$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5395226-d3ec-4c71-b20c-8c04577c7df0.roa File: f5395226-d3ec-4c71-b20c-8c04577c7df0.roa (raw, json) Hash identifier: kO0qBI+3k6kmIC9tvpvLi6EejAXRnlAQwvajYN88JSc= Subject key identifier: D2:67:AC:EF:45:B7:D4:7F:3C:0C:F9:B7:74:D5:E1:CE:7D:37:CC:64 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7AE978C90EEE206C099B8BDF4B3797CA4BABCD15 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5395226-d3ec-4c71-b20c-8c04577c7df0.roa Signing time: Tue 10 Jun 2025 15:11:05 +0000 ROA not before: Tue 10 Jun 2025 15:11:05 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:e9:78:c9:0e:ee:20:6c:09:9b:8b:df:4b:37:97:ca:4b:ab:cd:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:11:05 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=96357a04c73a4f482f0abe27339417b08838a3a38b821be6ec6ea1a10ac8f400, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:fc:67:21:23:75:9b:d8:ab:47:31:72:5f:6f: 84:73:a8:da:d7:07:ca:93:e7:24:0b:d1:f6:79:a6: 0b:ec:64:51:a8:3a:64:ed:0f:16:d1:a2:8e:7d:9d: 2f:06:9f:52:75:ab:73:30:d0:e1:dc:cd:10:7c:8d: f2:f4:4c:1a:11:88:44:ec:69:95:25:fc:4a:dd:49: a3:15:13:5f:f3:4e:41:00:ca:7a:28:8f:d8:58:03: 9c:cc:d9:15:af:b2:db:81:92:2d:d9:00:12:3f:b0: 70:ea:a3:17:30:8a:53:f8:7c:2c:b7:09:6c:99:bc: c0:3c:bf:1e:ef:3b:85:85:ff:8b:50:bf:31:fd:94: c1:22:a4:27:22:37:69:66:35:cc:a0:be:b4:70:ab: c3:ae:31:6a:6d:1a:74:2b:c3:f3:2e:09:fa:2e:9f: fb:b2:6f:fe:95:b5:df:2c:5a:5e:76:92:31:e7:26: f1:e1:94:1e:ad:de:bb:cd:0e:67:3e:01:16:cb:2d: b7:d1:ec:f2:a2:9e:41:b8:54:eb:20:3e:60:d1:d4: ec:0e:a3:25:97:ef:29:a4:52:f4:de:f2:fb:fe:02: f5:f1:82:9d:ce:26:9c:ec:4e:c4:f6:9b:b5:c3:d2: 34:3d:f0:cc:6a:bb:91:c8:a1:e6:f5:36:be:ba:1b: ab:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:67:AC:EF:45:B7:D4:7F:3C:0C:F9:B7:74:D5:E1:CE:7D:37:CC:64 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5395226-d3ec-4c71-b20c-8c04577c7df0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:9000::/40 Signature Algorithm: sha256WithRSAEncryption ca:49:86:18:6a:bf:37:ea:30:b5:88:87:21:ae:b0:e1:5b:bf: 4d:b5:50:95:ee:b8:f6:b5:75:a5:49:8e:cf:fc:72:10:61:30: 61:56:02:65:a9:c9:7f:ed:32:db:57:01:95:6b:7c:4d:53:90: e9:24:03:75:c7:e5:50:fc:32:d7:1c:c9:9a:fa:a7:84:6a:c8: 39:cd:e1:7c:de:7e:56:4a:cf:f3:9d:54:05:2b:ea:0b:c7:a4: 1e:7a:88:82:83:01:9a:45:85:47:9c:c3:44:11:7f:0a:d4:61: a0:8d:0f:15:33:e7:8e:81:e6:f1:0b:e2:b7:08:54:cd:97:23: 97:d9:aa:ec:bb:c0:5a:12:99:4d:10:b6:b6:35:c4:56:c1:d2: 59:02:a3:34:df:35:fb:fe:66:48:c5:27:1a:2c:a5:22:3f:a0: 75:be:dc:d8:1a:78:f7:b9:cf:bc:16:d3:65:2c:26:40:6c:c7: 43:3f:c5:62:22:4d:2d:71:1e:92:be:38:20:28:15:f2:70:fd: 1f:3b:2e:8a:5a:f9:ee:e2:96:77:f5:31:a3:01:aa:97:bd:90: 1f:2f:1b:dd:93:83:73:82:89:11:e9:14:14:a8:11:4a:5d:38: 8d:e9:e8:76:62:a2:8f:e3:24:55:8b:6d:fb:cf:e7:2f:b7:b2: f0:d5:00:55 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeul4yQ7uIGwJm4vfSzeXykurzRUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTEwNVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAOTYzNTdhMDRjNzNhNGY0ODJmMGFi ZTI3MzM5NDE3YjA4ODM4YTNhMzhiODIxYmU2ZWM2ZWExYTEwYWM4ZjQwMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/xnISN1m9irRzFyX2+Ec6ja1wfK k+ckC9H2eaYL7GRRqDpk7Q8W0aKOfZ0vBp9SdatzMNDh3M0QfI3y9EwaEYhE7GmV JfxK3UmjFRNf805BAMp6KI/YWAOczNkVr7LbgZIt2QASP7Bw6qMXMIpT+Hwstwls mbzAPL8e7zuFhf+LUL8x/ZTBIqQnIjdpZjXMoL60cKvDrjFqbRp0K8PzLgn6Lp/7 sm/+lbXfLFpedpIx5ybx4ZQerd67zQ5nPgEWyy230ezyop5BuFTrID5g0dTsDqMl l+8ppFL03vL7/gL18YKdziac7E7E9pu1w9I0PfDMaruRyKHm9Ta+uhur5wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNJnrO9Ft9R/PAz5t3TV4c59N8xkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y1Mzk1MjI2LWQzZWMtNGM3MS1iMjBjLThjMDQ1NzdjN2RmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoJAwDQYJKoZIhvcNAQELBQADggEBAMpJhhhqvzfqMLWIhyGu sOFbv021UJXuuPa1daVJjs/8chBhMGFWAmWpyX/tMttXAZVrfE1TkOkkA3XH5VD8 MtccyZr6p4RqyDnN4XzeflZKz/OdVAUr6gvHpB56iIKDAZpFhUecw0QRfwrUYaCN DxUz546B5vEL4rcIVM2XI5fZquy7wFoSmU0QtrY1xFbB0lkCozTfNfv+ZkjFJxos pSI/oHW+3NgaePe5z7wW02UsJkBsx0M/xWIiTS1xHpK+OCAoFfJw/R87Lopa+e7i lnf1MaMBqpe9kB8vG92Tg3OCiRHpFBSoEUpdOI3p6HZioo/jJFWLbfvP5y+3svDV AFU= -----END CERTIFICATE-----Generated at Sat Jun 14 06:27:10 2025 by rpki-client