$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa File: 49c96710-1e67-4b08-aeed-9db02b3e6469.roa (raw, json) Hash identifier: rZaciDzHQg8Xc+AAAg1wLzVR3a9uFDSrenzUhobSsfw= Subject key identifier: E2:0E:02:34:2F:B2:42:BE:09:B8:12:D8:ED:24:A5:0C:B7:53:F4:41 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5A4FB33C90A830DA999630BE005ADB55231DEB27 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa Signing time: Mon 02 Jun 2025 15:00:45 +0000 ROA not before: Mon 02 Jun 2025 15:00:45 +0000 ROA not after: Mon 07 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:4f:b3:3c:90:a8:30:da:99:96:30:be:00:5a:db:55:23:1d:eb:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 2 15:00:45 2025 GMT Not After : Jul 7 23:59:59 2025 GMT Subject: serialNumber=b53e76b6c0f2d71d979cbbd9c09ffa0e565db7bddfba978a8f8a63e4b9f3e1f4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b4:74:05:d6:d2:b0:0e:7e:f6:d8:68:fd:ef: 8c:41:bc:a7:d7:89:4f:80:2f:18:1c:60:7b:d4:b6: b7:47:f1:12:49:a8:81:0b:8f:f6:7a:19:71:c7:51: 6d:51:34:70:46:f2:9b:be:aa:f6:e3:09:f5:8c:9c: be:2f:e6:6b:1f:00:67:e2:94:92:ad:0d:59:80:8a: e8:04:b2:6d:81:ab:8f:dd:30:5f:6e:94:05:6c:61: b6:c3:69:d0:4b:6a:1a:a7:61:86:b3:d7:4e:a0:86: 77:ef:61:fc:6f:fc:01:56:dd:4a:ff:92:ee:41:9d: fe:e3:6f:66:df:ab:81:94:66:f4:3e:39:2b:a7:e6: e5:08:ec:bb:7d:56:58:9e:0f:c7:a1:f3:af:c1:4b: ce:bd:8c:d6:6c:de:96:34:a8:8d:d3:b1:7f:b6:f3: 2c:68:81:ee:4a:52:42:a2:be:0c:8a:96:5b:ad:ef: 25:96:b1:d0:8f:33:e0:82:e0:a8:70:76:42:b5:1f: 4c:ba:5f:f5:0e:ba:79:71:62:96:e1:32:84:8b:26: 49:4a:b2:6a:ea:8f:14:4b:d3:90:d5:dd:17:40:05: 3c:ac:36:31:b8:5d:75:ae:40:3c:d7:91:af:12:36: d2:2a:04:35:ca:ef:36:79:92:5f:ee:87:4b:37:11: 3d:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:0E:02:34:2F:B2:42:BE:09:B8:12:D8:ED:24:A5:0C:B7:53:F4:41 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:e000::/40 Signature Algorithm: sha256WithRSAEncryption 2e:22:5f:46:63:a2:59:fc:a5:50:43:25:f8:53:e5:6b:e3:36: b2:1b:d0:34:05:a0:c7:c0:89:1c:2e:db:52:c8:3e:2e:aa:0f: 7e:23:15:83:8f:9a:a4:22:0e:76:c5:7e:20:3b:b8:bc:84:ef: 1b:27:27:fc:3f:7f:14:ff:c1:a4:92:de:a7:36:e4:38:c9:12: 34:d3:01:d4:ec:10:c4:4c:f8:23:d8:45:0b:bb:1f:1d:f0:c2: 04:8a:1b:ef:e8:81:a9:ec:78:cd:ee:ec:01:7c:de:18:c4:28: 5a:5c:65:55:5e:f8:2f:3e:8a:a4:be:92:b6:09:65:15:cd:ec: f3:1a:33:40:dc:18:9a:87:10:3e:92:9c:b2:e5:14:0b:6d:f8: 6f:f6:26:01:9a:74:da:56:60:00:ca:08:77:0d:ab:91:ae:dc: a0:78:e7:d1:02:ee:2b:f3:a5:ed:fc:c2:7f:91:76:a5:d1:29: 30:96:a2:6d:2f:7e:a7:a6:77:71:b2:3c:36:ec:5d:58:5f:2f: b4:e2:1a:81:53:c4:5e:ce:4e:33:3f:2f:9b:e8:f0:76:25:cd: ec:7f:81:3e:60:09:e3:f5:65:89:c9:56:f4:a8:01:d2:1d:6d: 7e:ef:42:65:b2:52:66:07:3f:4a:58:16:18:d4:b1:b0:86:49: ff:0e:f2:01 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWk+zPJCoMNqZljC+AFrbVSMd6ycwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwMjE1MDA0NVoX DTI1MDcwNzIzNTk1OVowejFJMEcGA1UEBRNAYjUzZTc2YjZjMGYyZDcxZDk3OWNi YmQ5YzA5ZmZhMGU1NjVkYjdiZGRmYmE5NzhhOGY4YTYzZTRiOWYzZTFmNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobR0BdbSsA5+9tho/e+MQbyn14lP gC8YHGB71La3R/ESSaiBC4/2ehlxx1FtUTRwRvKbvqr24wn1jJy+L+ZrHwBn4pSS rQ1ZgIroBLJtgauP3TBfbpQFbGG2w2nQS2oap2GGs9dOoIZ372H8b/wBVt1K/5Lu QZ3+429m36uBlGb0Pjkrp+blCOy7fVZYng/HofOvwUvOvYzWbN6WNKiN07F/tvMs aIHuSlJCor4MipZbre8llrHQjzPgguCocHZCtR9Mul/1Drp5cWKW4TKEiyZJSrJq 6o8US9OQ1d0XQAU8rDYxuF11rkA815GvEjbSKgQ1yu82eZJf7odLNxE9WwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOIOAjQvskK+CbgS2O0kpQy3U/RBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5Yzk2NzEwLTFlNjctNGIwOC1hZWVkLTlkYjAyYjNlNjQ2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9eAwDQYJKoZIhvcNAQELBQADggEBAC4iX0Zjoln8pVBDJfhT 5WvjNrIb0DQFoMfAiRwu21LIPi6qD34jFYOPmqQiDnbFfiA7uLyE7xsnJ/w/fxT/ waSS3qc25DjJEjTTAdTsEMRM+CPYRQu7Hx3wwgSKG+/oganseM3u7AF83hjEKFpc ZVVe+C8+iqS+krYJZRXN7PMaM0DcGJqHED6SnLLlFAtt+G/2JgGadNpWYADKCHcN q5Gu3KB459EC7ivzpe38wn+RdqXRKTCWom0vfqemd3GyPDbsXVhfL7TiGoFTxF7O TjM/L5vo8HYlzex/gT5gCeP1ZYnJVvSoAdIdbX7vQmWyUmYHP0pYFhjUsbCGSf8O 8gE= -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:09 2025 by rpki-client