$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/386d354b-b333-4d2d-95e1-ce56676d00ec.roa File: 386d354b-b333-4d2d-95e1-ce56676d00ec.roa (raw, json) Hash identifier: DjoZcu2y/CQ5M137g8y/GaA/Y+4sUuM90wrzF71k4e8= Subject key identifier: D7:E1:A5:16:F1:12:D2:35:DA:00:9B:72:41:15:44:2D:47:27:F5:45 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 476FDA96B7916DD4BFAEB1E490FEF510465C0300 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/386d354b-b333-4d2d-95e1-ce56676d00ec.roa Signing time: Fri 16 May 2025 16:00:40 +0000 ROA not before: Fri 16 May 2025 16:00:40 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da22:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:6f:da:96:b7:91:6d:d4:bf:ae:b1:e4:90:fe:f5:10:46:5c:03:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 16:00:40 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=fa5ba546e27658dfc195c40d6729a697cf4eecac5dcb738defc1ff074c3537bd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2c:07:ec:6e:d8:dd:f1:b2:7a:19:9c:fd:e3: dd:98:63:ea:b4:13:90:3b:0d:68:89:58:e3:34:cd: 44:a1:13:d2:bb:aa:a9:8f:92:7f:c2:43:f2:a7:26: 3a:7c:bd:ca:83:7b:82:ff:3d:b0:9a:63:0d:91:ca: 46:3c:61:64:65:6f:5f:15:54:fd:e1:fa:3e:f8:09: ae:16:cd:b7:74:16:f3:e8:e7:ee:f7:a7:67:40:9d: 7c:0c:90:f6:f9:52:3c:0b:62:27:d6:02:4b:23:80: ad:92:ee:28:4e:b0:cd:ac:40:d6:75:69:34:da:d6: 39:50:6d:29:09:a1:3d:de:a7:c1:f8:47:fa:9d:41: 94:b9:13:8b:d8:98:36:75:22:68:fc:d9:49:01:bb: 87:c2:a3:38:25:90:20:81:6c:0f:6d:8f:cf:2b:77: 93:3b:52:c8:e1:e1:74:15:00:4d:aa:4f:f0:84:6b: 86:60:89:63:7b:b0:63:d0:42:be:e3:4c:4f:d8:67: f0:4e:28:f0:49:9c:d7:11:2e:58:e8:58:0f:a9:a9: 98:3f:1a:07:39:a0:34:54:34:ee:01:d6:da:96:c0: dc:94:f7:3c:af:f0:f2:51:03:0b:cf:26:7b:b4:4b: 33:01:05:8e:d4:d2:9c:39:66:bf:fa:16:08:fd:0f: 05:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:E1:A5:16:F1:12:D2:35:DA:00:9B:72:41:15:44:2D:47:27:F5:45 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/386d354b-b333-4d2d-95e1-ce56676d00ec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da22:8000::/36 Signature Algorithm: sha256WithRSAEncryption 8f:8c:2f:8f:31:c0:3b:92:d5:45:da:cb:61:13:1b:14:69:a0: b1:1e:e1:94:da:82:43:46:d5:cd:1a:98:5b:83:de:e1:3e:7c: 2c:72:e1:49:0b:96:bf:72:03:f3:68:f4:62:a1:86:ae:2a:31: 02:a7:c5:82:02:b9:dc:58:c2:37:5b:cf:bd:a2:df:a5:29:c0: 81:ee:87:9f:a4:e9:8e:4f:7d:33:26:8f:f6:0f:8e:10:72:49: a8:bc:4a:d8:65:d7:7a:f5:5d:06:7c:79:3d:f9:6c:bc:b1:67: f1:99:3f:7d:ba:9e:4c:ae:8a:ee:24:17:b9:40:8a:e3:f2:62: 30:6d:e1:e8:38:71:f6:60:91:8e:d4:ad:bd:1c:ad:4e:e8:f1: ef:1d:df:c7:7f:09:cb:47:7b:23:9d:0f:56:1a:95:f7:a4:c2: f3:7d:dc:f0:48:e4:06:62:9d:04:7d:57:a1:5a:f1:78:8b:04: f3:51:3d:a8:70:5b:ba:44:87:0f:b8:fd:50:9c:f4:33:c5:66: 62:63:0d:bb:41:3c:cf:02:e0:dd:e8:db:46:48:38:6b:20:9f: 91:1d:f5:db:ea:89:1f:e0:44:b1:10:e3:9a:96:34:f2:b4:8a: 6a:6b:86:d7:d9:be:28:94:4b:4d:cc:8e:ec:07:cc:08:e8:2d: c1:6c:1c:79 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUR2/alreRbdS/rrHkkP71EEZcAwAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE2MDA0MFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZmE1YmE1NDZlMjc2NThkZmMxOTVj NDBkNjcyOWE2OTdjZjRlZWNhYzVkY2I3MzhkZWZjMWZmMDc0YzM1MzdiZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSwH7G7Y3fGyehmc/ePdmGPqtBOQ Ow1oiVjjNM1EoRPSu6qpj5J/wkPypyY6fL3Kg3uC/z2wmmMNkcpGPGFkZW9fFVT9 4fo++AmuFs23dBbz6Ofu96dnQJ18DJD2+VI8C2In1gJLI4Ctku4oTrDNrEDWdWk0 2tY5UG0pCaE93qfB+Ef6nUGUuROL2Jg2dSJo/NlJAbuHwqM4JZAggWwPbY/PK3eT O1LI4eF0FQBNqk/whGuGYIlje7Bj0EK+40xP2GfwTijwSZzXES5Y6FgPqamYPxoH OaA0VDTuAdbalsDclPc8r/DyUQMLzyZ7tEszAQWO1NKcOWa/+hYI/Q8FHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNfhpRbxEtI12gCbckEVRC1HJ/VFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4NmQzNTRiLWIzMzMtNGQyZC05NWUxLWNlNTY2NzZkMDBlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaIoAwDQYJKoZIhvcNAQELBQADggEBAI+ML48xwDuS1UXay2ET GxRpoLEe4ZTagkNG1c0amFuD3uE+fCxy4UkLlr9yA/No9GKhhq4qMQKnxYICudxY wjdbz72i36UpwIHuh5+k6Y5PfTMmj/YPjhBySai8Sthl13r1XQZ8eT35bLyxZ/GZ P326nkyuiu4kF7lAiuPyYjBt4eg4cfZgkY7Urb0crU7o8e8d38d/CctHeyOdD1Ya lfekwvN93PBI5AZinQR9V6Fa8XiLBPNRPahwW7pEhw+4/VCc9DPFZmJjDbtBPM8C 4N3o20ZIOGsgn5Ed9dvqiR/gRLEQ45qWNPK0imprhtfZviiUS03MjuwHzAjoLcFs HHk= -----END CERTIFICATE-----Generated at Mon Jun 2 06:29:25 2025 by rpki-client