$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa File: 3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa (raw, json) Hash identifier: 1F2iLGfnPfX8ZsbADP0ss9KNZ+S+SgkhFqz7iKhXboI= Subject key identifier: C9:DB:EB:DD:8F:DE:63:95:5E:DA:EF:F4:28:CF:5B:70:1F:02:1E:AA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 551BEC8C0FFB0202AFE06AB4605DAFAC87C0A171 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa Signing time: Fri 30 May 2025 00:00:11 +0000 ROA not before: Fri 30 May 2025 00:00:11 +0000 ROA not after: Fri 04 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:1b:ec:8c:0f:fb:02:02:af:e0:6a:b4:60:5d:af:ac:87:c0:a1:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 30 00:00:11 2025 GMT Not After : Jul 4 23:59:59 2025 GMT Subject: serialNumber=a54e166edd0ff85fab2a67d118e67612fd44798a64cd066251ea1afcc3b13da8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:6d:0b:94:53:59:60:55:58:8f:c4:84:1c:6a: c2:e9:8b:68:17:c4:76:e4:90:c6:c1:eb:59:18:7d: 46:f8:86:eb:17:e0:e8:9d:4d:38:b7:31:6b:e2:60: b5:04:0b:ae:6c:ab:2f:b5:6d:3f:37:d2:88:e2:f8: de:c2:f4:fb:af:4c:34:83:2e:2f:b7:9d:19:98:f2: d1:1d:f2:bc:1f:c9:5c:19:f0:00:08:ec:33:1b:e0: 33:7a:d2:7f:9d:fd:7d:59:73:8e:dd:41:24:fc:0f: f5:7b:f3:bf:6a:6d:14:54:97:e1:26:4c:2e:90:76: f5:df:db:6d:a2:0b:26:4f:34:85:b7:a3:e6:ef:d6: 54:75:ec:38:13:ce:34:8a:ac:e2:1a:86:17:e6:be: 43:ea:17:e4:e5:29:6a:8b:a2:79:d4:96:fc:a3:45: ca:10:22:13:1a:2a:6c:0d:7e:3d:ed:7b:73:86:e5: 94:df:b6:41:44:98:6e:05:60:82:31:83:a5:6c:eb: 01:5e:81:0c:aa:e3:6b:a2:1a:ae:38:d6:37:48:93: ce:9e:85:29:8e:94:62:22:c7:95:e5:1e:1e:46:e5: 63:12:45:d5:89:9e:1d:38:fb:af:8e:64:41:07:12: 43:da:3e:fd:d9:79:84:c9:9e:65:5c:60:04:8a:19: 27:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:DB:EB:DD:8F:DE:63:95:5E:DA:EF:F4:28:CF:5B:70:1F:02:1E:AA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:4000::/40 Signature Algorithm: sha256WithRSAEncryption c7:7e:c8:7b:73:36:03:d4:0a:59:fb:1c:1d:62:d8:dd:0d:09: 3a:fd:cc:38:64:07:6c:3e:14:e0:03:c6:1a:40:e2:dd:c3:ed: ac:32:82:4c:3e:76:b3:7d:f3:66:48:41:23:40:c6:b6:8b:c6: 52:86:00:3c:80:2e:7c:be:cc:2c:4a:a4:9e:9d:01:a6:d3:22: 75:04:4b:d2:cc:ee:bf:41:66:19:6c:3d:05:93:74:92:43:c6: 08:f9:1c:ab:0b:54:98:88:ab:6a:3f:ed:43:da:66:37:15:e1: 7f:a1:5d:c8:b8:e3:f6:ba:83:7d:3a:ad:22:a5:d0:80:b8:70: 82:fa:9d:4b:a8:19:37:4b:40:f0:00:3c:a0:5c:f1:e2:f4:d1: 57:31:25:a5:58:44:9e:45:f4:b6:3c:e9:51:2b:56:f7:94:26: 42:5c:45:79:b2:38:25:ad:ec:d9:e9:3d:98:b3:9a:7f:0d:b1: 77:9d:08:1b:7c:99:eb:55:48:0d:65:ff:6e:1a:19:89:88:af: 94:0d:dc:dc:69:4f:f8:a2:64:36:03:82:c4:60:b2:9b:5e:34: 9b:e9:12:3f:0c:45:94:e0:3d:19:3f:57:06:03:34:c4:cb:2a: e1:90:b2:e7:e8:0f:7e:45:27:28:37:4b:14:86:7a:91:5d:a0: 02:04:82:96 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVRvsjA/7AgKv4Gq0YF2vrIfAoXEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUzMDAwMDAxMVoX DTI1MDcwNDIzNTk1OVowejFJMEcGA1UEBRNAYTU0ZTE2NmVkZDBmZjg1ZmFiMmE2 N2QxMThlNjc2MTJmZDQ0Nzk4YTY0Y2QwNjYyNTFlYTFhZmNjM2IxM2RhODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW0LlFNZYFVYj8SEHGrC6YtoF8R2 5JDGwetZGH1G+IbrF+DonU04tzFr4mC1BAuubKsvtW0/N9KI4vjewvT7r0w0gy4v t50ZmPLRHfK8H8lcGfAACOwzG+AzetJ/nf19WXOO3UEk/A/1e/O/am0UVJfhJkwu kHb139ttogsmTzSFt6Pm79ZUdew4E840iqziGoYX5r5D6hfk5Slqi6J51Jb8o0XK ECITGipsDX497XtzhuWU37ZBRJhuBWCCMYOlbOsBXoEMquNrohquONY3SJPOnoUp jpRiIseV5R4eRuVjEkXViZ4dOPuvjmRBBxJD2j792XmEyZ5lXGAEihknLQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMnb692P3mOVXtrv9CjPW3AfAh6qMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNmMzE5YmE0LTRmNzUtNDlmZC05YTNiLWE5MGM5MzhhMjRhZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMkAwDQYJKoZIhvcNAQELBQADggEBAMd+yHtzNgPUCln7HB1i 2N0NCTr9zDhkB2w+FOADxhpA4t3D7awygkw+drN982ZIQSNAxraLxlKGADyALny+ zCxKpJ6dAabTInUES9LM7r9BZhlsPQWTdJJDxgj5HKsLVJiIq2o/7UPaZjcV4X+h Xci44/a6g306rSKl0IC4cIL6nUuoGTdLQPAAPKBc8eL00VcxJaVYRJ5F9LY86VEr VveUJkJcRXmyOCWt7NnpPZizmn8NsXedCBt8metVSA1l/24aGYmIr5QN3NxpT/ii ZDYDgsRgspteNJvpEj8MRZTgPRk/VwYDNMTLKuGQsufoD35FJyg3SxSGepFdoAIE gpY= -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:01 2025 by rpki-client