$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25a8d841-0fbc-4ced-ac4c-aeb5fe9ab816.roa File: 25a8d841-0fbc-4ced-ac4c-aeb5fe9ab816.roa (raw, json) Hash identifier: ulqQWB7lku5AhlyNK7SAmYffdP+x34qUQGLaNr6INXU= Subject key identifier: 07:C6:DC:C0:57:75:E5:A4:40:B3:5D:F9:21:CD:25:89:E6:47:45:A5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7CA51D91F7DB73EAC2AED6BE71F3B8A7D255B58A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25a8d841-0fbc-4ced-ac4c-aeb5fe9ab816.roa Signing time: Fri 16 May 2025 15:10:42 +0000 ROA not before: Fri 16 May 2025 15:10:42 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daf4:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:a5:1d:91:f7:db:73:ea:c2:ae:d6:be:71:f3:b8:a7:d2:55:b5:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:10:42 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=df5e724b0625fe1d6e8b52f9cb31f3574498a89c674992766c565396fb622d9d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:df:6b:f5:76:b3:38:48:43:2e:cc:e8:e8:53: 17:61:f7:48:02:b7:74:ff:2d:ec:b7:29:9a:32:12: 2b:be:d9:00:40:19:12:b7:06:dc:fe:68:ee:37:6b: f8:56:46:a0:fb:fe:48:24:0f:73:63:5f:de:fc:66: a7:ed:e0:5b:6e:28:e1:1a:19:2d:5b:e0:ba:cb:ed: c1:6a:cd:82:13:3a:35:d4:7a:b0:31:44:63:f4:e2: fb:b5:43:73:4f:d9:16:f8:b6:99:ba:19:26:a7:24: e3:ce:62:8b:58:2a:e3:19:f7:91:08:32:96:a4:38: dd:39:81:e3:8f:8b:37:9d:de:74:ad:36:07:58:57: 0b:bd:4d:02:ee:e0:b2:64:1f:82:12:72:c0:96:5b: 04:69:b4:50:76:5c:5f:6c:f8:9c:d0:04:11:bc:ae: 55:a1:bd:f6:9c:60:f4:0c:8b:b0:21:59:ab:a7:09: 14:c1:95:00:11:3c:1b:a6:9f:82:15:c2:92:b3:23: 6e:5d:16:e6:fd:da:98:5d:c1:24:7e:b3:55:23:3f: 4c:b3:51:d1:98:ce:d8:e0:b2:74:3f:c6:10:7a:14: 54:d5:4d:a4:7c:5f:f9:89:2a:ad:8d:30:bd:da:0c: 82:2e:7c:6f:e8:ee:84:f3:94:72:4c:f0:2d:10:6e: b8:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:C6:DC:C0:57:75:E5:A4:40:B3:5D:F9:21:CD:25:89:E6:47:45:A5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25a8d841-0fbc-4ced-ac4c-aeb5fe9ab816.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:c000::/40 Signature Algorithm: sha256WithRSAEncryption 2d:a4:a1:8d:3e:a7:c1:c4:1a:67:fc:bf:c5:13:f5:cb:ca:b2: 51:6e:ca:1b:6d:92:76:ab:ac:98:7d:57:97:33:cb:7f:5a:69: 7e:ff:1f:d1:a3:53:96:c2:a2:26:2d:2a:e3:2d:30:52:0c:ed: 47:09:83:c7:a4:13:36:16:a3:ee:a1:c0:1a:76:2c:cf:33:a2: 9e:ee:e7:dc:77:99:24:41:5a:6a:1b:73:e8:21:8f:d6:9d:1d: b0:51:48:11:84:f1:2a:d8:6b:3a:eb:51:51:4f:a5:3c:1e:0d: b5:5c:19:3b:d6:63:15:40:50:66:b3:13:65:96:2d:c6:3b:1b: 04:b9:e0:30:88:09:ab:ca:1e:ae:53:02:a3:18:92:1f:4d:8f: 3b:62:da:5f:11:30:26:ca:74:d6:0c:4d:ab:5d:90:78:b3:83: 70:fd:58:e7:0e:ed:ed:29:4a:5f:17:04:71:4e:11:f2:17:fb: 4c:8a:3b:3a:39:92:66:9f:8a:17:80:69:e0:26:18:04:b3:55: 5b:eb:43:06:2c:9b:91:ec:bd:5e:0a:78:1f:9a:b5:a0:34:ed: 3b:c0:da:e3:ff:61:9b:aa:61:46:6e:ae:67:1c:c5:97:91:0e: 60:ee:c6:66:0c:08:3a:6e:57:d4:81:9a:d3:f4:db:49:b3:64: 53:4a:3f:e1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfKUdkffbc+rCrta+cfO4p9JVtYowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MTA0MloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZGY1ZTcyNGIwNjI1ZmUxZDZlOGI1 MmY5Y2IzMWYzNTc0NDk4YTg5YzY3NDk5Mjc2NmM1NjUzOTZmYjYyMmQ5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2N9r9XazOEhDLszo6FMXYfdIArd0 /y3stymaMhIrvtkAQBkStwbc/mjuN2v4Vkag+/5IJA9zY1/e/Gan7eBbbijhGhkt W+C6y+3Bas2CEzo11HqwMURj9OL7tUNzT9kW+LaZuhkmpyTjzmKLWCrjGfeRCDKW pDjdOYHjj4s3nd50rTYHWFcLvU0C7uCyZB+CEnLAllsEabRQdlxfbPic0AQRvK5V ob32nGD0DIuwIVmrpwkUwZUAETwbpp+CFcKSsyNuXRbm/dqYXcEkfrNVIz9Ms1HR mM7Y4LJ0P8YQehRU1U2kfF/5iSqtjTC92gyCLnxv6O6E85RyTPAtEG64mQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAfG3MBXdeWkQLNd+SHNJYnmR0WlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI1YThkODQxLTBmYmMtNGNlZC1hYzRjLWFlYjVmZTlhYjgxNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9MAwDQYJKoZIhvcNAQELBQADggEBAC2koY0+p8HEGmf8v8UT 9cvKslFuyhttknarrJh9V5czy39aaX7/H9GjU5bCoiYtKuMtMFIM7UcJg8ekEzYW o+6hwBp2LM8zop7u59x3mSRBWmobc+ghj9adHbBRSBGE8SrYazrrUVFPpTweDbVc GTvWYxVAUGazE2WWLcY7GwS54DCICavKHq5TAqMYkh9Njzti2l8RMCbKdNYMTatd kHizg3D9WOcO7e0pSl8XBHFOEfIX+0yKOzo5kmafiheAaeAmGASzVVvrQwYsm5Hs vV4KeB+ataA07TvA2uP/YZuqYUZurmccxZeRDmDuxmYMCDpuV9SBmtP020mzZFNK P+E= -----END CERTIFICATE-----Generated at Mon Jun 2 06:15:04 2025 by rpki-client