$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa File: 2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa (raw, json) Hash identifier: C3cn1L5ABH7wusa96EciWAIp7DIPPuUYFhrm0w+Yt+Y= Subject key identifier: EA:B5:63:43:41:CD:16:36:D0:B4:DC:4C:19:0F:35:46:76:D9:45:AC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 285D5D4D8B3BBB982007EB72AC319446C4E53794 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa Signing time: Thu 22 May 2025 00:36:49 +0000 ROA not before: Thu 22 May 2025 00:36:49 +0000 ROA not after: Thu 26 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:5d:5d:4d:8b:3b:bb:98:20:07:eb:72:ac:31:94:46:c4:e5:37:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 00:36:49 2025 GMT Not After : Jun 26 23:59:59 2025 GMT Subject: serialNumber=fe29e0f624fdfe774eaa935d32b5f6751da87b17877f3076ccb118fbc9f60447, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:02:a8:15:72:9c:a1:5e:33:1a:19:5d:df:b4: 1c:97:66:e6:0a:b5:3f:0b:1a:2c:3d:94:70:30:61: e7:5a:7d:4d:2f:4b:a7:ea:b8:8d:c5:6e:b5:1f:08: ec:18:d4:b8:ad:73:64:96:d0:34:ab:19:ac:aa:48: 45:78:9c:86:ed:7c:a2:d3:73:01:2a:14:6e:8f:2c: e7:89:7f:07:86:58:5a:ae:94:e1:74:56:da:ae:79: 23:df:cb:10:55:a8:a1:69:8b:b0:3a:51:b3:51:7d: 95:7c:59:65:3c:c7:d8:cc:a5:b6:ad:c0:f3:2e:c7: aa:6d:20:5b:8a:37:90:b5:d1:3d:07:8a:4c:b5:76: 0c:69:c5:a6:30:c9:79:b7:36:06:23:ee:b5:a6:a1: c7:ea:22:86:8c:99:a6:27:14:85:50:f4:ca:3d:a7: 54:e7:88:81:66:f4:d8:ac:f4:02:71:10:2a:7c:28: 57:c4:dc:d6:f0:e8:27:42:66:55:38:fa:73:36:6f: 0c:e3:1d:9a:84:de:c3:05:93:1b:ed:2a:f3:a1:a1: b4:8c:cd:e8:42:32:08:4b:45:d9:9f:1a:db:75:fb: 58:87:68:14:76:e0:83:ec:61:41:d3:33:be:76:a5: aa:69:0f:b7:90:c6:29:87:24:ab:72:6a:fa:90:9f: 98:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:B5:63:43:41:CD:16:36:D0:B4:DC:4C:19:0F:35:46:76:D9:45:AC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:800::/40 Signature Algorithm: sha256WithRSAEncryption 73:60:b2:e5:c5:1f:f7:b7:ea:5c:68:ce:41:e2:d3:67:b6:87: 2a:b4:ea:ce:bc:d9:69:b5:6a:6d:a4:0e:64:c2:54:56:af:2d: 4e:37:45:cc:62:5b:e0:c7:d5:46:c8:ba:22:99:28:5d:79:f1: cb:fe:78:86:18:0d:35:e8:f7:e7:49:f4:4a:f9:85:52:22:d0: 57:71:83:25:52:da:52:6b:20:d8:8c:e4:da:cf:06:9b:b4:13: cf:cf:3a:29:6d:20:39:bb:d6:fc:ef:65:84:3a:21:ce:5b:6f: 03:d9:80:b2:b9:96:88:6c:c0:4a:d1:34:d0:76:c5:12:cf:d0: 07:e9:d8:a0:2b:d1:cb:d3:51:96:49:35:b7:72:ae:dd:f8:36: 4a:4a:41:bc:31:da:dc:7c:ba:2f:9d:76:35:07:ac:4a:83:0f: 58:97:15:cb:b8:b4:17:59:25:b6:93:67:a8:3e:1e:3c:ef:0d: 75:39:3c:bb:37:13:bd:e8:ed:d9:86:fa:5b:cb:79:04:0c:40: 15:01:b0:53:fb:ad:b0:ef:07:68:7e:46:23:c0:81:ac:2f:46: f8:e8:b3:3e:fc:67:32:ff:33:d5:d7:b4:fc:c3:11:a1:de:08: e2:36:06:c6:02:62:a7:b8:ec:9e:5c:98:df:19:70:d0:a3:8a: 85:c3:cd:a7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKF1dTYs7u5ggB+tyrDGURsTlN5QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMjAwMzY0OVoX DTI1MDYyNjIzNTk1OVowejFJMEcGA1UEBRNAZmUyOWUwZjYyNGZkZmU3NzRlYWE5 MzVkMzJiNWY2NzUxZGE4N2IxNzg3N2YzMDc2Y2NiMTE4ZmJjOWY2MDQ0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgKoFXKcoV4zGhld37Qcl2bmCrU/ CxosPZRwMGHnWn1NL0un6riNxW61HwjsGNS4rXNkltA0qxmsqkhFeJyG7Xyi03MB KhRujyzniX8HhlharpThdFbarnkj38sQVaihaYuwOlGzUX2VfFllPMfYzKW2rcDz LseqbSBbijeQtdE9B4pMtXYMacWmMMl5tzYGI+61pqHH6iKGjJmmJxSFUPTKPadU 54iBZvTYrPQCcRAqfChXxNzW8OgnQmZVOPpzNm8M4x2ahN7DBZMb7SrzoaG0jM3o QjIIS0XZnxrbdftYh2gUduCD7GFB0zO+dqWqaQ+3kMYphySrcmr6kJ+YlwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOq1Y0NBzRY20LTcTBkPNUZ22UWsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJjY2MyZmVjLWE3ZDItNDllZC04NDk3LTc1MzM4YzFiNTY4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7QgwDQYJKoZIhvcNAQELBQADggEBAHNgsuXFH/e36lxozkHi 02e2hyq06s682Wm1am2kDmTCVFavLU43RcxiW+DH1UbIuiKZKF158cv+eIYYDTXo 9+dJ9Er5hVIi0FdxgyVS2lJrINiM5NrPBpu0E8/POiltIDm71vzvZYQ6Ic5bbwPZ gLK5lohswErRNNB2xRLP0Afp2KAr0cvTUZZJNbdyrt34NkpKQbwx2tx8ui+ddjUH rEqDD1iXFcu4tBdZJbaTZ6g+HjzvDXU5PLs3E73o7dmG+lvLeQQMQBUBsFP7rbDv B2h+RiPAgawvRvjosz78ZzL/M9XXtPzDEaHeCOI2BsYCYqe47J5cmN8ZcNCjioXD zac= -----END CERTIFICATE-----Generated at Mon Jun 2 06:30:35 2025 by rpki-client