$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/184f988b-295a-4289-b75b-7fd138f36664.roa File: 184f988b-295a-4289-b75b-7fd138f36664.roa (raw, json) Hash identifier: nwjdmegN6+EMQkhXljuzmV10xnBR3IyHoUpgDye/VHA= Subject key identifier: 67:F6:53:57:D4:BA:D1:92:CC:A3:AF:01:C2:7E:D2:4F:2F:78:7B:F6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 492D8613E78E233C8E0AE5322FFF5DA8C5C27B5F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/184f988b-295a-4289-b75b-7fd138f36664.roa Signing time: Fri 16 May 2025 15:31:34 +0000 ROA not before: Fri 16 May 2025 15:31:34 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:2d:86:13:e7:8e:23:3c:8e:0a:e5:32:2f:ff:5d:a8:c5:c2:7b:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:31:34 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=c30b4a4b698c3d670358ad8e9f27ed2a43081b8534ea1f2c7cb683f3ca6c38c5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2d:e4:bd:f6:a3:26:18:a3:86:50:ca:f8:48: bf:0f:1a:2a:c1:3a:e1:3c:1b:8a:f4:8c:00:d4:04: 4e:39:85:28:41:f8:2e:0b:00:6e:4f:97:dd:34:de: b1:d5:ac:96:52:fa:2a:9b:90:60:58:a2:e0:9f:50: 39:28:27:a5:e4:df:15:ad:05:a7:b1:be:12:25:ba: a6:fd:a1:1b:94:37:98:68:7b:b7:eb:f3:04:49:6c: 7a:76:d5:08:1d:9b:b9:2e:ea:07:69:5b:94:8c:aa: 68:80:2c:b7:ef:fc:d3:6b:8b:31:ef:69:6e:f4:05: 16:66:c2:24:62:d1:8a:a0:70:90:14:f2:b7:f7:d5: 1a:53:fc:de:2c:74:b9:61:fe:3a:a1:52:98:c9:b9: 86:76:fc:d6:a5:c7:fd:d7:09:17:a7:b6:b2:2f:42: 94:51:82:e1:06:1c:ad:34:0c:0e:be:ae:3b:c6:64: 28:e4:3a:4f:82:22:8b:1f:9a:b0:9e:51:04:19:cf: 3f:e7:90:4d:7d:15:6e:19:7f:8a:13:0e:64:48:0a: e0:02:6a:28:65:e0:88:cb:65:6b:40:89:bc:ee:e8: b7:d7:48:69:3b:b5:5a:79:4d:fa:4b:9a:e3:b6:0d: 61:6c:90:87:b5:b3:fd:ba:86:cd:b6:3f:f7:0e:bf: 85:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:F6:53:57:D4:BA:D1:92:CC:A3:AF:01:C2:7E:D2:4F:2F:78:7B:F6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/184f988b-295a-4289-b75b-7fd138f36664.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:9000::/40 Signature Algorithm: sha256WithRSAEncryption 69:ad:d1:49:e5:a9:6c:29:77:c0:fd:2e:67:2e:2d:28:f9:95: a6:0f:51:68:7d:b7:0a:0e:a4:67:be:5b:bc:df:b5:55:6d:69: 19:4d:12:af:d8:cd:85:c3:f2:e0:6a:47:85:ec:13:1a:f9:6a: 8a:18:54:6f:4d:fa:c8:6e:8c:62:39:3b:ef:4f:47:84:6c:ba: 8d:df:c2:4f:71:db:15:fa:66:81:c6:de:1b:7e:cc:9e:12:19: fd:1a:f6:e6:20:82:64:24:f9:4a:7c:07:d1:8f:a7:4b:bc:20: 33:9d:74:43:e7:df:22:48:a6:95:1b:31:ce:79:ee:d5:2c:74: af:eb:40:02:25:11:e3:98:2f:70:f3:95:4e:bf:29:a1:0f:05: 2c:7a:18:d6:23:4a:9a:dd:16:ec:10:da:81:14:df:7d:46:34: 1b:c2:f3:52:8f:12:66:57:31:21:e6:f6:e8:9c:0a:a9:8c:86: d5:ab:e3:56:83:84:41:ed:4f:38:4d:60:c4:1a:16:29:1b:10: 1b:d7:11:27:34:04:64:76:ec:c5:cd:64:c4:29:c4:26:cc:b6: 6c:ec:64:84:95:d4:9b:66:bd:ea:e1:bf:5b:73:00:32:de:24: 2f:c2:4b:72:8a:8e:73:1e:f7:9d:7b:3d:73:57:0f:91:e1:72: ce:ff:be:d1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSS2GE+eOIzyOCuUyL/9dqMXCe18wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzEzNFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYzMwYjRhNGI2OThjM2Q2NzAzNThh ZDhlOWYyN2VkMmE0MzA4MWI4NTM0ZWExZjJjN2NiNjgzZjNjYTZjMzhjNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy3kvfajJhijhlDK+Ei/DxoqwTrh PBuK9IwA1AROOYUoQfguCwBuT5fdNN6x1ayWUvoqm5BgWKLgn1A5KCel5N8VrQWn sb4SJbqm/aEblDeYaHu36/MESWx6dtUIHZu5LuoHaVuUjKpogCy37/zTa4sx72lu 9AUWZsIkYtGKoHCQFPK399UaU/zeLHS5Yf46oVKYybmGdvzWpcf91wkXp7ayL0KU UYLhBhytNAwOvq47xmQo5DpPgiKLH5qwnlEEGc8/55BNfRVuGX+KEw5kSArgAmoo ZeCIy2VrQIm87ui310hpO7VaeU36S5rjtg1hbJCHtbP9uobNtj/3Dr+FzQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGf2U1fUutGSzKOvAcJ+0k8veHv2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE4NGY5ODhiLTI5NWEtNDI4OS1iNzViLTdmZDEzOGYzNjY2NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNpAwDQYJKoZIhvcNAQELBQADggEBAGmt0UnlqWwpd8D9Lmcu LSj5laYPUWh9twoOpGe+W7zftVVtaRlNEq/YzYXD8uBqR4XsExr5aooYVG9N+shu jGI5O+9PR4Rsuo3fwk9x2xX6ZoHG3ht+zJ4SGf0a9uYggmQk+Up8B9GPp0u8IDOd dEPn3yJIppUbMc557tUsdK/rQAIlEeOYL3DzlU6/KaEPBSx6GNYjSprdFuwQ2oEU 331GNBvC81KPEmZXMSHm9uicCqmMhtWr41aDhEHtTzhNYMQaFikbEBvXESc0BGR2 7MXNZMQpxCbMtmzsZISV1Jtmverhv1tzADLeJC/CS3KKjnMe9517PXNXD5Hhcs7/ vtE= -----END CERTIFICATE-----Generated at Tue Jun 3 23:33:07 2025 by rpki-client