$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa File: 2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa (raw, json) Hash identifier: h83Oy9ZSPxTYcCc7ioKRReEWdtWHaj4B3ke4/T8FDmQ= Subject key identifier: 6A:70:63:25:69:86:13:10:04:32:25:56:31:0D:B8:FA:8A:80:D0:A6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60B8D55DA9F5F03C9624B2BC550B4B9D5CE8532A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa Signing time: Tue 13 May 2025 00:21:03 +0000 ROA not before: Tue 13 May 2025 00:21:03 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:b8:d5:5d:a9:f5:f0:3c:96:24:b2:bc:55:0b:4b:9d:5c:e8:53:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:21:03 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=8610abe7f39d78cd4c3901660381d0a29d86f05de0bdef8b927949d48d53cbdc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:20:8d:81:88:de:9d:c8:b4:22:43:e2:a7:fd: 8a:cd:d7:6e:c8:31:5d:1c:12:4f:a0:ad:e9:3c:7d: 25:11:d1:5f:50:9a:1e:c2:a8:ca:e7:60:b4:25:b5: a5:98:e5:37:c2:43:ca:2c:b7:81:65:83:76:21:99: cc:68:e0:43:a2:6f:8c:e7:87:b9:86:bb:ef:50:69: 4c:42:61:38:18:c6:fa:d2:6f:c6:09:a3:eb:66:6a: b1:75:83:98:46:dc:3d:4b:12:57:78:1d:12:52:14: 7a:60:43:62:2b:48:e2:8b:2a:1c:d5:99:96:6b:ef: 4e:96:54:e7:0c:66:84:3d:96:00:f5:46:f2:bc:ab: 6c:ae:57:64:bd:55:4c:45:e2:9b:2f:0f:d3:ed:55: 63:9d:cb:fe:56:b5:e5:4a:be:ee:4b:49:ca:74:0a: 0f:69:b6:98:8e:cd:f1:7f:fe:57:3b:92:11:e1:aa: 07:b1:38:b9:4a:48:c0:b2:fc:7d:e7:4f:ad:88:ff: 61:63:e2:77:80:ce:4d:fd:19:95:4d:7d:33:46:0a: 5e:c6:f1:7d:2f:07:85:a6:eb:aa:76:e7:7a:c1:e4: 24:c6:5f:56:4e:3d:0f:7d:b3:a4:a4:98:94:0a:52: 56:aa:8c:33:12:fb:1e:5c:dd:18:31:04:de:4e:0c: da:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:70:63:25:69:86:13:10:04:32:25:56:31:0D:B8:FA:8A:80:D0:A6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9040::/48 Signature Algorithm: sha256WithRSAEncryption 67:c5:e5:57:8c:fa:c9:55:f2:93:70:fe:af:7a:30:56:27:3e: b8:fc:a8:4a:76:b1:1b:5d:57:de:8c:96:06:50:51:92:59:8d: f3:b6:30:ca:3f:fc:ec:91:23:1f:7f:88:57:76:d4:5a:9e:99: 71:fa:b3:db:6f:08:52:99:a5:ab:62:73:65:17:d8:a8:34:5f: aa:b8:32:43:5f:6e:4f:e7:dd:7d:94:2a:95:76:5e:bd:4a:4e: fa:d9:6d:bb:4b:e9:5e:2f:f9:75:e7:98:30:69:dd:33:51:08: 05:93:7d:51:86:d8:2c:d5:24:8f:18:3f:f7:ea:26:58:a1:bd: 3f:12:ae:df:67:3d:73:70:d4:06:85:fa:35:ae:a5:b7:c5:ee: 41:41:0c:e1:8e:c4:39:ef:c5:15:be:90:3a:38:4b:ac:5e:f6: e1:39:ed:28:a4:d6:b8:27:6e:48:a8:61:b9:bd:87:a2:f7:1a: 49:95:c6:9a:7c:c5:4c:5c:52:13:5a:b9:46:b4:56:30:bf:0e: 78:ae:ff:f5:df:0a:a3:36:e6:97:cb:2e:2a:1b:27:18:3b:2a: 76:36:39:2f:22:83:f9:07:30:88:e7:bc:cd:2b:39:9d:ad:65: 68:9c:c3:87:05:e3:31:d5:5b:4f:18:9c:fe:44:4b:08:7d:85: d1:c0:fb:09 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYLjVXan18DyWJLK8VQtLnVzoUyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMzAwMjEwM1oX DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAODYxMGFiZTdmMzlkNzhjZDRjMzkw MTY2MDM4MWQwYTI5ZDg2ZjA1ZGUwYmRlZjhiOTI3OTQ5ZDQ4ZDUzY2JkYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yCNgYjenci0IkPip/2KzdduyDFd HBJPoK3pPH0lEdFfUJoewqjK52C0JbWlmOU3wkPKLLeBZYN2IZnMaOBDom+M54e5 hrvvUGlMQmE4GMb60m/GCaPrZmqxdYOYRtw9SxJXeB0SUhR6YENiK0jiiyoc1ZmW a+9OllTnDGaEPZYA9UbyvKtsrldkvVVMReKbLw/T7VVjncv+VrXlSr7uS0nKdAoP abaYjs3xf/5XO5IR4aoHsTi5SkjAsvx950+tiP9hY+J3gM5N/RmVTX0zRgpexvF9 LweFpuuqdud6weQkxl9WTj0PfbOkpJiUClJWqowzEvseXN0YMQTeTgzaZQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGpwYyVphhMQBDIlVjENuPqKgNCmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJjNWNkZDQ5LWU5OGItNGUzZC04YTYxLTA5NGYzODFkMmZhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAJBAMA0GCSqGSIb3DQEBCwUAA4IBAQBnxeVXjPrJVfKTcP6v ejBWJz64/KhKdrEbXVfejJYGUFGSWY3ztjDKP/zskSMff4hXdtRanplx+rPbbwhS maWrYnNlF9ioNF+quDJDX25P5919lCqVdl69Sk762W27S+leL/l155gwad0zUQgF k31Rhtgs1SSPGD/36iZYob0/Eq7fZz1zcNQGhfo1rqW3xe5BQQzhjsQ578UVvpA6 OEusXvbhOe0opNa4J25IqGG5vYei9xpJlcaafMVMXFITWrlGtFYwvw54rv/13wqj NuaXyy4qGycYOyp2NjkvIoP5BzCI57zNKzmdrWVonMOHBeMx1VtPGJz+REsIfYXR wPsJ -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:27 2025 by rpki-client