$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa File: 3aaa4e98-35e7-4700-aa65-013387f5feae.roa (raw, json) Hash identifier: PfsCDxecJ1erfEruK+V/SCmaLLo1Lt2cmD5j5pz5a+w= Subject key identifier: 7D:57:74:1A:50:93:78:AB:E8:30:1B:4C:9F:77:BB:72:DA:9B:E3:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 41422C5FC1E54F5B30A451F99626B097B86B1D64 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa Signing time: Fri 16 May 2025 00:50:03 +0000 ROA not before: Fri 16 May 2025 00:50:03 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:42:2c:5f:c1:e5:4f:5b:30:a4:51:f9:96:26:b0:97:b8:6b:1d:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:50:03 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=98bb7aa32d2de0d0ba84c1d699e26ec37081b73ab79e97c74f0a7d90ce8aa8ca, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e6:83:5f:63:e1:8b:cb:76:33:f7:20:db:05: 8e:14:d3:fd:8c:04:45:73:84:8d:38:59:a8:7c:7e: 0d:68:86:c3:91:ea:ed:f0:83:07:32:6f:6d:c4:ad: 8a:49:94:54:9a:c4:22:4c:0b:94:b5:75:09:9d:67: 0a:d6:84:09:a9:f7:cf:a1:ba:da:4e:15:02:7b:fb: a1:6b:fb:a4:08:3e:ac:e0:c4:c6:23:7e:ff:6c:23: 9a:4b:1c:ab:a0:54:ed:9f:36:52:0f:c1:2a:cc:51: ae:fa:11:37:be:ab:59:68:2d:9b:33:75:06:d6:79: 70:ca:63:13:e0:6b:21:6f:32:c5:23:9c:66:68:d7: 93:65:bf:30:a6:85:ca:3e:5a:4c:31:4c:f6:77:41: 5e:ef:20:44:bc:da:b0:ae:f7:f0:4a:55:00:f5:73: 10:fb:d4:f9:8f:fa:18:d3:76:ae:de:9d:48:e6:fb: 6e:bc:81:14:aa:d4:93:9d:14:ad:fd:20:91:8c:ba: b2:c2:a1:c2:9a:58:ae:b8:22:5d:43:2c:5c:d4:7a: 43:d4:c3:d5:5b:7e:6b:56:48:73:04:e1:99:a4:c9: 14:0a:e2:24:66:b6:9b:01:44:f3:6c:2a:f0:ce:bf: 67:05:74:63:1e:e4:79:f9:b9:ba:5c:c3:d6:e4:3a: 76:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:57:74:1A:50:93:78:AB:E8:30:1B:4C:9F:77:BB:72:DA:9B:E3:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:b000::/40 Signature Algorithm: sha256WithRSAEncryption b4:3c:1a:25:01:40:a0:4f:6d:49:84:43:94:94:ae:ec:af:a3: a3:76:50:3f:86:8a:47:03:c4:53:3d:4d:6e:dd:3b:ff:88:8d: 43:4e:80:9b:f4:97:cb:d5:d2:e6:7d:76:d7:8a:a6:41:8f:d9: 2d:55:3c:46:9a:bd:09:ee:61:ef:71:4b:f4:8f:09:e3:c7:b1: 98:7c:9d:38:f5:41:8b:b7:47:a7:1a:28:a1:cc:6d:86:43:89: 7e:b9:b2:35:9a:b4:50:b6:19:c3:89:e0:98:0c:fc:8d:d3:48: f7:73:fa:b9:41:b3:0b:e4:25:5e:9a:ca:c7:11:af:4c:99:db: 8d:9c:5d:b5:36:01:54:11:6c:83:fe:83:da:17:dd:f6:03:fe: f9:8f:c6:ad:da:86:2e:18:ac:69:4a:8f:46:ac:14:e0:3a:47: cb:77:7b:71:9e:85:30:26:f2:e5:59:11:e0:8f:de:24:1e:ab: 95:bf:16:52:ee:0b:fd:dc:6a:a4:5a:d2:2e:16:ce:40:54:da: bf:9c:e6:ae:03:12:fc:61:0a:38:8b:4b:2a:a1:9f:e6:cb:72: 0a:41:57:cb:f3:30:3e:29:c9:35:29:e9:23:bf:be:b4:70:e8: ee:50:ac:0f:ca:17:28:58:c4:54:fa:f9:36:ef:cb:a9:38:93: c5:f5:9d:28 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQUIsX8HlT1swpFH5liawl7hrHWQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNTAwM1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAOThiYjdhYTMyZDJkZTBkMGJhODRj MWQ2OTllMjZlYzM3MDgxYjczYWI3OWU5N2M3NGYwYTdkOTBjZThhYThjYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueaDX2Phi8t2M/cg2wWOFNP9jARF c4SNOFmofH4NaIbDkert8IMHMm9txK2KSZRUmsQiTAuUtXUJnWcK1oQJqffPobra ThUCe/uha/ukCD6s4MTGI37/bCOaSxyroFTtnzZSD8EqzFGu+hE3vqtZaC2bM3UG 1nlwymMT4GshbzLFI5xmaNeTZb8wpoXKPlpMMUz2d0Fe7yBEvNqwrvfwSlUA9XMQ +9T5j/oY03au3p1I5vtuvIEUqtSTnRSt/SCRjLqywqHCmliuuCJdQyxc1HpD1MPV W35rVkhzBOGZpMkUCuIkZrabAUTzbCrwzr9nBXRjHuR5+bm6XMPW5Dp2vQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH1XdBpQk3ir6DAbTJ93u3Lam+PvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhYWE0ZTk4LTM1ZTctNDcwMC1hYTY1LTAxMzM4N2Y1ZmVhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+7AwDQYJKoZIhvcNAQELBQADggEBALQ8GiUBQKBPbUmEQ5SU ruyvo6N2UD+GikcDxFM9TW7dO/+IjUNOgJv0l8vV0uZ9dteKpkGP2S1VPEaavQnu Ye9xS/SPCePHsZh8nTj1QYu3R6caKKHMbYZDiX65sjWatFC2GcOJ4JgM/I3TSPdz +rlBswvkJV6ayscRr0yZ242cXbU2AVQRbIP+g9oX3fYD/vmPxq3ahi4YrGlKj0as FOA6R8t3e3GehTAm8uVZEeCP3iQeq5W/FlLuC/3caqRa0i4WzkBU2r+c5q4DEvxh CjiLSyqhn+bLcgpBV8vzMD4pyTUp6SO/vrRw6O5QrA/KFyhYxFT6+Tbvy6k4k8X1 nSg= -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:08 2025 by rpki-client