$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa File: f30d8c61-acb1-465e-a200-0d6a14eb38de.roa (raw, json) Hash identifier: GE5HvAbEXON8LETToiciatLiy94jZBMrrxLOGqNhJYg= Subject key identifier: EE:DD:3C:99:51:D6:BE:12:CA:B7:66:A1:58:35:35:20:98:11:04:84 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 21D28D714A166BE691BFC24A66FEA809D4D1DC37 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa Signing time: Tue 10 Jun 2025 15:41:53 +0000 ROA not before: Tue 10 Jun 2025 15:41:53 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:d2:8d:71:4a:16:6b:e6:91:bf:c2:4a:66:fe:a8:09:d4:d1:dc:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:41:53 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=db96436c31212b6c18dc59079ec7765928c687a616b4f456131ea78f74706b72, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1e:99:2a:b0:fe:cc:3c:a4:f3:1c:04:dc:61: 2f:18:60:77:8a:a0:97:4e:9b:ab:8f:da:f4:4e:67: af:de:f5:2b:21:88:85:b0:7f:81:d5:10:b0:af:e5: ca:5d:4e:1c:08:85:11:a9:c4:f8:ac:9d:3d:f0:ea: b1:e2:37:3c:bb:37:85:d1:0f:47:b9:46:34:87:31: 61:f5:e1:87:df:a4:de:55:e8:b0:cc:32:81:a3:9b: 9e:a0:f2:52:30:d2:dd:d1:4c:2c:0c:2f:07:fc:a5: 38:af:3e:db:51:14:d8:c7:df:8f:a0:3f:79:ad:0f: 78:81:ee:48:20:5f:a0:4c:85:a1:b3:92:64:3d:51: 82:a0:93:41:44:d8:fa:5f:da:81:d2:3d:2a:33:6e: 76:e2:27:3e:17:16:80:62:47:46:25:7f:00:ad:4f: 5e:bf:15:98:df:88:22:c5:da:1d:02:af:f1:47:79: 47:37:c4:a5:f7:16:3d:4b:90:dd:4f:c5:d7:f3:14: 85:74:ef:75:dc:c1:2a:ce:54:7f:6e:97:b5:ac:76: 3d:ec:d2:19:43:45:f1:cf:d4:e6:74:d5:82:11:33: 0d:ee:6e:83:13:dd:6b:fd:16:d7:7a:4c:5d:32:41: 9c:59:08:96:20:ac:b9:4e:45:68:e0:02:04:ed:5f: 72:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:DD:3C:99:51:D6:BE:12:CA:B7:66:A1:58:35:35:20:98:11:04:84 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12::/38 Signature Algorithm: sha256WithRSAEncryption 07:66:a3:94:5b:79:a9:38:fd:2b:d0:44:f3:c9:b6:f6:71:90: 48:84:11:68:97:4a:47:e6:3b:43:ac:ba:f0:95:ea:a7:f9:73: 14:4e:37:b4:5e:94:80:aa:98:d7:94:d1:39:b7:a2:39:18:f5: 07:24:e7:25:a2:c6:2d:b2:84:e7:7c:f6:9f:aa:e2:f1:29:a5: ce:7e:de:3f:b4:b5:61:f9:14:f9:e3:08:ee:d1:f1:37:bf:cf: ec:b6:16:22:bf:74:41:ca:55:d1:43:54:d9:64:37:96:23:40: 4f:c2:70:97:25:dc:6a:68:ab:23:ad:65:37:1f:85:66:d7:51: 34:af:0d:b1:df:8c:35:36:bf:a1:2c:cf:19:66:fc:a2:0e:9b: 4a:b1:90:63:25:57:f7:11:76:b9:66:33:f5:88:9e:e0:f0:e2: 3c:fa:c1:f3:35:a9:ab:d6:a1:68:f7:b7:9c:10:fd:9d:95:d3: 5a:6e:3f:6d:c9:77:38:9f:a1:86:fd:42:09:c6:78:96:3c:59: 8c:38:55:f8:fb:22:b1:ca:dc:b9:f5:75:38:e2:c5:47:24:fd: 23:4d:eb:23:39:cf:59:d3:21:9b:81:4b:ac:7c:43:51:8d:0a: 83:27:78:b6:2c:cd:96:7b:7f:e8:66:10:1c:37:44:72:76:43: 02:45:4c:b4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIdKNcUoWa+aRv8JKZv6oCdTR3DcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NDE1M1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZGI5NjQzNmMzMTIxMmI2YzE4ZGM1 OTA3OWVjNzc2NTkyOGM2ODdhNjE2YjRmNDU2MTMxZWE3OGY3NDcwNmI3MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR6ZKrD+zDyk8xwE3GEvGGB3iqCX Tpurj9r0Tmev3vUrIYiFsH+B1RCwr+XKXU4cCIURqcT4rJ098Oqx4jc8uzeF0Q9H uUY0hzFh9eGH36TeVeiwzDKBo5ueoPJSMNLd0UwsDC8H/KU4rz7bURTYx9+PoD95 rQ94ge5IIF+gTIWhs5JkPVGCoJNBRNj6X9qB0j0qM2524ic+FxaAYkdGJX8ArU9e vxWY34gixdodAq/xR3lHN8Sl9xY9S5DdT8XX8xSFdO913MEqzlR/bpe1rHY97NIZ Q0Xxz9TmdNWCETMN7m6DE91r/RbXekxdMkGcWQiWIKy5TkVo4AIE7V9y/wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFO7dPJlR1r4SyrdmoVg1NSCYEQSEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzMGQ4YzYxLWFjYjEtNDY1ZS1hMjAwLTBkNmExNGViMzhkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEgAwDQYJKoZIhvcNAQELBQADggEBAAdmo5Rbeak4/SvQRPPJ tvZxkEiEEWiXSkfmO0OsuvCV6qf5cxRON7RelICqmNeU0Tm3ojkY9Qck5yWixi2y hOd89p+q4vEppc5+3j+0tWH5FPnjCO7R8Te/z+y2FiK/dEHKVdFDVNlkN5YjQE/C cJcl3GpoqyOtZTcfhWbXUTSvDbHfjDU2v6Eszxlm/KIOm0qxkGMlV/cRdrlmM/WI nuDw4jz6wfM1qavWoWj3t5wQ/Z2V01puP23JdzifoYb9QgnGeJY8WYw4Vfj7IrHK 3Ln1dTjixUck/SNN6yM5z1nTIZuBS6x8Q1GNCoMneLYszZZ7f+hmEBw3RHJ2QwJF TLQ= -----END CERTIFICATE-----Generated at Sat Jun 14 06:19:12 2025 by rpki-client