$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f1b2a0e-2a01-4aad-badb-ed562ab51784.roa File: 0f1b2a0e-2a01-4aad-badb-ed562ab51784.roa (raw, json) Hash identifier: mpktPAk0+5FNbCuJhmMGKKVNQChj14xmH5/T4zhk9iA= Subject key identifier: 0E:C4:2E:34:D9:E8:40:E0:12:25:A5:70:A8:87:5E:D1:B2:55:6E:30 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6CCF897B34357115F50144BA41844CC82225A696 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f1b2a0e-2a01-4aad-badb-ed562ab51784.roa Signing time: Fri 16 May 2025 15:00:08 +0000 ROA not before: Fri 16 May 2025 15:00:08 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:10c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:cf:89:7b:34:35:71:15:f5:01:44:ba:41:84:4c:c8:22:25:a6:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:00:08 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=86261db8ef4f56106a5092acd9b5b3fffd7e415b4bec2e45d414631895cdead3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:5e:f5:41:ac:91:85:70:84:eb:4e:7c:dd:d3: 9d:ed:73:da:24:3f:75:db:66:ed:96:25:ed:fa:02: bb:0a:fa:b4:43:12:41:c3:f2:00:4c:1a:2d:cd:3f: 56:67:af:ef:41:23:bc:8a:50:8c:4f:d4:65:ca:f9: d1:96:b3:b3:ab:f4:f5:00:4d:49:46:1e:d9:d5:2e: 79:c0:30:39:4c:07:47:de:a1:5c:6c:26:a0:2c:c8: 1d:5d:ee:8c:a4:f4:fd:b7:77:6a:6d:eb:99:52:ff: fb:0d:ca:a4:bc:04:7d:57:e1:16:7a:7a:b0:22:2a: 36:29:46:40:a7:b6:e1:3b:ce:e2:63:c5:65:9f:6b: 85:84:98:01:89:03:eb:3f:65:bd:c1:07:75:84:2c: 99:02:5f:3d:8d:98:14:90:7a:29:65:3c:06:4f:3c: 63:6b:cd:e3:28:4f:ef:1a:d3:d9:3b:36:89:3b:9b: 1f:1f:af:aa:86:37:4a:f0:d1:99:67:17:ec:50:a2: e1:b6:1a:05:4d:cf:12:61:37:65:ec:86:db:b8:9f: 88:80:6c:28:ab:71:79:09:61:ff:86:12:f8:35:e7: 80:8e:6a:8c:53:ab:19:d4:66:21:7b:7f:28:cd:85: 48:b5:17:04:ee:5e:cf:7f:00:5d:85:95:1e:5f:b7: bb:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:C4:2E:34:D9:E8:40:E0:12:25:A5:70:A8:87:5E:D1:B2:55:6E:30 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f1b2a0e-2a01-4aad-badb-ed562ab51784.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:10c0::/46 Signature Algorithm: sha256WithRSAEncryption 3f:16:ef:e0:9f:10:89:d6:3a:94:a4:96:48:53:f5:3d:19:a0: 6d:95:1b:e1:e2:4c:9e:8e:98:00:93:99:a2:db:dd:31:b1:4c: 05:a3:fe:3f:2d:9c:58:f3:d9:09:d6:d4:3f:f5:63:13:2a:82: d9:ac:ff:42:a7:e5:d9:ab:13:47:38:4d:75:36:1d:25:66:e5: a0:a3:36:f2:44:23:d1:08:71:33:56:fd:7a:c4:4b:a0:01:8c: 4c:04:23:40:53:27:d7:ec:c1:86:10:8d:27:75:18:67:bf:b9: c3:07:25:ee:4a:12:c0:50:dc:39:3f:17:a0:a9:00:18:1f:e0: 54:a6:41:6d:46:e2:95:93:33:fb:fd:30:82:c4:37:a1:48:3c: 72:c7:13:5c:78:d1:07:94:69:c3:87:6a:8b:e4:d3:c3:5b:6f: 29:4a:af:ff:f8:ea:5b:27:a1:21:d4:49:c2:e5:13:a4:13:3b: fc:0d:a6:6f:c5:00:35:41:eb:c5:52:f5:85:c3:f7:4d:2a:59: 6f:6a:1e:5d:26:21:96:56:a6:13:33:dc:ea:97:36:e6:f4:28: 63:a2:ab:cd:47:49:8f:b9:02:d5:9b:3d:80:3c:86:75:63:e6: 9b:ae:72:06:1c:cf:27:16:ac:bd:44:2d:95:3b:89:ae:d3:b2: df:c8:fd:20 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbM+JezQ1cRX1AUS6QYRMyCIlppYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MDAwOFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAODYyNjFkYjhlZjRmNTYxMDZhNTA5 MmFjZDliNWIzZmZmZDdlNDE1YjRiZWMyZTQ1ZDQxNDYzMTg5NWNkZWFkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF71QayRhXCE60583dOd7XPaJD91 22btliXt+gK7Cvq0QxJBw/IATBotzT9WZ6/vQSO8ilCMT9RlyvnRlrOzq/T1AE1J Rh7Z1S55wDA5TAdH3qFcbCagLMgdXe6MpPT9t3dqbeuZUv/7DcqkvAR9V+EWenqw Iio2KUZAp7bhO87iY8Vln2uFhJgBiQPrP2W9wQd1hCyZAl89jZgUkHopZTwGTzxj a83jKE/vGtPZOzaJO5sfH6+qhjdK8NGZZxfsUKLhthoFTc8SYTdl7IbbuJ+IgGwo q3F5CWH/hhL4NeeAjmqMU6sZ1GYhe38ozYVItRcE7l7PfwBdhZUeX7e7cQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFA7ELjTZ6EDgEiWlcKiHXtGyVW4wMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBmMWIyYTBlLTJhMDEtNGFhZC1iYWRiLWVkNTYyYWI1MTc4NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaRDAMA0GCSqGSIb3DQEBCwUAA4IBAQA/Fu/gnxCJ1jqUpJZI U/U9GaBtlRvh4kyejpgAk5mi290xsUwFo/4/LZxY89kJ1tQ/9WMTKoLZrP9Cp+XZ qxNHOE11Nh0lZuWgozbyRCPRCHEzVv16xEugAYxMBCNAUyfX7MGGEI0ndRhnv7nD ByXuShLAUNw5PxegqQAYH+BUpkFtRuKVkzP7/TCCxDehSDxyxxNceNEHlGnDh2qL 5NPDW28pSq//+OpbJ6Eh1EnC5ROkEzv8DaZvxQA1QevFUvWFw/dNKllvah5dJiGW VqYTM9zqlzbm9ChjoqvNR0mPuQLVmz2APIZ1Y+abrnIGHM8nFqy9RC2VO4mu07Lf yP0g -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:26 2025 by rpki-client