$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa File: f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa (raw, json) Hash identifier: Bw5zqqYktQnRp4vfWVVSwRRQa9ySm8dSLGm3jnaTSAM= Subject key identifier: D9:A6:D8:F0:32:B6:7F:B8:59:4A:0D:D1:A2:32:F2:B7:A5:4A:60:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27D254A1CCE4990127B1DC36C173B69C48BE103C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa Signing time: Tue 10 Jun 2025 15:51:14 +0000 ROA not before: Tue 10 Jun 2025 15:51:14 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:d2:54:a1:cc:e4:99:01:27:b1:dc:36:c1:73:b6:9c:48:be:10:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:51:14 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=8728d96e00b9c41d39fab7a39ff593ad6190b51dae706e521391ee83f88b3931, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:9d:33:ca:92:37:e6:9a:da:fe:c4:55:0f:dd: d0:d5:e2:9d:1a:e7:29:1d:01:40:7a:cf:57:56:d1: d9:50:38:a8:a7:bd:a4:4a:7d:26:7f:df:f7:66:93: 0f:52:c2:7b:0d:c2:a6:22:1c:7f:d7:c8:e0:ae:0d: 8a:c3:e4:b5:32:11:d4:f3:45:92:5e:65:b1:84:97: 48:c9:98:d1:7b:65:0f:d2:0f:9a:69:07:6c:a5:e2: 0e:94:fb:82:4d:5f:50:78:d5:68:d9:75:4e:53:3a: 7f:aa:6f:ef:5b:53:ae:3b:56:b9:4b:ec:84:47:93: 39:2d:e9:45:34:ee:b0:3e:4e:60:10:81:49:e0:c1: ca:12:b9:1a:be:fc:f5:2d:3b:8b:47:f5:2d:9b:25: fe:f4:45:f9:9b:42:fa:83:e6:3c:5f:c4:90:cb:2b: 46:1a:59:ef:30:c1:40:6c:81:13:29:96:b8:62:26: 62:e7:bd:1b:dd:de:9d:c0:29:05:af:8b:18:31:91: ed:72:db:37:5c:b2:55:49:8b:65:80:04:6c:4f:78: 5c:35:d4:f0:8f:5f:e5:20:04:51:12:ae:36:19:b3: 43:4c:c3:3d:e2:6e:d6:46:40:ec:65:32:d5:49:77: 62:72:0a:6c:9e:e4:40:01:47:c6:90:3c:6c:f6:cc: 06:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:A6:D8:F0:32:B6:7F:B8:59:4A:0D:D1:A2:32:F2:B7:A5:4A:60:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc::/32 Signature Algorithm: sha256WithRSAEncryption 04:42:05:77:be:c7:d9:52:15:d4:11:02:f1:6f:cd:ee:64:21: cd:89:a3:3a:fc:6c:be:92:d9:c0:c7:b7:20:69:7c:f1:f5:ea: 6a:50:67:4e:68:88:14:b0:aa:66:50:7c:ca:ce:cf:67:04:f2: 79:c1:63:a2:f5:83:f7:f8:79:20:bb:a4:20:3a:a3:4a:4e:cb: cf:14:c7:13:c1:f3:f2:54:11:95:5e:6f:e2:0c:e7:ba:ba:f4: b4:9c:d5:41:f1:de:78:4d:14:5f:1e:84:1f:22:e0:dc:ab:79: 57:13:60:7f:4d:e9:9f:a1:1b:87:67:08:4f:0f:34:91:c4:ba: 14:52:af:26:ad:e2:c3:ab:f3:72:91:25:6c:f5:04:cf:9b:cf: 91:bc:b5:77:bd:80:f2:62:43:43:26:b0:8a:d2:c8:80:f2:37: 10:83:bb:e0:5c:50:0b:47:88:75:bf:cc:0d:04:22:4f:1c:d5: bb:e2:68:ee:6e:ee:e6:17:70:c0:44:5a:e9:ef:5e:80:85:4f: e1:6e:b9:94:6e:6a:04:2c:9e:c1:7e:8d:97:dc:5b:fd:bf:51: ef:33:fe:5c:a8:f4:c9:08:42:38:7e:1f:62:9c:d9:3d:1f:81: b7:02:7c:fe:bd:a9:96:3c:8b:a0:22:45:c4:8d:9e:39:f4:93: d0:b0:98:72 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUJ9JUoczkmQEnsdw2wXO2nEi+EDwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NTExNFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAODcyOGQ5NmUwMGI5YzQxZDM5ZmFi N2EzOWZmNTkzYWQ2MTkwYjUxZGFlNzA2ZTUyMTM5MWVlODNmODhiMzkzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ0zypI35pra/sRVD93Q1eKdGucp HQFAes9XVtHZUDiop72kSn0mf9/3ZpMPUsJ7DcKmIhx/18jgrg2Kw+S1MhHU80WS XmWxhJdIyZjRe2UP0g+aaQdspeIOlPuCTV9QeNVo2XVOUzp/qm/vW1OuO1a5S+yE R5M5LelFNO6wPk5gEIFJ4MHKErkavvz1LTuLR/UtmyX+9EX5m0L6g+Y8X8SQyytG GlnvMMFAbIETKZa4YiZi570b3d6dwCkFr4sYMZHtcts3XLJVSYtlgARsT3hcNdTw j1/lIARREq42GbNDTMM94m7WRkDsZTLVSXdicgpsnuRAAUfGkDxs9swGoQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNmm2PAytn+4WUoN0aIy8relSmBAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2ODEyOWFjLWIyOWQtNDJjYS04YTA3LTMxZTRmNDcwZTFlNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba/DANBgkqhkiG9w0BAQsFAAOCAQEABEIFd77H2VIV1BEC8W/N 7mQhzYmjOvxsvpLZwMe3IGl88fXqalBnTmiIFLCqZlB8ys7PZwTyecFjovWD9/h5 ILukIDqjSk7LzxTHE8Hz8lQRlV5v4gznurr0tJzVQfHeeE0UXx6EHyLg3Kt5VxNg f03pn6Ebh2cITw80kcS6FFKvJq3iw6vzcpElbPUEz5vPkby1d72A8mJDQyawitLI gPI3EIO74FxQC0eIdb/MDQQiTxzVu+Jo7m7u5hdwwERa6e9egIVP4W65lG5qBCye wX6Nl9xb/b9R7zP+XKj0yQhCOH4fYpzZPR+BtwJ8/r2pljyLoCJFxI2eOfST0LCY cg== -----END CERTIFICATE-----Generated at Sat Jun 14 06:31:31 2025 by rpki-client