$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa File: 4d0d3d64-afcc-4838-bca0-f7693f145edf.roa (raw, json) Hash identifier: U/SnzBXBnNzXUNu8QOo1TJbzU96w5vIHhV6zrs0tg64= Subject key identifier: AD:F7:62:27:08:4F:16:FB:F6:7D:D9:32:F0:2A:78:D8:4F:60:94:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5432AF9E824ABC7097E52995EE49794E9EBE1026 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa Signing time: Fri 16 May 2025 15:31:43 +0000 ROA not before: Fri 16 May 2025 15:31:43 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:32:af:9e:82:4a:bc:70:97:e5:29:95:ee:49:79:4e:9e:be:10:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:31:43 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=45b42defd590b7e023e48742446bd352f9427b13ee6bd5e57bbdd664002f5910, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:c5:90:b9:72:ca:42:b0:53:7c:9b:7a:67:44: 0d:4b:df:86:c8:68:5b:c8:10:41:ad:72:dc:c8:4f: d2:10:db:e5:2a:05:d7:15:29:d9:1f:12:9b:90:c3: 48:ef:23:12:0d:14:47:d0:67:7f:e4:56:d9:3d:55: 37:bb:3a:7d:5a:93:54:93:a1:cf:6e:fe:3d:54:d0: 50:0a:b8:28:d1:54:a1:b8:b1:31:cc:2e:d9:f1:58: a8:e1:be:ff:5e:dc:4c:82:a2:d2:84:00:8a:71:c9: cf:bd:eb:e0:cd:ac:61:c3:e8:25:c3:76:03:b7:f0: 0d:58:ef:97:9e:64:4e:75:d2:19:ae:ec:c1:a0:e1: 06:44:6b:c1:56:31:b1:c2:5d:40:f8:32:1c:a0:ce: 14:7c:4e:00:15:41:7e:75:a9:9a:9a:ff:81:9c:37: e5:7f:54:ef:d6:f4:b4:53:7f:49:c9:4f:e4:cb:f0: 91:bc:1e:c6:11:2b:97:a4:60:57:01:3d:c7:1b:a8: 60:a7:70:06:8c:6d:9f:1f:fb:dd:9d:b0:18:69:43: 9d:a5:cf:7c:5f:a8:c1:51:61:43:fc:51:16:f4:ce: 18:f4:fe:ba:e1:f2:8a:b6:26:c8:c5:db:4e:52:d8: a6:37:29:9b:86:95:49:b0:72:19:9c:10:83:8a:a5: 79:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:F7:62:27:08:4F:16:FB:F6:7D:D9:32:F0:2A:78:D8:4F:60:94:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:b000::/40 Signature Algorithm: sha256WithRSAEncryption 02:60:86:3e:8f:b0:a5:3c:22:a2:dd:7c:1c:ad:ea:06:47:fb: 57:8f:9b:4b:49:68:5c:f7:0d:9c:cb:d5:3d:7f:4c:9c:73:67: 85:63:90:22:a6:d6:71:a6:65:0b:df:71:f7:dd:3d:8d:23:0c: 70:31:f5:87:49:c0:6c:26:6b:df:3c:97:65:6c:f1:8b:4a:05: dc:67:c0:ff:14:e6:ff:54:9e:ca:18:c3:c7:9e:ff:25:a4:24: b6:a7:a1:3a:18:fc:85:f5:88:43:03:ce:4d:bf:59:bc:4b:45: 56:17:76:00:be:4b:6f:af:65:f6:4d:9b:69:dc:34:c4:47:d6: 67:9b:6a:22:52:b8:1a:d1:9e:36:77:c1:ba:46:ef:fa:53:34: f0:6c:74:3c:e5:44:8e:af:98:18:ef:dd:be:6d:12:00:15:e6: 6e:14:43:b3:95:07:a0:be:0c:b5:79:bc:14:bf:19:64:b7:33: a4:2c:18:0b:ee:c7:fd:65:69:9e:b4:c4:78:1c:1e:c3:3d:f3: d1:38:29:b7:fa:ff:29:6d:ae:c0:41:2b:bc:c0:12:9c:38:b5: 61:19:9b:d2:70:8a:c6:0b:76:9f:ae:b9:ea:70:76:9d:2b:37: 3f:17:f4:be:d3:85:e2:0e:6c:99:05:95:24:9b:0b:1b:77:fc: be:c1:ab:39 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVDKvnoJKvHCX5SmV7kl5Tp6+ECYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzE0M1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANDViNDJkZWZkNTkwYjdlMDIzZTQ4 NzQyNDQ2YmQzNTJmOTQyN2IxM2VlNmJkNWU1N2JiZGQ2NjQwMDJmNTkxMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sWQuXLKQrBTfJt6Z0QNS9+GyGhb yBBBrXLcyE/SENvlKgXXFSnZHxKbkMNI7yMSDRRH0Gd/5FbZPVU3uzp9WpNUk6HP bv49VNBQCrgo0VShuLExzC7Z8Vio4b7/XtxMgqLShACKccnPvevgzaxhw+glw3YD t/ANWO+XnmROddIZruzBoOEGRGvBVjGxwl1A+DIcoM4UfE4AFUF+damamv+BnDfl f1Tv1vS0U39JyU/ky/CRvB7GESuXpGBXAT3HG6hgp3AGjG2fH/vdnbAYaUOdpc98 X6jBUWFD/FEW9M4Y9P664fKKtibIxdtOUtimNymbhpVJsHIZnBCDiqV5wQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK33YicITxb79n3ZMvAqeNhPYJSaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkMGQzZDY0LWFmY2MtNDgzOC1iY2EwLWY3NjkzZjE0NWVkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8bAwDQYJKoZIhvcNAQELBQADggEBAAJghj6PsKU8IqLdfByt 6gZH+1ePm0tJaFz3DZzL1T1/TJxzZ4VjkCKm1nGmZQvfcffdPY0jDHAx9YdJwGwm a988l2Vs8YtKBdxnwP8U5v9UnsoYw8ee/yWkJLanoToY/IX1iEMDzk2/WbxLRVYX dgC+S2+vZfZNm2ncNMRH1mebaiJSuBrRnjZ3wbpG7/pTNPBsdDzlRI6vmBjv3b5t EgAV5m4UQ7OVB6C+DLV5vBS/GWS3M6QsGAvux/1laZ60xHgcHsM989E4Kbf6/ylt rsBBK7zAEpw4tWEZm9JwisYLdp+uuepwdp0rNz8X9L7TheIObJkFlSSbCxt3/L7B qzk= -----END CERTIFICATE-----Generated at Mon Jun 2 06:15:03 2025 by rpki-client