$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa File: 2b4adb97-a33f-485c-865b-badaa1f9c897.roa (raw, json) Hash identifier: QXcE4gIjPIpObghNF/oJcth5mHQl6xHnhV0pX49fi/c= Subject key identifier: CF:69:33:A5:B8:08:4B:63:5B:91:AF:DF:AF:60:94:DB:D4:D4:8C:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2469E705B59E382151A42F69F667A32AD1BAF992 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa Signing time: Fri 16 May 2025 00:21:02 +0000 ROA not before: Fri 16 May 2025 00:21:02 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:69:e7:05:b5:9e:38:21:51:a4:2f:69:f6:67:a3:2a:d1:ba:f9:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:21:02 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=b1b3847c681e6f5a9ea079b6031b7964a18d14e99435d30aa3937c4fa443ac14, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:c8:14:86:c2:18:78:d8:ba:68:8d:cb:34:62: 87:a9:af:9d:c8:44:35:e7:da:28:f5:16:af:47:c6: 67:c7:d7:02:8f:19:13:ef:52:66:8c:e2:df:79:c0: 81:e7:43:c2:97:d8:22:7b:eb:70:d6:18:04:6d:34: cb:fa:1d:75:73:e3:fa:16:14:67:88:12:6c:c6:04: 45:73:22:76:e8:26:2b:91:36:b7:97:41:aa:59:f0: 42:62:9c:3f:f2:a9:38:21:3a:ad:35:0f:4e:d2:8b: 02:e2:e8:e9:a7:67:6c:cd:3a:5a:1a:cf:21:75:94: 8e:60:a7:67:6b:c0:c0:b4:c0:d9:cb:07:86:28:20: b4:17:be:f3:b3:13:29:01:ef:73:7f:c4:5b:47:58: c6:57:e1:7f:e8:84:17:ca:0d:b4:be:1a:cb:af:7d: 50:b7:ff:ad:73:19:0c:a0:a3:da:d7:de:7e:86:ea: f1:cd:0a:bf:00:80:31:98:99:3f:ce:4d:39:50:fb: 23:e7:79:c0:63:48:23:82:4d:e5:43:09:05:11:e8: 48:2c:7d:9e:d0:a5:16:53:67:83:7e:92:94:92:91: 98:39:1d:cb:b3:34:20:ad:cd:f6:ae:1e:ec:47:d3: 47:cf:00:6a:35:e0:02:35:43:27:8d:e7:19:3c:3b: 9e:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:69:33:A5:B8:08:4B:63:5B:91:AF:DF:AF:60:94:DB:D4:D4:8C:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:b000::/40 Signature Algorithm: sha256WithRSAEncryption 8a:42:bd:17:83:54:5d:e0:5c:2c:1c:86:d6:69:60:4a:47:03: c6:bd:3e:a5:70:f3:4c:81:63:76:a5:e5:36:e9:f6:08:5e:ec: 39:78:91:96:d7:45:29:2b:30:bc:45:40:a7:b7:56:c6:40:f0: fb:ed:31:f5:0d:3e:10:fa:77:eb:d4:03:65:ce:cb:b0:73:3c: 7c:82:bd:df:aa:f5:a9:d5:64:6e:c8:b1:39:9a:af:92:2a:2d: 1b:93:1e:54:29:09:52:b7:8e:88:bc:65:81:57:d9:02:ef:13: a6:c9:16:5a:aa:de:99:39:d2:f5:5f:0a:ba:5f:cc:22:7c:7a: 75:04:f0:ba:a4:c1:d4:43:de:6e:bd:25:21:fe:84:5b:a9:be: fe:2f:32:36:90:68:1e:4d:f1:e9:cb:a3:a4:30:6e:ac:65:ac: 3a:f9:fc:da:96:ae:67:3a:f4:c7:95:1a:e3:28:f6:ef:33:b1: 11:7f:4b:91:be:ec:61:d0:a0:5e:c0:46:0a:2e:79:88:3f:5b: 9b:95:c2:5a:21:ab:f8:6e:5a:11:49:18:a2:1d:dc:00:8c:4b: 7c:d6:44:98:95:63:d8:c7:cb:9f:d7:fb:62:e4:44:bd:86:50: e2:4f:0c:76:a7:f2:22:90:14:62:85:7d:ab:23:22:3a:93:44: 47:ef:63:3e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJGnnBbWeOCFRpC9p9mejKtG6+ZIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMjEwMloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYjFiMzg0N2M2ODFlNmY1YTllYTA3 OWI2MDMxYjc5NjRhMThkMTRlOTk0MzVkMzBhYTM5MzdjNGZhNDQzYWMxNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MgUhsIYeNi6aI3LNGKHqa+dyEQ1 59oo9RavR8Znx9cCjxkT71JmjOLfecCB50PCl9gie+tw1hgEbTTL+h11c+P6FhRn iBJsxgRFcyJ26CYrkTa3l0GqWfBCYpw/8qk4ITqtNQ9O0osC4ujpp2dszTpaGs8h dZSOYKdna8DAtMDZyweGKCC0F77zsxMpAe9zf8RbR1jGV+F/6IQXyg20vhrLr31Q t/+tcxkMoKPa195+hurxzQq/AIAxmJk/zk05UPsj53nAY0gjgk3lQwkFEehILH2e 0KUWU2eDfpKUkpGYOR3LszQgrc32rh7sR9NHzwBqNeACNUMnjecZPDueEwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM9pM6W4CEtjW5Gv369glNvU1IxZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiNGFkYjk3LWEzM2YtNDg1Yy04NjViLWJhZGFhMWY5Yzg5Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaALAwDQYJKoZIhvcNAQELBQADggEBAIpCvReDVF3gXCwchtZp YEpHA8a9PqVw80yBY3al5Tbp9ghe7Dl4kZbXRSkrMLxFQKe3VsZA8PvtMfUNPhD6 d+vUA2XOy7BzPHyCvd+q9anVZG7IsTmar5IqLRuTHlQpCVK3joi8ZYFX2QLvE6bJ Flqq3pk50vVfCrpfzCJ8enUE8LqkwdRD3m69JSH+hFupvv4vMjaQaB5N8enLo6Qw bqxlrDr5/NqWrmc69MeVGuMo9u8zsRF/S5G+7GHQoF7ARgoueYg/W5uVwlohq/hu WhFJGKId3ACMS3zWRJiVY9jHy5/X+2LkRL2GUOJPDHan8iKQFGKFfasjIjqTREfv Yz4= -----END CERTIFICATE-----Generated at Tue Jun 3 23:09:41 2025 by rpki-client