$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa File: fb17f286-f77e-445f-a084-0fef8b29ef6e.roa (raw, json) Hash identifier: yNnJFVNyuH9uhtEJkt4ObfUVe2OIQNhMnNjhAL1CL2o= Subject key identifier: CE:7E:EC:E8:52:B5:24:64:56:CB:44:62:F7:89:BF:49:BD:5D:F8:20 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5B65CE6B7C6CCFA5287B8A2A9FC73D7D02DBE2BA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa Signing time: Fri 13 Jun 2025 00:00:02 +0000 ROA not before: Fri 13 Jun 2025 00:00:02 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:65:ce:6b:7c:6c:cf:a5:28:7b:8a:2a:9f:c7:3d:7d:02:db:e2:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:00:02 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=59b5b1182f068745c12d257b58d59455dca694ed9fbf361628599b0ec1eca569, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:5b:f6:d8:5f:af:22:3b:13:ed:e3:8a:14:3f: 7b:3b:40:e6:18:a4:f9:16:e0:9f:dd:79:97:90:ef: 15:7d:20:7e:89:90:92:79:80:76:ed:8b:20:a8:1a: 44:c1:16:56:8b:26:36:9b:b9:04:49:9c:1c:f3:a1: 44:28:08:3d:8e:8b:62:c9:d9:3e:d2:9a:2e:00:07: 1e:ee:bc:af:b3:dc:11:94:ef:99:6b:6c:4e:bd:d6: 1b:bb:d5:f4:5c:cf:5d:f6:3c:29:e1:2a:46:f4:93: ab:5a:73:cb:33:21:15:61:16:3a:99:23:34:ab:b5: 1c:50:76:3b:05:ec:3d:09:33:e5:75:91:7d:c3:41: d1:28:82:f9:71:6e:86:49:5f:87:c0:96:d6:26:30: 0e:77:89:51:75:c0:5b:28:f9:31:6f:64:0c:79:4d: da:33:10:b4:05:f7:7e:da:2f:10:43:8d:f5:3c:20: 24:e7:78:41:c3:9e:a2:e5:63:01:80:3c:f0:ba:5d: cb:b1:0c:14:a0:12:ae:cb:fb:ff:07:6b:13:b1:11: 29:34:0e:8d:50:03:45:8c:2a:b6:b2:86:8f:6d:39: 33:b1:0e:1c:2e:4f:91:73:6e:f5:7a:45:3f:f5:3e: a0:09:d9:ae:9f:1c:04:62:85:9f:d2:03:ce:5e:2e: 7f:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:7E:EC:E8:52:B5:24:64:56:CB:44:62:F7:89:BF:49:BD:5D:F8:20 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:800::/40 Signature Algorithm: sha256WithRSAEncryption 83:59:82:4b:2c:0f:77:a7:bf:88:a5:3b:1f:b4:12:70:a7:72: 0e:e0:14:8a:22:ae:dd:ac:c7:b0:29:fc:20:96:76:dd:75:a3: 12:51:e8:ec:02:d1:51:a7:50:4a:a8:5d:13:21:b4:0f:78:16: 26:7b:8f:4f:d4:33:1d:fe:0c:2e:86:b4:9d:85:fc:72:24:d7: d8:b5:f8:47:40:0c:48:97:fa:0d:cf:04:5c:b1:8a:0b:53:b2: 66:ca:2b:ae:e4:7b:cc:b9:36:e5:42:29:79:a5:82:05:c3:c2: 3c:85:38:93:08:cd:dc:5b:75:38:de:80:6e:fb:67:76:8e:42: 7c:ce:79:ab:c7:93:c0:72:49:d8:47:42:bd:6d:6e:12:ad:1f: 71:ce:1c:5b:d0:a2:ff:4f:e8:d0:2a:86:32:63:6f:47:21:d9: 70:f4:a8:8d:d9:6d:dd:7f:db:ac:2c:35:48:75:2c:fb:a4:6a: 40:c5:9d:b6:d6:47:9f:2b:72:28:46:a0:ad:90:3d:70:55:0b: 1a:16:42:1b:2c:37:59:18:63:45:03:c7:80:d5:52:52:49:d2: 9e:77:ba:81:01:d9:f9:5f:85:af:04:e2:2a:9b:f2:ce:7c:6d: b1:62:ab:43:ff:9c:dc:8f:90:d4:79:38:bb:94:a8:2b:14:c0: 5d:a2:2a:42 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUW2XOa3xsz6Uoe4oqn8c9fQLb4rowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDAwMloX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNANTliNWIxMTgyZjA2ODc0NWMxMmQy NTdiNThkNTk0NTVkY2E2OTRlZDlmYmYzNjE2Mjg1OTliMGVjMWVjYTU2OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslv22F+vIjsT7eOKFD97O0DmGKT5 FuCf3XmXkO8VfSB+iZCSeYB27YsgqBpEwRZWiyY2m7kESZwc86FEKAg9jotiydk+ 0pouAAce7ryvs9wRlO+Za2xOvdYbu9X0XM9d9jwp4SpG9JOrWnPLMyEVYRY6mSM0 q7UcUHY7Bew9CTPldZF9w0HRKIL5cW6GSV+HwJbWJjAOd4lRdcBbKPkxb2QMeU3a MxC0Bfd+2i8QQ431PCAk53hBw56i5WMBgDzwul3LsQwUoBKuy/v/B2sTsREpNA6N UANFjCq2soaPbTkzsQ4cLk+Rc271ekU/9T6gCdmunxwEYoWf0gPOXi5/MQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM5+7OhStSRkVstEYveJv0m9XfggMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiMTdmMjg2LWY3N2UtNDQ1Zi1hMDg0LTBmZWY4YjI5ZWY2ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauAgwDQYJKoZIhvcNAQELBQADggEBAINZgkssD3env4ilOx+0 EnCncg7gFIoirt2sx7Ap/CCWdt11oxJR6OwC0VGnUEqoXRMhtA94FiZ7j0/UMx3+ DC6GtJ2F/HIk19i1+EdADEiX+g3PBFyxigtTsmbKK67ke8y5NuVCKXmlggXDwjyF OJMIzdxbdTjegG77Z3aOQnzOeavHk8BySdhHQr1tbhKtH3HOHFvQov9P6NAqhjJj b0ch2XD0qI3Zbd1/26wsNUh1LPukakDFnbbWR58rcihGoK2QPXBVCxoWQhssN1kY Y0UDx4DVUlJJ0p53uoEB2flfha8E4iqb8s58bbFiq0P/nNyPkNR5OLuUqCsUwF2i KkI= -----END CERTIFICATE-----Generated at Sat Jun 14 06:02:10 2025 by rpki-client