$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa File: 00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa (raw, json) Hash identifier: /nq4EfFP+za1oASQ9wN8GW3924/0ShzDz+o2sCsLk6k= Subject key identifier: C3:8B:DF:CC:E8:91:44:56:C8:FB:71:82:30:A3:E3:8C:62:D1:4C:17 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5D6201BACC9A35D8C737072D7562784EB86C87F9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa Signing time: Fri 16 May 2025 15:30:14 +0000 ROA not before: Fri 16 May 2025 15:30:14 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:62:01:ba:cc:9a:35:d8:c7:37:07:2d:75:62:78:4e:b8:6c:87:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:30:14 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=485c72ac0faee2fcd02c14c2d620c12e5aaa908bf8983950933e744e7d3ebcee, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:85:0e:42:cb:7c:0c:15:6c:ba:b2:cc:f9:5f: 87:c1:df:e1:de:47:2b:62:42:f1:2d:a7:a8:93:a1: 25:ee:09:6e:97:d1:80:43:42:f5:40:0e:0b:c1:03: ef:40:95:c9:43:ef:12:99:a3:87:49:4b:8b:7a:d8: a9:19:b8:e4:f7:e2:ec:43:c4:41:a7:a7:ff:db:fe: 25:b5:b9:41:fd:c6:c7:aa:21:2a:73:b3:5e:29:cf: 87:93:c6:51:e7:12:42:37:77:0b:1c:ae:a1:f5:eb: fe:60:48:2a:be:52:6c:cb:9e:a3:02:dc:c7:af:15: 78:af:0f:7f:46:46:35:38:04:b4:9f:75:ee:f8:d0: 54:e1:e3:77:18:71:2f:5a:b1:00:5d:ed:e2:4c:e6: a2:3e:99:db:6d:57:9a:a3:d1:ec:3e:ba:69:55:7a: 30:ae:39:49:0c:b1:49:b5:9c:f2:74:4f:63:bd:09: 51:ab:08:90:9a:3c:2a:b4:06:9c:3e:81:6c:81:a3: 3c:59:74:ad:e4:5e:ec:50:c0:1a:ad:e3:2d:5a:85: b1:f4:9f:ba:1b:2c:31:67:d6:dd:67:ec:24:9e:e8: 29:9e:2a:da:62:87:ac:1e:01:d1:ed:0e:2b:6c:54: ee:fd:61:c0:6b:03:6a:10:98:c0:80:50:19:5b:b7: 22:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:8B:DF:CC:E8:91:44:56:C8:FB:71:82:30:A3:E3:8C:62:D1:4C:17 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00b2a2b4-99de-45a2-b5f4-a01609c997f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:7000::/40 Signature Algorithm: sha256WithRSAEncryption b6:8a:8a:40:c7:7b:a0:f4:7b:87:f6:32:d2:17:14:93:b0:7a: 14:4d:7a:cf:5d:c2:3d:b0:34:a1:54:93:c5:6a:3d:9b:e1:2e: 8b:08:fe:a6:93:cb:19:55:19:5d:00:53:26:d6:a2:d3:09:e0: 95:2c:df:41:1d:18:da:9e:aa:46:fc:6d:be:60:59:a9:ea:e2: bb:f9:53:e4:98:e2:58:41:10:7f:38:0f:02:80:04:83:e5:27: af:7e:ed:e2:a6:7f:29:25:1b:50:0a:88:f4:4b:b4:d4:28:a6: 17:bd:20:5b:43:0b:b1:2d:e3:0e:0d:39:28:9f:64:4c:3b:23: 0b:4b:ff:c1:72:b8:0a:42:85:27:48:dc:cd:f8:23:c6:73:c3: ca:67:49:8f:b2:61:22:43:f5:27:49:9f:bb:76:41:f6:b8:1a: 71:24:79:b0:c0:98:83:b1:da:24:d4:c4:9f:25:56:e0:87:84: ce:5a:7f:f3:83:00:2d:08:0a:65:cc:f2:a8:e1:14:e8:d4:84: 28:f4:e2:9a:61:bd:a5:16:87:10:bd:6f:b4:97:59:33:b8:fb: 6b:b6:1d:cf:1a:19:cf:c5:66:28:8a:17:a0:b9:51:72:ad:69: dd:19:e4:5f:37:70:bc:84:dc:fd:89:ab:f2:10:b2:15:46:a8: d8:d7:7f:55 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXWIBusyaNdjHNwctdWJ4Trhsh/kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzAxNFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANDg1YzcyYWMwZmFlZTJmY2QwMmMx NGMyZDYyMGMxMmU1YWFhOTA4YmY4OTgzOTUwOTMzZTc0NGU3ZDNlYmNlZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4UOQst8DBVsurLM+V+Hwd/h3kcr YkLxLaeok6El7glul9GAQ0L1QA4LwQPvQJXJQ+8SmaOHSUuLetipGbjk9+LsQ8RB p6f/2/4ltblB/cbHqiEqc7NeKc+Hk8ZR5xJCN3cLHK6h9ev+YEgqvlJsy56jAtzH rxV4rw9/RkY1OAS0n3Xu+NBU4eN3GHEvWrEAXe3iTOaiPpnbbVeao9HsPrppVXow rjlJDLFJtZzydE9jvQlRqwiQmjwqtAacPoFsgaM8WXSt5F7sUMAareMtWoWx9J+6 GywxZ9bdZ+wknugpniraYoesHgHR7Q4rbFTu/WHAawNqEJjAgFAZW7ciNwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMOL38zokURWyPtxgjCj44xi0UwXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwYjJhMmI0LTk5ZGUtNDVhMi1iNWY0LWEwMTYwOWM5OTdmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOHAwDQYJKoZIhvcNAQELBQADggEBALaKikDHe6D0e4f2MtIX FJOwehRNes9dwj2wNKFUk8VqPZvhLosI/qaTyxlVGV0AUybWotMJ4JUs30EdGNqe qkb8bb5gWanq4rv5U+SY4lhBEH84DwKABIPlJ69+7eKmfyklG1AKiPRLtNQophe9 IFtDC7Et4w4NOSifZEw7IwtL/8FyuApChSdI3M34I8Zzw8pnSY+yYSJD9SdJn7t2 Qfa4GnEkebDAmIOx2iTUxJ8lVuCHhM5af/ODAC0ICmXM8qjhFOjUhCj04pphvaUW hxC9b7SXWTO4+2u2Hc8aGc/FZiiKF6C5UXKtad0Z5F83cLyE3P2Jq/IQshVGqNjX f1U= -----END CERTIFICATE-----Generated at Tue Jun 3 23:13:05 2025 by rpki-client