$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f53f7a72-64c0-40ee-9ab6-db0e04b1b282.roa File: f53f7a72-64c0-40ee-9ab6-db0e04b1b282.roa (raw, json) Hash identifier: jk4bBRGBxuapm6kvd6ZaNHSLaE8/BBuNmMbSbVa9Tto= Subject key identifier: 94:6B:15:BC:F1:36:B8:CB:BA:9C:9E:BB:AF:17:57:D5:F4:95:4C:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 33B27370E26B6A6F020ECA7651D08BD17265E16C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f53f7a72-64c0-40ee-9ab6-db0e04b1b282.roa Signing time: Tue 10 Jun 2025 00:01:14 +0000 ROA not before: Tue 10 Jun 2025 00:01:14 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:e080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:b2:73:70:e2:6b:6a:6f:02:0e:ca:76:51:d0:8b:d1:72:65:e1:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 00:01:14 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=d5b48ed1bea14e274b6ad03e01f4fcfd01956d032310b295fd65ab3a708fe6f5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:91:6b:71:21:29:eb:e6:ce:16:77:d8:0a:3a: 1f:75:7e:16:16:01:ad:b1:18:2f:26:d6:4f:db:88: 12:48:08:10:3f:31:fd:43:cd:cb:b3:4c:af:98:e6: aa:80:6c:2c:ae:a9:96:c7:44:a8:37:db:08:11:26: c1:6d:b6:9c:1f:f6:3e:20:69:14:07:f3:09:ee:94: 2a:21:ce:08:54:89:14:ed:be:83:5a:39:f1:de:a7: d4:61:07:68:18:62:7d:38:a6:22:a2:37:e7:b7:cd: f1:f2:a9:cc:61:5a:70:40:7f:54:cf:50:46:dc:8d: b8:48:73:03:7c:8d:70:ca:cd:b6:1c:d5:28:75:72: f4:29:b9:13:7b:6f:db:6d:cd:b9:fa:61:c8:0c:bd: 18:c1:7e:01:61:57:4a:7d:27:9c:ff:e2:16:91:f4: f2:e3:9a:57:da:f2:98:d4:31:ed:e3:85:25:c3:29: e8:64:77:0e:98:31:30:68:fc:e2:88:03:e2:33:f5: aa:ca:ed:7a:0a:45:71:c9:11:6d:cb:d8:d9:b9:c3: e4:5a:bc:2b:76:de:d2:ad:f7:45:5a:d3:bf:4f:2b: ce:d8:98:4b:6d:cf:40:d9:37:37:e4:c3:22:d8:b9: 2d:71:59:95:12:d2:25:57:1e:d8:71:bc:91:35:9c: 7a:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:6B:15:BC:F1:36:B8:CB:BA:9C:9E:BB:AF:17:57:D5:F4:95:4C:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f53f7a72-64c0-40ee-9ab6-db0e04b1b282.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:e080::/46 Signature Algorithm: sha256WithRSAEncryption 23:80:d3:81:bc:d9:9b:bb:7f:1c:2e:f6:da:8e:84:71:81:87: fd:bd:33:3d:42:9c:df:e8:a3:e6:b7:d6:58:69:5a:cb:24:56: 48:f6:cb:b4:9f:36:46:48:e3:17:80:8f:0d:19:28:91:75:12: d9:18:96:de:fc:09:60:ae:0c:dc:d3:b1:18:82:a4:ed:79:08: b9:f8:8d:64:bb:62:5e:b0:38:9e:57:14:87:f7:de:b7:a6:12: eb:46:80:d8:06:24:5c:dd:5c:26:57:76:55:ec:c0:22:5f:8b: 5a:5a:fe:fe:f9:6f:66:e4:4b:3e:ff:15:57:59:2d:24:8a:45: cb:99:a9:76:62:da:f0:9b:81:7f:87:a8:95:ab:92:5e:00:55: e1:43:eb:61:1f:c5:83:7f:37:16:e7:74:3a:2a:46:a7:ff:39: 33:8e:73:92:06:bd:ab:16:9a:e4:5e:50:4c:c4:a4:44:7d:4e: 60:f7:c1:e2:92:c1:32:70:0f:a6:de:8b:61:ae:72:5f:d4:cd: b6:f8:89:8d:ce:91:58:4e:16:78:7d:00:88:e3:20:53:87:fe: cc:6e:05:97:0c:70:55:1d:c4:07:74:d2:7f:a2:6b:da:0a:72: b8:ad:5a:8d:5f:4d:35:10:22:c0:2f:99:43:fa:e6:b0:68:a1: 31:0a:1f:b6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUM7JzcOJram8CDsp2UdCL0XJl4WwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDAwMDExNFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZDViNDhlZDFiZWExNGUyNzRiNmFk MDNlMDFmNGZjZmQwMTk1NmQwMzIzMTBiMjk1ZmQ2NWFiM2E3MDhmZTZmNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpFrcSEp6+bOFnfYCjofdX4WFgGt sRgvJtZP24gSSAgQPzH9Q83Ls0yvmOaqgGwsrqmWx0SoN9sIESbBbbacH/Y+IGkU B/MJ7pQqIc4IVIkU7b6DWjnx3qfUYQdoGGJ9OKYiojfnt83x8qnMYVpwQH9Uz1BG 3I24SHMDfI1wys22HNUodXL0KbkTe2/bbc25+mHIDL0YwX4BYVdKfSec/+IWkfTy 45pX2vKY1DHt44UlwynoZHcOmDEwaPziiAPiM/Wqyu16CkVxyRFty9jZucPkWrwr dt7SrfdFWtO/TyvO2JhLbc9A2Tc35MMi2LktcVmVEtIlVx7YcbyRNZx6XwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJRrFbzxNrjLupyeu68XV9X0lUydMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y1M2Y3YTcyLTY0YzAtNDBlZS05YWI2LWRiMGUwNGIxYjI4Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba9+CAMA0GCSqGSIb3DQEBCwUAA4IBAQAjgNOBvNmbu38cLvba joRxgYf9vTM9Qpzf6KPmt9ZYaVrLJFZI9su0nzZGSOMXgI8NGSiRdRLZGJbe/Alg rgzc07EYgqTteQi5+I1ku2JesDieVxSH9963phLrRoDYBiRc3VwmV3ZV7MAiX4ta Wv7++W9m5Es+/xVXWS0kikXLmal2Ytrwm4F/h6iVq5JeAFXhQ+thH8WDfzcW53Q6 Kkan/zkzjnOSBr2rFprkXlBMxKREfU5g98HiksEycA+m3othrnJf1M22+ImNzpFY ThZ4fQCI4yBTh/7MbgWXDHBVHcQHdNJ/omvaCnK4rVqNX001ECLAL5lD+uawaKEx Ch+2 -----END CERTIFICATE-----Generated at Sat Jun 14 05:51:40 2025 by rpki-client