$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa File: f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa (raw, json) Hash identifier: 6brB8188C5p7Cg2O04iBs79KSktx0ax3fkp2IX/rYbc= Subject key identifier: 51:21:6A:19:D4:4F:5B:0C:D7:3F:E4:37:06:7E:93:68:E6:09:37:13 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E3F756A569437CCD636A42650BCBEDFCAB7B1E4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa Signing time: Wed 04 Jun 2025 00:00:07 +0000 ROA not before: Wed 04 Jun 2025 00:00:07 +0000 ROA not after: Wed 09 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:3f:75:6a:56:94:37:cc:d6:36:a4:26:50:bc:be:df:ca:b7:b1:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 4 00:00:07 2025 GMT Not After : Jul 9 23:59:59 2025 GMT Subject: serialNumber=d4fef0ba0ed44133e9159a7feae3391641d7da5e3d7322521d70cbdef8ab9bed, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:4b:fc:87:1c:bd:fc:84:3e:af:2f:f4:1a:63: 01:b8:20:98:d3:9a:c3:ce:ca:60:4b:c9:1b:dd:04: c8:9a:01:d3:51:47:01:38:4f:94:b4:aa:36:53:6f: 9f:db:8c:f1:45:7c:0a:11:70:15:44:60:c9:79:b0: bb:eb:c0:ae:a1:a4:aa:45:be:26:85:80:ff:56:1e: 88:87:00:0c:1e:b2:2c:7a:83:a9:d7:7b:8a:91:85: 6e:db:4d:36:7b:7c:10:f1:c9:27:b5:8b:04:f5:10: ea:a1:4f:e1:b3:74:15:8b:8b:61:d2:a6:de:55:4d: e3:9c:46:fa:de:c5:e5:6f:a7:dd:08:48:01:22:20: 04:d1:ea:98:0a:6c:32:e5:36:ca:cd:0f:43:11:34: ec:42:21:9d:29:9a:b5:64:e8:02:73:4a:75:fb:29: 77:07:a0:3e:b1:39:80:70:ab:d8:37:9d:12:d8:27: 98:29:6c:f7:7b:4f:1a:76:52:00:03:a0:a8:de:aa: 27:d0:c6:13:31:df:fd:ec:a4:bc:8b:5f:90:0c:9b: ef:6c:05:00:7b:99:4d:60:11:b0:f5:b1:4e:a7:17: df:9e:20:85:9a:c7:bd:82:06:84:58:3e:4b:2b:7b: f0:19:13:26:b6:65:ec:b5:22:8f:65:d7:5f:ff:a6: d6:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:21:6A:19:D4:4F:5B:0C:D7:3F:E4:37:06:7E:93:68:E6:09:37:13 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:6000::/40 Signature Algorithm: sha256WithRSAEncryption 17:42:9d:b0:89:0a:8a:a8:d7:82:c5:9e:b4:e3:9b:42:29:77: 22:dc:36:b4:36:23:d3:23:77:80:5e:93:02:87:9d:03:bd:43: c9:8e:b6:0b:f9:64:63:d7:97:78:e6:03:4d:8e:63:d5:3c:29: 90:9e:b1:cb:18:3b:34:7d:35:a7:1e:98:3d:ea:07:85:53:32: 11:bd:8b:de:b4:74:a6:12:3a:59:32:f9:4f:95:c7:a7:9b:f7: f4:fa:bc:e6:c0:31:ed:65:b7:08:73:aa:0c:f2:af:a0:c9:90: ac:80:31:b2:52:ca:83:36:85:0b:93:e7:5b:56:7f:f6:07:4e: 74:89:c0:7b:92:f2:d3:c3:85:25:a4:da:03:ea:e3:f5:84:3d: 14:a9:82:77:f5:98:7c:90:74:d4:b6:6c:d9:40:16:4b:77:32: af:5c:81:1f:92:66:eb:ba:e8:a9:66:87:59:47:03:3a:55:05: 30:10:3a:7d:56:4d:22:0e:52:2c:76:68:23:da:03:64:01:ae: 2a:c7:00:d2:1f:84:e4:19:cf:fa:cf:29:96:b4:8e:04:97:d4: ad:77:e3:9b:48:1c:eb:a3:62:6d:d6:0f:7c:de:1b:84:1f:1e: ef:fb:b6:f5:82:f0:41:89:6d:05:38:81:91:e8:bc:01:f4:d5: 5e:5f:2d:7f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbj91alaUN8zWNqQmULy+38q3seQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNDAwMDAwN1oX DTI1MDcwOTIzNTk1OVowejFJMEcGA1UEBRNAZDRmZWYwYmEwZWQ0NDEzM2U5MTU5 YTdmZWFlMzM5MTY0MWQ3ZGE1ZTNkNzMyMjUyMWQ3MGNiZGVmOGFiOWJlZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0v8hxy9/IQ+ry/0GmMBuCCY05rD zspgS8kb3QTImgHTUUcBOE+UtKo2U2+f24zxRXwKEXAVRGDJebC768CuoaSqRb4m hYD/Vh6IhwAMHrIseoOp13uKkYVu2002e3wQ8ckntYsE9RDqoU/hs3QVi4th0qbe VU3jnEb63sXlb6fdCEgBIiAE0eqYCmwy5TbKzQ9DETTsQiGdKZq1ZOgCc0p1+yl3 B6A+sTmAcKvYN50S2CeYKWz3e08adlIAA6Co3qon0MYTMd/97KS8i1+QDJvvbAUA e5lNYBGw9bFOpxffniCFmse9ggaEWD5LK3vwGRMmtmXstSKPZddf/6bW6wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFEhahnUT1sM1z/kNwZ+k2jmCTcTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YyZGQ2YTA3LWVmYTEtNGE2Ni05ZjA3LTE3OWMyZTZkNDU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYGAwDQYJKoZIhvcNAQELBQADggEBABdCnbCJCoqo14LFnrTj m0IpdyLcNrQ2I9Mjd4BekwKHnQO9Q8mOtgv5ZGPXl3jmA02OY9U8KZCescsYOzR9 NacemD3qB4VTMhG9i960dKYSOlky+U+Vx6eb9/T6vObAMe1ltwhzqgzyr6DJkKyA MbJSyoM2hQuT51tWf/YHTnSJwHuS8tPDhSWk2gPq4/WEPRSpgnf1mHyQdNS2bNlA Fkt3Mq9cgR+SZuu66Klmh1lHAzpVBTAQOn1WTSIOUix2aCPaA2QBrirHANIfhOQZ z/rPKZa0jgSX1K1345tIHOujYm3WD3zeG4QfHu/7tvWC8EGJbQU4gZHovAH01V5f LX8= -----END CERTIFICATE-----Generated at Sat Jun 14 06:24:17 2025 by rpki-client