$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f28624f2-29a1-4d66-bb6c-dd38f883f14b.roa File: f28624f2-29a1-4d66-bb6c-dd38f883f14b.roa (raw, json) Hash identifier: hta2PK3pA1W5AcFaBuG2SIX1dskDXLxlhWpnCg9UboA= Subject key identifier: FF:42:33:5B:60:36:45:79:58:06:92:0A:BA:59:33:D6:55:44:E5:33 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 481BD7FE83F28AF7FA50B3EB8CA38F24EE731CA0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f28624f2-29a1-4d66-bb6c-dd38f883f14b.roa Signing time: Tue 10 Jun 2025 15:50:20 +0000 ROA not before: Tue 10 Jun 2025 15:50:20 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da19:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:1b:d7:fe:83:f2:8a:f7:fa:50:b3:eb:8c:a3:8f:24:ee:73:1c:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:50:20 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=7888da79d493d192b10a3e582754121ac9408d172248b95747c5f695180ff100, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:52:65:a4:d9:87:62:33:f9:69:52:ba:5e:02: a0:f7:f0:00:1f:00:12:34:06:ad:0c:ab:0b:10:19: 3d:37:57:a1:95:69:72:c9:c0:4a:df:ac:ef:dd:1b: c3:1d:77:a0:3d:91:87:b5:fb:aa:64:97:e3:97:ff: 41:4b:55:78:46:ec:40:63:43:b5:29:c7:17:d6:b6: d1:69:fa:05:9a:cb:95:86:dc:f9:c1:d7:79:2f:6b: 5a:19:b9:95:f3:39:d9:af:a3:36:30:22:24:85:72: f9:9d:dc:99:ca:d7:a4:af:a4:b5:9f:ee:5d:cd:81: a7:c8:63:2a:f2:dc:a0:11:f6:fb:6b:b7:fd:ac:ba: d6:76:db:51:bf:61:ea:27:0a:19:22:49:ed:9e:fc: f5:76:66:3d:2f:17:7d:97:9d:b1:9a:25:d4:ee:84: de:ab:a7:3c:6a:dd:e2:22:45:ec:52:1d:cc:70:b0: 87:90:43:10:dd:97:ab:58:5a:b7:cd:d3:b3:87:f0: 11:ec:6c:be:61:9a:ab:f2:12:83:5d:3a:21:81:5b: 1e:90:28:71:e9:a0:08:ea:e2:65:1e:4b:65:e6:2f: e9:da:cf:a9:0b:29:c3:23:2c:eb:da:78:06:2b:91: 6e:68:19:39:02:f7:db:d8:17:d3:b1:59:56:e4:6d: 16:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:42:33:5B:60:36:45:79:58:06:92:0A:BA:59:33:D6:55:44:E5:33 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f28624f2-29a1-4d66-bb6c-dd38f883f14b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da19:c00::/38 Signature Algorithm: sha256WithRSAEncryption a7:eb:59:4f:5d:52:48:a4:5e:d4:8d:57:3f:79:9b:96:1b:6a: a6:07:d4:94:5b:28:da:26:59:5e:a6:f7:7a:41:24:9b:49:69: 47:0b:47:e4:73:43:51:f8:df:38:69:18:94:c0:cd:d5:10:d4: 6b:14:a3:97:16:da:1d:25:07:02:61:ed:c5:70:c7:cb:9e:fb: 94:98:42:d8:58:3f:99:60:76:31:6d:84:7c:5e:4b:0f:93:43: 12:f7:16:5a:3e:8b:6e:97:76:fd:1c:01:c8:cf:91:d2:9c:22: f8:8e:fa:06:d2:92:7d:a6:5b:f0:83:5a:03:5c:6a:e0:85:10: 61:05:da:fd:e2:c9:29:e9:35:87:ce:77:bd:7c:69:26:cd:d9: 8a:0d:b7:0b:cb:c4:30:98:4c:57:a7:d3:bb:39:40:a6:b9:29: c4:3e:5a:e1:d4:f4:40:96:87:42:11:8f:ec:7b:a1:72:03:66: f0:b8:b9:1e:5e:96:bf:8f:57:23:5a:df:04:b7:4c:ca:ae:37: 7c:ba:66:57:92:b6:cd:c7:dd:aa:7f:2e:86:76:95:0f:f4:e9: 5e:47:dc:cb:6e:00:84:2e:9a:cc:2f:c9:05:9f:a7:00:35:96: 59:48:65:fc:24:4a:1d:39:f4:49:8b:62:f3:b4:e5:98:0c:93: d5:75:c7:34 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSBvX/oPyivf6ULPrjKOPJO5zHKAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NTAyMFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANzg4OGRhNzlkNDkzZDE5MmIxMGEz ZTU4Mjc1NDEyMWFjOTQwOGQxNzIyNDhiOTU3NDdjNWY2OTUxODBmZjEwMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlJlpNmHYjP5aVK6XgKg9/AAHwAS NAatDKsLEBk9N1ehlWlyycBK36zv3RvDHXegPZGHtfuqZJfjl/9BS1V4RuxAY0O1 KccX1rbRafoFmsuVhtz5wdd5L2taGbmV8znZr6M2MCIkhXL5ndyZytekr6S1n+5d zYGnyGMq8tygEfb7a7f9rLrWdttRv2HqJwoZIkntnvz1dmY9Lxd9l52xmiXU7oTe q6c8at3iIkXsUh3McLCHkEMQ3ZerWFq3zdOzh/AR7Gy+YZqr8hKDXTohgVsekChx 6aAI6uJlHktl5i/p2s+pCynDIyzr2ngGK5FuaBk5Avfb2BfTsVlW5G0WdQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP9CM1tgNkV5WAaSCrpZM9ZVROUzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YyODYyNGYyLTI5YTEtNGQ2Ni1iYjZjLWRkMzhmODgzZjE0Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGQwwDQYJKoZIhvcNAQELBQADggEBAKfrWU9dUkikXtSNVz95 m5YbaqYH1JRbKNomWV6m93pBJJtJaUcLR+RzQ1H43zhpGJTAzdUQ1GsUo5cW2h0l BwJh7cVwx8ue+5SYQthYP5lgdjFthHxeSw+TQxL3Flo+i26Xdv0cAcjPkdKcIviO +gbSkn2mW/CDWgNcauCFEGEF2v3iySnpNYfOd718aSbN2YoNtwvLxDCYTFen07s5 QKa5KcQ+WuHU9ECWh0IRj+x7oXIDZvC4uR5elr+PVyNa3wS3TMquN3y6ZleSts3H 3ap/LoZ2lQ/06V5H3MtuAIQumswvyQWfpwA1lllIZfwkSh059EmLYvO05ZgMk9V1 xzQ= -----END CERTIFICATE-----Generated at Sat Jun 14 05:53:56 2025 by rpki-client