$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f863355c-0a33-4eb1-b2bb-b0c40c0693cf.roa File: f863355c-0a33-4eb1-b2bb-b0c40c0693cf.roa (raw, json) Hash identifier: bFHfuK1k0MMd9ERv8nh5eh3vsabGh7V7t1dyE+WPW+4= Subject key identifier: B6:16:0F:FC:20:CA:4B:36:7B:CD:EB:08:2C:0D:FC:5B:44:FC:1D:43 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 256F77DB242314E58A63396F9445F33E8FA3B1A8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f863355c-0a33-4eb1-b2bb-b0c40c0693cf.roa Signing time: Mon 09 Jun 2025 15:10:12 +0000 ROA not before: Mon 09 Jun 2025 15:10:12 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:6f:77:db:24:23:14:e5:8a:63:39:6f:94:45:f3:3e:8f:a3:b1:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:10:12 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=3ab713c46b4768fd3a0cda12d3537893e6915d6941eb6abc204427a71a47188d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:f2:90:34:7a:e6:9d:53:a9:60:c4:e4:00:45: 68:79:35:0e:78:55:1f:40:cf:40:c1:39:3a:da:75: 02:f0:6c:6a:28:b2:c1:3a:76:c8:37:24:aa:3e:53: 6d:a9:e1:e4:e1:ca:30:37:a1:3c:d7:5e:8c:3b:f8: bc:2d:ee:d5:27:b3:f9:2e:6b:2a:f8:35:1a:a8:b8: 15:c7:eb:2e:06:29:51:40:e2:fc:2c:6a:84:e0:7e: 62:fc:66:25:2f:5a:4d:9e:21:09:a8:ed:2f:e6:f6: e8:9b:ce:59:b4:be:71:29:96:52:6b:a8:e2:a0:03: 3f:ab:37:56:47:3a:75:bf:46:90:c4:c8:31:9d:f3: fe:5b:1a:ed:6e:e5:67:e4:13:3a:f3:b4:df:d0:0e: fc:48:e2:ec:00:ff:90:0d:58:a5:fe:68:fa:11:0e: 84:6b:4f:ce:0f:5c:53:97:fe:6c:94:7f:28:ae:18: 1d:2d:94:ec:19:74:e7:4c:45:ec:e0:5c:e1:46:ce: e7:ec:81:49:76:ca:9a:b6:76:62:5e:a6:1a:c4:2a: 55:5f:25:dd:63:c4:79:26:f9:cc:32:36:06:40:ac: b2:3f:b0:60:dd:28:fd:b5:51:01:58:f9:a7:c7:46: e3:eb:f1:3f:64:e1:b8:e6:8a:e0:47:31:89:d2:1a: f2:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:16:0F:FC:20:CA:4B:36:7B:CD:EB:08:2C:0D:FC:5B:44:FC:1D:43 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f863355c-0a33-4eb1-b2bb-b0c40c0693cf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:7000::/40 Signature Algorithm: sha256WithRSAEncryption 74:9a:f3:18:d1:6c:65:6f:84:2c:99:38:3c:58:7f:fc:58:2a: 49:00:9f:3a:07:91:c0:cf:49:19:ab:08:81:e2:b4:9f:8a:38: fe:6b:1d:dc:bb:21:68:56:23:2f:f2:4c:2d:fe:c0:4e:73:1c: b0:1e:07:dd:9d:0d:6d:3c:cd:a4:f6:c0:b2:05:58:25:16:1a: b1:29:f9:7a:3b:11:c8:68:82:5a:bd:86:8a:b9:96:78:4e:48: 5b:0e:7b:f3:cd:06:dd:f8:22:00:07:d8:99:47:bb:51:58:f2: ee:69:96:f8:e5:5f:aa:39:2c:ca:f7:1c:a7:15:c3:c6:3b:dc: a3:bc:dc:99:ac:ae:22:04:af:0e:79:0d:9d:48:e9:75:95:70: 77:66:9d:84:9b:19:20:22:81:3f:c4:6a:5a:36:86:6e:70:f5: 27:a7:35:cd:ac:a6:bc:96:70:e5:3f:83:e9:83:fd:88:87:fc: 9e:8f:68:82:fe:4b:b8:9f:0c:67:8f:d4:ed:6c:8f:90:03:37: 08:84:bd:fd:45:2a:d9:e8:16:fb:b9:f4:e8:67:47:ea:a8:35: 32:aa:77:c3:c1:e4:80:97:15:41:b8:32:ae:3a:c3:cf:d3:61: 16:79:7b:c0:13:9a:95:bf:55:29:41:fb:a3:64:25:a6:53:cc: f2:95:9d:d7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJW932yQjFOWKYzlvlEXzPo+jsagwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MTAxMloX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAM2FiNzEzYzQ2YjQ3NjhmZDNhMGNk YTEyZDM1Mzc4OTNlNjkxNWQ2OTQxZWI2YWJjMjA0NDI3YTcxYTQ3MTg4ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfKQNHrmnVOpYMTkAEVoeTUOeFUf QM9AwTk62nUC8GxqKLLBOnbINySqPlNtqeHk4cowN6E8116MO/i8Le7VJ7P5Lmsq +DUaqLgVx+suBilRQOL8LGqE4H5i/GYlL1pNniEJqO0v5vbom85ZtL5xKZZSa6ji oAM/qzdWRzp1v0aQxMgxnfP+WxrtbuVn5BM687Tf0A78SOLsAP+QDVil/mj6EQ6E a0/OD1xTl/5slH8orhgdLZTsGXTnTEXs4FzhRs7n7IFJdsqatnZiXqYaxCpVXyXd Y8R5JvnMMjYGQKyyP7Bg3Sj9tVEBWPmnx0bj6/E/ZOG45orgRzGJ0hry8wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLYWD/wgyks2e83rCCwN/FtE/B1DMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y4NjMzNTVjLTBhMzMtNGViMS1iMmJiLWIwYzQwYzA2OTNjZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/3AwDQYJKoZIhvcNAQELBQADggEBAHSa8xjRbGVvhCyZODxY f/xYKkkAnzoHkcDPSRmrCIHitJ+KOP5rHdy7IWhWIy/yTC3+wE5zHLAeB92dDW08 zaT2wLIFWCUWGrEp+Xo7Echoglq9hoq5lnhOSFsOe/PNBt34IgAH2JlHu1FY8u5p lvjlX6o5LMr3HKcVw8Y73KO83JmsriIErw55DZ1I6XWVcHdmnYSbGSAigT/Ealo2 hm5w9SenNc2spryWcOU/g+mD/YiH/J6PaIL+S7ifDGeP1O1sj5ADNwiEvf1FKtno Fvu59OhnR+qoNTKqd8PB5ICXFUG4Mq46w8/TYRZ5e8ATmpW/VSlB+6NkJaZTzPKV ndc= -----END CERTIFICATE-----Generated at Sat Jun 14 06:14:10 2025 by rpki-client