$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb6fb749-738a-45f9-8df3-b428dffee98a.roa File: fb6fb749-738a-45f9-8df3-b428dffee98a.roa (raw, json) Hash identifier: GNwT5Y0jsmW/yYsHrL+FZd804ZOkbpXwJ9upgiQKiHc= Subject key identifier: 31:42:02:D9:2D:72:D5:5D:BC:32:76:FE:CE:D4:F0:FC:85:3D:F8:94 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6CE3CDDC80A5B0AE3D18A36117F0D5B87B03689F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb6fb749-738a-45f9-8df3-b428dffee98a.roa Signing time: Sat 07 Jun 2025 00:20:59 +0000 ROA not before: Sat 07 Jun 2025 00:20:59 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:a080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:e3:cd:dc:80:a5:b0:ae:3d:18:a3:61:17:f0:d5:b8:7b:03:68:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:20:59 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=7a366ef81603d382ec99d553737942ea00eb97c0cdea51378e5a806f3c3a2520, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:cd:2a:6e:32:d8:d6:ba:47:69:f2:c4:2c:b1: a5:f7:bb:71:19:bd:56:4b:aa:3a:ea:54:7e:30:c1: 39:c0:0b:a4:72:ca:c8:57:d1:d8:65:a7:26:88:73: 70:12:60:7c:fe:ee:6a:4b:7b:3e:eb:fc:12:a0:3f: fb:b9:de:21:45:24:50:ca:5c:cf:b2:02:0f:99:34: 4e:5c:1d:75:16:56:c6:8b:e7:95:81:8e:a5:49:84: a8:9d:bf:a8:27:83:7e:61:1d:13:11:7d:c5:8c:c5: 4c:03:a1:2f:88:db:f4:70:e1:c0:01:b7:bd:fc:6c: 96:ad:f0:1c:c3:2a:a8:47:c1:ef:07:42:8b:fc:09: fd:d9:e2:f0:0e:71:ab:50:38:7c:92:2f:6b:eb:05: 8c:cb:91:35:8c:49:29:eb:ba:20:47:00:cd:43:37: 67:d9:2e:5d:b2:6c:18:d5:39:cb:e4:a5:0f:45:88: 93:49:de:56:68:95:48:43:d2:75:fa:64:d1:34:9b: 33:0b:f4:97:86:a8:f3:3e:df:42:40:65:0e:84:a4: cb:51:71:3d:81:8e:39:c6:b7:dd:34:a1:fd:e1:9a: fb:af:e7:c9:ca:90:f6:6b:99:f5:67:7d:0e:0b:f1: cb:6e:62:18:76:cd:c8:a3:8d:a3:bb:ee:e1:99:31: 24:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:42:02:D9:2D:72:D5:5D:BC:32:76:FE:CE:D4:F0:FC:85:3D:F8:94 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb6fb749-738a-45f9-8df3-b428dffee98a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:a080::/48 Signature Algorithm: sha256WithRSAEncryption 5c:51:c5:85:70:7b:4e:1a:28:86:a6:95:2c:c7:c2:b6:c5:87: 29:cc:f1:8c:ec:0d:98:d8:18:42:86:c6:ed:c8:c7:7c:c3:f6: 65:b7:b2:14:31:10:9a:b6:15:d1:70:95:36:3b:c0:15:3a:6c: f1:98:de:3e:c4:ee:51:63:37:2d:64:eb:e8:54:db:0c:7e:9b: f1:62:12:79:8c:cc:c3:90:92:d6:87:e7:fc:a6:1d:f6:7d:74: 1e:75:d3:22:df:31:5e:9a:20:86:8c:87:c3:13:fd:54:67:5c: 44:f8:a1:33:3f:1d:16:32:9c:df:56:4d:2f:b3:5e:49:9e:28: 73:61:14:e2:b0:14:a5:1b:d2:0b:77:e2:8a:f4:fa:65:73:3e: 80:3c:8c:9e:dc:f8:2a:f3:44:8b:a8:2e:ab:7d:87:45:33:1a: ff:05:48:c1:06:0e:f1:cc:ad:25:d6:1b:24:39:cc:e8:bf:92: 0d:aa:76:26:93:01:d5:08:2f:6d:6a:0a:84:48:82:6d:bb:3a: 69:b8:57:8a:c0:42:97:21:03:05:ee:56:b6:ec:fe:c8:ae:cd: fb:b0:e5:99:b1:67:d6:37:9f:18:69:66:f3:59:b2:11:be:f3: d6:f3:b8:6f:d9:7a:91:5a:b0:b3:ca:70:6f:d4:9c:1c:e9:f1: 8b:39:71:6d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbOPN3IClsK49GKNhF/DVuHsDaJ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMjA1OVoX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAN2EzNjZlZjgxNjAzZDM4MmVjOTlk NTUzNzM3OTQyZWEwMGViOTdjMGNkZWE1MTM3OGU1YTgwNmYzYzNhMjUyMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy80qbjLY1rpHafLELLGl97txGb1W S6o66lR+MME5wAukcsrIV9HYZacmiHNwEmB8/u5qS3s+6/wSoD/7ud4hRSRQylzP sgIPmTROXB11FlbGi+eVgY6lSYSonb+oJ4N+YR0TEX3FjMVMA6EviNv0cOHAAbe9 /GyWrfAcwyqoR8HvB0KL/An92eLwDnGrUDh8ki9r6wWMy5E1jEkp67ogRwDNQzdn 2S5dsmwY1TnL5KUPRYiTSd5WaJVIQ9J1+mTRNJszC/SXhqjzPt9CQGUOhKTLUXE9 gY45xrfdNKH94Zr7r+fJypD2a5n1Z30OC/HLbmIYds3Io42ju+7hmTEk4QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDFCAtktctVdvDJ2/s7U8PyFPfiUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiNmZiNzQ5LTczOGEtNDVmOS04ZGYzLWI0MjhkZmZlZTk4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOKCAMA0GCSqGSIb3DQEBCwUAA4IBAQBcUcWFcHtOGiiGppUs x8K2xYcpzPGM7A2Y2BhChsbtyMd8w/Zlt7IUMRCathXRcJU2O8AVOmzxmN4+xO5R YzctZOvoVNsMfpvxYhJ5jMzDkJLWh+f8ph32fXQeddMi3zFemiCGjIfDE/1UZ1xE +KEzPx0WMpzfVk0vs15JnihzYRTisBSlG9ILd+KK9Pplcz6APIye3Pgq80SLqC6r fYdFMxr/BUjBBg7xzK0l1hskOczov5INqnYmkwHVCC9tagqESIJtuzppuFeKwEKX IQMF7la27P7Irs37sOWZsWfWN58YaWbzWbIRvvPW87hv2XqRWrCzynBv1Jwc6fGL OXFt -----END CERTIFICATE-----Generated at Sat Jun 14 06:14:10 2025 by rpki-client