$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e8909db-8041-4fde-8d76-0663b8b608ed.roa File: 3e8909db-8041-4fde-8d76-0663b8b608ed.roa (raw, json) Hash identifier: +V/5hx7jNOtDtlHmCdvYvhhiNEGyGYomEvC4kFsnvog= Subject key identifier: 10:5C:B5:26:76:94:A5:81:C0:CD:16:C5:82:94:45:73:BB:0F:4B:D6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 61CEBAADFB7B608D15C55B83C4310B74DB8C2ED6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e8909db-8041-4fde-8d76-0663b8b608ed.roa Signing time: Fri 16 May 2025 15:31:37 +0000 ROA not before: Fri 16 May 2025 15:31:37 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:ce:ba:ad:fb:7b:60:8d:15:c5:5b:83:c4:31:0b:74:db:8c:2e:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:31:37 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=dfd46dff7459b2001eb04042eab96271dc7f6828735e7519095ca0ab8a6e956d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:8d:35:86:31:21:25:07:13:23:97:0d:85:26: af:28:0c:70:6f:c2:5f:dd:77:f9:4b:b6:76:af:2d: 06:5e:73:50:82:74:25:fd:f3:42:70:33:34:16:c3: 6e:27:53:58:71:ad:a8:5e:d3:5f:b9:fd:4c:8c:4f: a7:eb:a3:84:42:e5:12:7d:c0:3b:16:0f:6a:69:fd: cf:09:f6:39:bb:cf:46:13:4e:e6:bd:62:fe:c8:a9: a0:15:44:c6:e5:e2:e3:a0:75:6f:6f:6f:e6:99:dc: e9:90:88:0f:28:3f:0b:9f:33:57:f2:f3:9a:8c:e9: 18:98:5e:51:d0:ff:b4:33:c5:f5:c0:43:9f:89:b5: fa:fc:a4:63:51:b8:00:43:51:5f:3b:6c:5d:bb:88: 68:7c:38:82:40:8c:14:10:22:5d:37:01:68:3a:83: 4d:d8:1c:2e:36:d2:e8:5e:71:3f:21:bb:56:52:6c: b4:94:04:d6:c9:45:90:db:57:bf:8e:5b:0c:37:fb: c4:13:df:f5:46:37:cb:fd:8b:c4:d4:bd:6c:91:ad: 67:3b:14:03:58:5d:c3:9b:bb:f5:62:f3:7c:2f:c9: c5:52:5b:dd:48:7e:1a:7c:31:62:51:35:45:82:8d: 8b:31:9b:a1:2f:ab:1f:9f:53:d5:74:b8:b3:8d:f3: f8:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:5C:B5:26:76:94:A5:81:C0:CD:16:C5:82:94:45:73:BB:0F:4B:D6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e8909db-8041-4fde-8d76-0663b8b608ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38::/32 Signature Algorithm: sha256WithRSAEncryption 4e:da:15:67:63:14:2a:f9:8f:30:77:52:2f:07:f4:ec:a0:f5: b4:91:30:1f:79:16:54:63:8f:58:f9:00:40:52:24:9e:3d:5b: 01:84:02:cb:78:94:e6:7c:27:b8:02:93:80:f8:ff:c2:e6:4a: 29:f8:87:1a:0b:66:80:9f:52:af:46:58:c0:16:66:3b:1d:65: 17:73:d5:3f:81:e8:10:2f:0b:d7:bd:ba:fb:af:ed:fb:ed:fc: e4:74:29:c8:f8:17:42:39:40:96:95:15:89:a7:e0:24:ae:11: be:0f:cb:ec:3d:84:ee:d4:de:ac:bd:ed:32:c8:5a:81:e5:f4: fb:50:b3:30:a4:2e:41:22:2c:85:a2:0f:03:e4:d2:f0:12:83: 45:0b:bc:1f:5a:c2:b3:d2:35:2b:d8:9b:2d:e2:4e:77:d8:d4: c6:a9:1e:9a:0b:cd:d7:65:77:e9:2b:a2:70:bc:6e:94:c2:0a: 71:9a:2e:bc:12:9b:b2:92:7a:09:57:b4:be:3b:ad:2e:23:4d: ab:ff:dc:70:04:b6:1f:4a:cc:76:5a:37:0a:53:c9:c0:db:cc: 11:31:f3:b0:11:28:26:71:6b:2a:09:84:59:10:16:eb:39:ca: e7:5b:28:5e:4c:e7:d0:77:50:8b:fc:6b:5a:bb:2d:81:61:82: 70:9a:7c:b2 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUYc66rft7YI0VxVuDxDELdNuMLtYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzEzN1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZGZkNDZkZmY3NDU5YjIwMDFlYjA0 MDQyZWFiOTYyNzFkYzdmNjgyODczNWU3NTE5MDk1Y2EwYWI4YTZlOTU2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1401hjEhJQcTI5cNhSavKAxwb8Jf 3Xf5S7Z2ry0GXnNQgnQl/fNCcDM0FsNuJ1NYca2oXtNfuf1MjE+n66OEQuUSfcA7 Fg9qaf3PCfY5u89GE07mvWL+yKmgFUTG5eLjoHVvb2/mmdzpkIgPKD8LnzNX8vOa jOkYmF5R0P+0M8X1wEOfibX6/KRjUbgAQ1FfO2xdu4hofDiCQIwUECJdNwFoOoNN 2BwuNtLoXnE/IbtWUmy0lATWyUWQ21e/jlsMN/vEE9/1RjfL/YvE1L1ska1nOxQD WF3Dm7v1YvN8L8nFUlvdSH4afDFiUTVFgo2LMZuhL6sfn1PVdLizjfP4awIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFBBctSZ2lKWBwM0WxYKURXO7D0vWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlODkwOWRiLTgwNDEtNGZkZS04ZDc2LTA2NjNiOGI2MDhlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaODANBgkqhkiG9w0BAQsFAAOCAQEATtoVZ2MUKvmPMHdSLwf0 7KD1tJEwH3kWVGOPWPkAQFIknj1bAYQCy3iU5nwnuAKTgPj/wuZKKfiHGgtmgJ9S r0ZYwBZmOx1lF3PVP4HoEC8L1726+6/t++385HQpyPgXQjlAlpUViafgJK4Rvg/L 7D2E7tTerL3tMshageX0+1CzMKQuQSIshaIPA+TS8BKDRQu8H1rCs9I1K9ibLeJO d9jUxqkemgvN12V36SuicLxulMIKcZouvBKbspJ6CVe0vjutLiNNq//ccAS2H0rM dlo3ClPJwNvMETHzsBEoJnFrKgmEWRAW6znK51soXkzn0HdQi/xrWrstgWGCcJp8 sg== -----END CERTIFICATE-----Generated at Tue Jun 3 23:11:18 2025 by rpki-client