$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/14e739f6-8650-4583-96ca-2f090de0cc47.roa File: 14e739f6-8650-4583-96ca-2f090de0cc47.roa (raw, json) Hash identifier: SP1EP3KRK+8ALyqnPjFxd4B6cID796cieVUgYu87WgY= Subject key identifier: 24:FD:B2:A3:E8:C7:4C:E6:E6:6C:F6:D3:42:C4:31:4C:DA:B2:5E:FF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 058B7D0109E45E932F0451EFF3B868C2D100DC3C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/14e739f6-8650-4583-96ca-2f090de0cc47.roa Signing time: Fri 16 May 2025 15:01:42 +0000 ROA not before: Fri 16 May 2025 15:01:42 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:8b:7d:01:09:e4:5e:93:2f:04:51:ef:f3:b8:68:c2:d1:00:dc:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:01:42 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=e41fda48df20c9489967993ad6887f3bdf8d024495ef26c909a5cfd0a73e7cbb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:99:29:a7:83:b3:6b:50:fd:17:c1:70:be:80: 8d:cc:b7:76:c5:b3:c2:1d:c2:cd:da:7c:4e:1f:42: ec:a9:75:ab:8e:fb:24:22:f6:82:8a:03:78:54:ca: 58:ae:4b:08:8f:d2:78:26:c7:17:ec:fe:0f:4b:96: 04:28:5f:36:52:e6:ed:91:ed:f1:f9:f2:8f:73:7a: 35:57:38:53:a4:9a:e6:10:3c:2f:bf:a7:76:26:f5: fd:9b:b6:9d:49:1b:0e:28:c1:5e:e8:58:cf:0e:c1: 56:e7:f2:4d:ce:b8:37:6d:9b:f4:c0:56:2f:07:da: a0:28:42:61:0d:4f:41:1a:f7:2b:91:28:c7:63:0a: 93:b3:4b:76:4d:2f:f7:f6:9b:f2:dd:21:f6:66:b8: 31:75:63:8a:a5:af:9e:e2:80:fb:e5:11:46:3c:84: e3:ee:2c:03:3d:06:2b:d2:a7:92:19:0d:8a:08:c4: a3:98:ed:4b:9c:92:bd:2f:b8:7c:84:d9:8b:91:25: 98:52:82:36:3b:67:19:45:99:0b:69:38:5f:82:a4: af:c3:0e:53:b6:c0:3a:40:c2:54:da:06:ac:0e:3f: 5f:cf:59:67:20:fc:f4:f7:69:21:df:a1:ed:39:2c: 0f:e5:21:75:7f:94:54:ff:99:ba:06:0e:4b:3f:e8: 41:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:FD:B2:A3:E8:C7:4C:E6:E6:6C:F6:D3:42:C4:31:4C:DA:B2:5E:FF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/14e739f6-8650-4583-96ca-2f090de0cc47.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:f000::/40 Signature Algorithm: sha256WithRSAEncryption c5:2b:8e:f3:52:ba:9f:a1:1f:ab:00:fa:ec:29:3e:21:17:0b: 5a:5f:42:0b:10:6f:96:ed:7c:51:d1:8d:05:a3:f6:c1:e4:a4: d6:95:10:64:a6:62:92:b2:f6:b3:a2:c2:3b:d7:76:51:b9:c2: 4b:40:c7:9a:76:3b:9d:f9:74:7a:12:0a:18:17:72:ca:ac:7b: f8:02:5a:fb:86:30:a0:e3:65:46:f8:e3:32:f8:80:6a:1c:19: 4f:34:cd:a1:37:a3:15:64:bf:30:73:91:e2:32:34:9e:0c:7e: 32:ab:45:5a:e4:27:20:40:9a:af:34:62:73:9a:95:b4:45:6b: cf:67:e4:ab:7c:f7:bb:0d:d9:b7:5d:ff:c0:8f:ba:04:58:00: ce:30:2f:fa:58:8c:6b:80:17:27:f5:91:e3:0a:38:45:d3:46: 89:7f:9f:87:3e:5a:dd:0e:ef:9d:cc:0c:af:ce:40:41:82:39: ed:17:fa:d8:0d:78:63:bf:75:be:3a:d1:91:fc:b1:de:66:13: bc:3b:e9:e7:5a:1e:c3:7d:04:85:ed:b1:19:e1:00:23:c2:31: 32:76:67:0c:82:49:83:38:dc:05:5b:ca:9f:18:11:bc:9b:ab: 23:93:53:26:4c:89:a4:e0:51:d1:90:d5:69:74:ee:66:ae:fa: 46:6c:d4:2c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBYt9AQnkXpMvBFHv87howtEA3DwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MDE0MloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZTQxZmRhNDhkZjIwYzk0ODk5Njc5 OTNhZDY4ODdmM2JkZjhkMDI0NDk1ZWYyNmM5MDlhNWNmZDBhNzNlN2NiYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5kpp4Oza1D9F8FwvoCNzLd2xbPC HcLN2nxOH0LsqXWrjvskIvaCigN4VMpYrksIj9J4JscX7P4PS5YEKF82Uubtke3x +fKPc3o1VzhTpJrmEDwvv6d2JvX9m7adSRsOKMFe6FjPDsFW5/JNzrg3bZv0wFYv B9qgKEJhDU9BGvcrkSjHYwqTs0t2TS/39pvy3SH2ZrgxdWOKpa+e4oD75RFGPITj 7iwDPQYr0qeSGQ2KCMSjmO1LnJK9L7h8hNmLkSWYUoI2O2cZRZkLaThfgqSvww5T tsA6QMJU2gasDj9fz1lnIPz092kh36HtOSwP5SF1f5RU/5m6Bg5LP+hB8QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCT9sqPox0zm5mz200LEMUzasl7/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE0ZTczOWY2LTg2NTAtNDU4My05NmNhLTJmMDkwZGUwY2M0Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9/AwDQYJKoZIhvcNAQELBQADggEBAMUrjvNSup+hH6sA+uwp PiEXC1pfQgsQb5btfFHRjQWj9sHkpNaVEGSmYpKy9rOiwjvXdlG5wktAx5p2O535 dHoSChgXcsqse/gCWvuGMKDjZUb44zL4gGocGU80zaE3oxVkvzBzkeIyNJ4MfjKr RVrkJyBAmq80YnOalbRFa89n5Kt897sN2bdd/8CPugRYAM4wL/pYjGuAFyf1keMK OEXTRol/n4c+Wt0O753MDK/OQEGCOe0X+tgNeGO/db460ZH8sd5mE7w76edaHsN9 BIXtsRnhACPCMTJ2ZwyCSYM43AVbyp8YEbybqyOTUyZMiaTgUdGQ1Wl07mau+kZs 1Cw= -----END CERTIFICATE-----Generated at Tue Jun 3 23:35:43 2025 by rpki-client