb:f4:66:e3:83:69: 30:1d:46:35:03:39:9e:26:7c:b0:1d:8d:75:0c:6b: f0:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:FF:88:6E:FA:CA:0A:1E:F6:B6:08:1E:54:F0:63:F4:B3:B2:B2:82 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:800::/40 Signature Algorithm: sha256WithRSAEncryption b7:2d:32:55:70:9c:1d:19:27:23:1f:3f:a8:28:71:68:db:f3: 0e:33:c2:99:b2:de:e2:24:bb:1e:c4:e5:83:d2:2a:74:21:b6: d2:77:8b:08:67:37:40:5f:c4:4a:e3:10:6b:ba:fb:42:cc:6f: ec:73:a7:2c:78:a6:70:70:c5:b2:fb:0a:f7:a8:69:bb:fa:b1: 1c:89:35:b9:19:d8:42:fa:c2:6f:7c:7b:f3:75:9b:82:26:1c: 5a:e5:19:86:b7:c5:40:1c:a6:34:42:5f:bb:1d:26:e7:6a:b3: 64:a8:a0:c8:88:e1:39:56:2f:41:51:aa:14:45:52:80:d7:5c: 4d:77:6d:1a:59:22:36:0e:ed:e1:89:14:70:8d:7b:30:c7:73: d4:0b:21:d8:f5:c1:84:16:29:9d:aa:f2:4d:75:c7:07:50:97: 64:a7:c2:31:7d:9d:a5:dd:9a:c6:a2:17:d3:76:b0:ac:6e:cc: d0:17:d4:43:8e:ac:44:1b:05:99:9f:ba:ab:d7:f4:6f:d8:09: ea:71:df:71:74:0c:45:27:c7:c0:cb:fb:7a:64:f2:9d:f4:26: b9:93:a6:6b:b7:0f:6c:ce:5e:7b:d9:15:c8:ee:84:37:91:68: 23:a8:77:20:26:da:57:8b:3e:1f:da:57:70:81:ba:75:c6:ff: 8f:ee:73:45 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGFXobRGDP58TPk6pTfr8ZmlfSVcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwNTEyNFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAYjhjNTVjZWIyYjIyMjkxMGE3Yzk1 ODg3MDQ4ZGM3ZWIwOWY0NmE5NjYwOWNmMjY4NTFiZDIwOTIwNjBhZjM1OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1wVCZLKxoBZ2UpjnQadK2BGBQ3c GjZn8xKaQJ/1drNA7njOpxreJE4a+Z9nK7mIWxe7rWFbrjZr1EJ5XtIWEu+q7j8t +/Tvn26hD9uJjseMmyU/q5k0zbSriQEeKCStbvqgpyJXYpAHxl9mCkaBYE3Ka7oC uBPyIU6WWUfZ5RGCK3dkC/fTC668QAvZQzb+l7GTeg1Mjh73XZARUqVD9nu7G4MW stOczdNAoXKPRaof7GljLSGmkfe2U9uHfyy19DZ1GVe4tp67A/r1e8Sb7M0QJFeI sSfA8FasqrxkTIXwhqQnRfQQKBf79Gbjg2kwHUY1AzmeJnywHY11DGvw6wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG7/iG76ygoe9rYIHlTwY/SzsrKCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VmOWRkZDlhLTljYTktNDI4Zi1hYzRmLWQ3ZjI2ZDAwODI0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaQgwDQYJKoZIhvcNAQELBQADggEBALctMlVwnB0ZJyMfP6go cWjb8w4zwpmy3uIkux7E5YPSKnQhttJ3iwhnN0BfxErjEGu6+0LMb+xzpyx4pnBw xbL7Cveoabv6sRyJNbkZ2EL6wm98e/N1m4ImHFrlGYa3xUAcpjRCX7sdJudqs2So oMiI4TlWL0FRqhRFUoDXXE13bRpZIjYO7eGJFHCNezDHc9QLIdj1wYQWKZ2q8k11 xwdQl2SnwjF9naXdmsaiF9N2sKxuzNAX1EOOrEQbBZmfuqvX9G/YCepx33F0DEUn x8DL+3pk8p30JrmTpmu3D2zOXnvZFcjuhDeRaCOodyAm2leLPh/aV3CBunXG/4/u c0U= -----END CERTIFICATE-----Generated at Sat Jun 14 06:11:58 2025 by rpki-client