$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa File: 3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa (raw, json) Hash identifier: kAnPT7YL6YVCulfhO92cCOXhV2C3wr4me836kD10kVg= Subject key identifier: 0B:56:5E:74:A0:55:FA:79:1C:37:02:53:D4:3E:4E:F4:8C:7B:57:76 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 133D4252765C29352E063D25FD24A67A9167110A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa Signing time: Fri 16 May 2025 15:11:27 +0000 ROA not before: Fri 16 May 2025 15:11:27 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:3d:42:52:76:5c:29:35:2e:06:3d:25:fd:24:a6:7a:91:67:11:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:11:27 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=ce7d6d829e2689f2bd6879d530ee79d82e9506c8f0e98a01da1ec8767a953166, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e3:03:d7:f6:75:3c:a8:5d:6a:8e:09:33:98: 72:9f:1c:77:7b:c1:a0:b2:5a:1f:63:2c:05:5b:8e: 99:e8:13:8a:79:f6:bc:74:00:b8:37:1c:04:19:a4: f7:bf:c3:62:65:33:99:da:82:c2:ec:9c:a4:da:46: 07:cc:4a:b7:b7:ee:e2:ee:a7:1b:fa:39:09:33:53: c6:8e:e0:f7:49:a5:80:42:91:7f:33:66:fb:62:c2: 38:48:91:5d:c9:54:63:39:83:93:44:13:42:b6:c0: 12:15:58:78:97:7f:50:ae:89:53:f1:87:5c:2a:ee: 34:3e:89:c8:7a:d3:fe:9c:25:93:c2:5d:da:f9:4c: e3:49:35:b1:00:fb:ab:29:1d:1f:b5:3b:ea:ef:5c: e8:f5:ce:9e:88:d6:f0:a0:e7:cb:fe:9b:3d:93:d8: cb:5f:32:a2:72:66:e6:7d:5a:d6:7f:16:b1:7a:43: 08:d2:a6:e9:72:e3:0a:cf:51:44:36:28:fd:10:c7: f7:08:ac:48:d7:31:09:8b:3d:a2:b3:61:47:a5:e7: 03:d7:71:f5:1d:7c:25:7f:1f:27:a3:23:8f:51:f8: d2:67:87:d6:c2:91:8c:2c:1f:73:a1:c3:cc:8e:77: 3c:da:ee:90:08:27:26:e2:02:30:13:07:63:5c:aa: 72:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:56:5E:74:A0:55:FA:79:1C:37:02:53:D4:3E:4E:F4:8C:7B:57:76 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:4800::/40 Signature Algorithm: sha256WithRSAEncryption 93:a1:c4:1e:f9:57:0a:a7:31:4d:a0:e6:98:1b:de:d8:b7:79: c4:a2:c7:79:0e:16:d6:a7:fd:e6:af:15:3b:48:c4:0e:cd:b0: d7:f4:28:cb:ce:60:9c:fe:93:06:46:91:d6:7e:f9:b5:99:53: 6e:42:4b:10:76:16:a1:2f:d8:2d:a7:ed:c3:4c:47:df:a3:6f: 46:c0:e4:1e:00:30:1a:78:e1:91:e9:d6:03:5f:89:62:c7:fa: fe:98:49:ac:ff:a0:52:95:db:57:c0:98:18:73:ab:17:17:aa: 06:c1:95:0f:e4:c2:7f:d9:01:81:2b:7d:1b:5f:b7:36:29:d7: 84:81:a8:04:70:d6:53:75:30:bb:14:6d:fc:ec:dc:52:4a:86: 3c:b1:d4:dd:af:99:57:20:1b:d1:88:f4:1a:f3:b7:4a:0f:91: 3d:bb:e4:09:5a:cf:71:b5:5f:da:4e:4d:b1:71:cb:d2:cc:e2: 3e:44:49:af:e4:f6:46:b7:c8:bd:c1:49:dc:55:b1:dd:50:38: 0b:13:a3:28:4d:f3:84:0d:68:e4:9b:bc:39:d0:74:f9:38:ac: ce:af:9f:8d:58:5b:fe:9d:0e:4c:70:2b:78:2b:b5:c2:ee:27: a8:a2:d5:b5:eb:b4:2b:c2:e8:ff:96:e9:2f:e8:e2:00:30:3b: 49:f9:68:3d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEz1CUnZcKTUuBj0l/SSmepFnEQowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MTEyN1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAY2U3ZDZkODI5ZTI2ODlmMmJkNjg3 OWQ1MzBlZTc5ZDgyZTk1MDZjOGYwZTk4YTAxZGExZWM4NzY3YTk1MzE2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOMD1/Z1PKhdao4JM5hynxx3e8Gg slofYywFW46Z6BOKefa8dAC4NxwEGaT3v8NiZTOZ2oLC7Jyk2kYHzEq3t+7i7qcb +jkJM1PGjuD3SaWAQpF/M2b7YsI4SJFdyVRjOYOTRBNCtsASFVh4l39QrolT8Ydc Ku40PonIetP+nCWTwl3a+UzjSTWxAPurKR0ftTvq71zo9c6eiNbwoOfL/ps9k9jL XzKicmbmfVrWfxaxekMI0qbpcuMKz1FENij9EMf3CKxI1zEJiz2is2FHpecD13H1 HXwlfx8noyOPUfjSZ4fWwpGMLB9zocPMjnc82u6QCCcm4gIwEwdjXKpy2QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAtWXnSgVfp5HDcCU9Q+TvSMe1d2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlOWNjNmFmLWJjMmMtNGRjYS04OTE1LTBjZGRmMjVjYzhkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaEgwDQYJKoZIhvcNAQELBQADggEBAJOhxB75VwqnMU2g5pgb 3ti3ecSix3kOFtan/eavFTtIxA7NsNf0KMvOYJz+kwZGkdZ++bWZU25CSxB2FqEv 2C2n7cNMR9+jb0bA5B4AMBp44ZHp1gNfiWLH+v6YSaz/oFKV21fAmBhzqxcXqgbB lQ/kwn/ZAYErfRtftzYp14SBqARw1lN1MLsUbfzs3FJKhjyx1N2vmVcgG9GI9Brz t0oPkT275Alaz3G1X9pOTbFxy9LM4j5ESa/k9ka3yL3BSdxVsd1QOAsToyhN84QN aOSbvDnQdPk4rM6vn41YW/6dDkxwK3grtcLuJ6ii1bXrtCvC6P+W6S/o4gAwO0n5 aD0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:25 2025 by rpki-client