$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa File: 49a679dd-b6ba-4b54-beeb-b3e83302b998.roa (raw, json) Hash identifier: yqByQSNO/TPwjLmly/81yR7ZGETC7XPGF+OJFvdF2aE= Subject key identifier: 12:2C:A4:3F:21:33:9D:62:D6:4D:9D:31:94:F7:FD:22:61:31:D3:91 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 50DA680EA101C4561E1719FF1106DD6837CC010F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa Signing time: Fri 13 Jun 2025 00:00:08 +0000 ROA not before: Fri 13 Jun 2025 00:00:08 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:50:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:da:68:0e:a1:01:c4:56:1e:17:19:ff:11:06:dd:68:37:cc:01:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:00:08 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=e1582b96f21d20df90302985edad21fc1c948833071a08998e7d1248048b19fe, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:c6:57:e5:1e:d3:97:5b:49:c9:f9:c8:40:a4: 41:07:8e:4e:58:7c:89:af:1a:2d:2f:e3:f6:15:a8: fe:d0:7e:f4:21:fd:d9:84:0a:e7:95:95:fa:87:c8: 38:97:57:ed:a0:51:2e:02:99:d8:83:6b:97:16:3e: bf:0f:a3:73:05:7f:85:b9:65:20:9e:3b:80:1e:89: 4f:66:b9:66:6a:17:25:aa:90:68:68:66:ee:ba:19: ad:18:f0:f4:1b:b1:86:00:39:ae:f3:81:70:99:f1: eb:a4:70:6f:69:72:e4:94:c3:7b:af:f3:fb:49:a5: 78:19:6e:91:5b:2c:c4:42:03:28:fd:11:fb:c6:6b: 80:1b:b6:ed:0f:c6:17:55:0c:74:0b:e0:76:51:e3: e9:65:51:98:fe:bb:a6:f7:4f:fc:04:53:32:50:cd: 58:47:bd:cc:ed:3d:37:9c:e3:1a:cc:43:60:a6:81: 6d:2b:c5:a9:c4:ba:92:60:a9:e5:ae:22:d6:b2:e0: 2c:4f:7f:df:77:65:1f:f9:06:14:26:0e:57:14:24: 0a:ba:de:ca:2f:39:25:5b:3a:10:e5:22:e5:ab:c3: c1:6b:79:53:cd:d0:62:fc:59:60:0f:0e:c5:c8:1d: 4f:4a:44:73:c4:32:fa:a2:24:cf:65:58:c8:d1:95: ed:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:2C:A4:3F:21:33:9D:62:D6:4D:9D:31:94:F7:FD:22:61:31:D3:91 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:800::/40 Signature Algorithm: sha256WithRSAEncryption 16:dc:dd:d9:de:df:cb:51:15:59:17:7e:3c:55:e2:a9:9e:27: cb:07:68:55:c6:e1:d9:3e:86:18:4c:65:2d:49:45:36:39:8a: b2:dd:0a:b9:0a:2c:9f:57:d0:a0:e5:81:79:2e:1d:28:66:af: c0:54:d6:dc:35:3d:aa:81:f8:66:95:3c:d8:fd:4e:dc:cc:6b: 72:61:d3:55:32:2a:90:14:89:15:0a:16:3d:94:8b:f8:27:64: cb:16:31:78:b5:34:6c:7c:c3:22:b1:6a:e8:24:00:2e:6e:ff: 4e:a5:16:42:9d:d7:cb:76:6c:aa:f8:ad:21:0c:03:fc:fd:a4: b4:36:f7:c0:c0:f9:56:c0:ab:7a:09:dc:fc:15:89:cc:87:94: 70:c6:67:81:ea:ed:57:1d:02:b1:77:4d:4e:6d:a9:21:ee:47: 0f:35:ac:66:19:22:fb:8c:2e:d3:87:3e:f5:19:01:34:22:1f: 16:46:fd:c6:1a:03:73:fa:93:1b:29:93:37:00:ee:ec:39:b3: 58:9a:8a:8f:8e:9b:8a:f6:c5:74:7b:d4:b6:d0:2b:de:8d:d0: 64:09:ad:ff:b0:ed:d6:3d:22:6a:e8:9b:8e:3c:e9:47:eb:40: af:66:f6:4e:3a:25:92:49:9f:4e:5e:5e:5e:c4:57:60:3e:aa: 19:01:ac:13 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUNpoDqEBxFYeFxn/EQbdaDfMAQ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDAwOFoX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAZTE1ODJiOTZmMjFkMjBkZjkwMzAy OTg1ZWRhZDIxZmMxYzk0ODgzMzA3MWEwODk5OGU3ZDEyNDgwNDhiMTlmZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8ZX5R7Tl1tJyfnIQKRBB45OWHyJ rxotL+P2Faj+0H70If3ZhArnlZX6h8g4l1ftoFEuApnYg2uXFj6/D6NzBX+FuWUg njuAHolPZrlmahclqpBoaGbuuhmtGPD0G7GGADmu84FwmfHrpHBvaXLklMN7r/P7 SaV4GW6RWyzEQgMo/RH7xmuAG7btD8YXVQx0C+B2UePpZVGY/rum90/8BFMyUM1Y R73M7T03nOMazENgpoFtK8WpxLqSYKnlriLWsuAsT3/fd2Uf+QYUJg5XFCQKut7K LzklWzoQ5SLlq8PBa3lTzdBi/FlgDw7FyB1PSkRzxDL6oiTPZVjI0ZXtuQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBIspD8hM51i1k2dMZT3/SJhMdORMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YTY3OWRkLWI2YmEtNGI1NC1iZWViLWIzZTgzMzAyYjk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8QgwDQYJKoZIhvcNAQELBQADggEBABbc3dne38tRFVkXfjxV 4qmeJ8sHaFXG4dk+hhhMZS1JRTY5irLdCrkKLJ9X0KDlgXkuHShmr8BU1tw1PaqB +GaVPNj9TtzMa3Jh01UyKpAUiRUKFj2Ui/gnZMsWMXi1NGx8wyKxaugkAC5u/06l FkKd18t2bKr4rSEMA/z9pLQ298DA+VbAq3oJ3PwVicyHlHDGZ4Hq7VcdArF3TU5t qSHuRw81rGYZIvuMLtOHPvUZATQiHxZG/cYaA3P6kxspkzcA7uw5s1iaio+Om4r2 xXR71LbQK96N0GQJrf+w7dY9Imrom4486UfrQK9m9k46JZJJn05eXl7EV2A+qhkB rBM= -----END CERTIFICATE-----Generated at Fri Jul 4 10:22:33 2025 by rpki-client