$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa File: 42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa (raw, json) Hash identifier: dAzVsOzwQvMNBehXeSBZ3c3GeVxl6SE1vhCb5j95AJk= Subject key identifier: 9A:C1:BD:29:18:C8:CF:91:A5:0C:A9:5F:DF:CD:68:D0:D7:CD:D6:17 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 44A6B41ECE653C34D2BFD56E349B627034EDB3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa Signing time: Tue 13 May 2025 00:01:26 +0000 ROA not before: Tue 13 May 2025 00:01:26 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:a6:b4:1e:ce:65:3c:34:d2:bf:d5:6e:34:9b:62:70:34:ed:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:01:26 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=85e0565b63cee232ba2053605af3991550fd8d7e5899ef7e6dc1c6e0ee977a47, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:0c:e2:3c:b2:83:54:55:a9:a6:fa:0a:23:40: e8:f4:85:f0:13:55:42:cf:80:73:8f:2a:f9:3d:09: 78:a7:c5:b3:b0:38:7a:96:29:f3:56:31:63:80:1e: 01:6b:d7:23:0e:f1:32:87:14:e8:bc:99:80:7f:c1: 30:b2:73:5b:31:19:10:a5:a8:c9:ba:09:0b:4f:cd: 72:cb:80:5a:c3:b6:ad:ac:d3:18:04:7b:d6:58:4f: 3f:a3:59:52:37:99:19:4e:97:d0:e3:91:66:56:f9: 5a:de:9c:ec:2d:59:c6:fe:1b:eb:da:c3:84:70:73: 10:97:ac:29:34:f1:ce:3d:5e:a2:28:67:7f:5c:5d: 49:2b:17:aa:bc:ae:5f:69:9a:6d:2a:0a:54:53:23: 4b:c1:9d:a9:08:48:c2:5f:23:45:8d:28:07:5f:44: 66:b2:ae:fa:d4:95:d7:78:98:98:9c:2a:5a:2b:d2: 1b:01:d8:79:8e:ae:59:ca:ae:9a:36:aa:68:da:1d: 00:6d:01:fa:b2:56:ff:d0:e0:d7:18:d7:4c:13:c1: 33:48:4a:31:73:f1:a2:d1:e1:53:63:a2:96:d1:a6: b3:f3:a9:24:ff:52:60:eb:99:9b:70:05:09:5e:3d: d3:5c:69:ed:53:3d:19:4a:01:97:64:c3:60:f6:9c: 20:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:C1:BD:29:18:C8:CF:91:A5:0C:A9:5F:DF:CD:68:D0:D7:CD:D6:17 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 9d:60:ec:63:b2:27:37:a8:9d:42:7a:2a:9d:72:2e:18:68:20: 9d:ea:b0:bc:8d:3b:1a:90:8b:1f:1e:76:fc:43:f1:9e:4c:23: 02:bb:b0:76:1a:21:00:28:03:d9:c0:f6:55:24:7d:3f:ba:98: 2d:02:2a:6a:ac:be:f8:91:51:c6:ed:75:37:23:43:3e:21:c5: ed:68:17:13:89:17:2d:0d:63:dd:07:a5:48:9a:85:10:4c:30: 2e:97:39:d6:c7:d5:b5:d5:ca:60:09:22:cc:12:95:0c:bf:7e: 17:5e:5d:ad:ed:d2:45:48:f2:a0:dc:6b:a5:4d:04:e5:c8:8b: 27:6e:cc:66:43:59:41:38:7a:18:ed:3e:3c:c1:5c:4d:d7:5d: a8:bc:94:18:c7:9e:a7:b2:0d:a9:38:0e:ee:f1:49:20:0e:02: d9:c9:01:94:69:67:9d:e0:8e:48:1c:e0:19:c0:f5:af:37:84: 49:cd:82:67:c3:54:02:e1:d3:71:4a:2d:f2:7c:55:dd:a5:b7: 18:46:64:59:3b:27:05:5d:ab:ce:00:78:2c:cd:64:b8:ef:94: b8:6d:1a:f8:72:07:d9:bd:02:08:92:62:60:3d:d6:b7:25:ce: f4:db:14:12:e0:25:2d:df:f8:7f:87:c4:bb:25:8d:ff:62:fe: a2:ff:2b:bd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITRKa0Hs5lPDTSv9VuNJticDTtszANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwNTEzMDAwMTI2WhcN MjUwNjE3MjM1OTU5WjB6MUkwRwYDVQQFE0A4NWUwNTY1YjYzY2VlMjMyYmEyMDUz NjA1YWYzOTkxNTUwZmQ4ZDdlNTg5OWVmN2U2ZGMxYzZlMGVlOTc3YTQ3MS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuDOI8soNUVamm+gojQOj0hfATVULP gHOPKvk9CXinxbOwOHqWKfNWMWOAHgFr1yMO8TKHFOi8mYB/wTCyc1sxGRClqMm6 CQtPzXLLgFrDtq2s0xgEe9ZYTz+jWVI3mRlOl9DjkWZW+VrenOwtWcb+G+vaw4Rw cxCXrCk08c49XqIoZ39cXUkrF6q8rl9pmm0qClRTI0vBnakISMJfI0WNKAdfRGay rvrUldd4mJicKlor0hsB2HmOrlnKrpo2qmjaHQBtAfqyVv/Q4NcY10wTwTNISjFz 8aLR4VNjopbRprPzqST/UmDrmZtwBQlePdNcae1TPRlKAZdkw2D2nCAZAgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQUmsG9KRjIz5GlDKlf381o0NfN1hcwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv NDJmZDVhOTYtMjFlOS00ZWY4LWIyN2YtNWE3Zjk5NmI4NGQyLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAkBtry4MAwDQYJKoZIhvcNAQELBQADggEBAJ1g7GOyJzeonUJ6Kp1y LhhoIJ3qsLyNOxqQix8edvxD8Z5MIwK7sHYaIQAoA9nA9lUkfT+6mC0CKmqsvviR UcbtdTcjQz4hxe1oFxOJFy0NY90HpUiahRBMMC6XOdbH1bXVymAJIswSlQy/fhde Xa3t0kVI8qDca6VNBOXIiyduzGZDWUE4ehjtPjzBXE3XXai8lBjHnqeyDak4Du7x SSAOAtnJAZRpZ53gjkgc4BnA9a83hEnNgmfDVALh03FKLfJ8Vd2ltxhGZFk7JwVd q84AeCzNZLjvlLhtGvhyB9m9AgiSYmA91rclzvTbFBLgJS3f+H+HxLsljf9i/qL/ K70= -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:27 2025 by rpki-client