$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa File: 4d8399a4-56d7-47cd-a300-df287b4c76c9.roa (raw, json) Hash identifier: bwBVeKE5sWlgbCFLVAU+6eJLOF29Lzdchgaw05nAXLQ= Subject key identifier: F1:06:39:89:BB:0C:FB:DA:BE:D7:AC:8F:0E:13:17:21:E8:06:CA:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0F8CCA5776D61FB77FDDE6825FFF7182EAC6958A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa Signing time: Fri 16 May 2025 15:01:13 +0000 ROA not before: Fri 16 May 2025 15:01:13 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:8c:ca:57:76:d6:1f:b7:7f:dd:e6:82:5f:ff:71:82:ea:c6:95:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:01:13 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=ca413a0c39d9b40f06ff937bd0596afce1d20137ab67cc6c3b41ae25e17a94d7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:f9:c5:15:45:9c:0a:68:a3:44:68:5e:40:2a: a6:f5:41:65:fc:43:b3:18:6e:f4:ff:80:5f:1b:1b: da:98:46:b1:d6:75:77:a7:90:1a:b7:3d:18:de:55: 9b:73:64:5c:da:c5:c6:b6:da:f9:85:f4:dd:c1:7b: 6a:2f:fb:d6:38:48:d1:5c:46:1b:6f:54:9d:c6:23: 3b:5d:ec:e2:6a:55:86:01:b8:19:b8:f4:ce:d8:c7: 21:d9:c0:ea:5e:25:9f:9c:cf:91:72:35:8f:2c:1f: e8:85:75:c9:88:ab:2f:06:db:59:89:81:5e:17:37: 4f:a7:d3:a1:09:c0:d3:cc:ab:c9:91:1f:88:2d:e0: 16:30:49:05:38:a7:d4:0b:05:03:d2:ad:64:bc:39: 68:07:85:8b:a1:eb:64:82:bf:80:bc:6c:9c:a0:af: fd:60:e5:d9:b6:32:cf:c5:b4:0d:f1:db:07:a5:7c: 56:f8:78:a4:5e:e1:0d:9d:25:01:b9:f2:3d:22:40: 4d:4e:25:26:96:5f:10:74:29:24:e1:4f:f2:1c:24: d1:62:40:27:25:81:ca:23:5b:35:62:96:9c:f8:37: 0f:3f:20:6b:a2:0c:c9:ac:71:0a:71:69:b0:97:5d: 71:8d:f3:5a:70:29:18:8a:d8:0c:f8:78:c5:b5:44: 44:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:06:39:89:BB:0C:FB:DA:BE:D7:AC:8F:0E:13:17:21:E8:06:CA:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:e000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:43:3f:6c:27:f1:84:31:bf:a8:70:fc:61:0e:83:9a:93:1a: f8:50:8f:6b:30:79:aa:f8:e9:14:ea:28:e9:17:09:6f:e0:23: f6:d9:15:d6:24:8d:dc:17:05:2f:ba:48:c2:b3:7d:0e:c2:67: 9f:91:3b:2b:6c:e2:d1:f7:5e:34:be:a7:75:b2:45:f1:fc:7a: 6f:67:51:34:0d:71:63:56:eb:2f:6a:88:94:23:41:06:f1:4a: ad:7f:e7:47:36:b3:87:c0:a2:91:43:a4:c6:a2:fe:34:d0:6e: 8b:ae:96:70:8a:11:55:a3:d9:3b:79:5f:a1:bb:1e:02:ed:ac: 3e:ec:a8:be:90:b6:a1:ea:7d:40:c2:c9:f4:b3:80:7c:cf:0f: cd:a4:c4:03:80:01:a7:a7:a0:d8:6f:df:c3:a9:97:66:0b:b1: 92:f9:19:8a:b7:d5:8e:3b:6b:c4:f8:8b:5f:4e:28:0e:c5:f6: 2a:65:c5:a6:59:38:10:6f:ee:91:a1:70:27:44:ee:b6:4c:47: 8e:d0:d4:25:8d:5f:d8:45:ac:91:82:e6:a7:3a:09:80:e0:09: 2c:d1:0b:26:37:86:9d:cb:01:26:f8:3e:c1:de:d1:69:96:bc: c0:33:a0:eb:99:bc:03:2b:6e:2b:16:9d:7c:ab:59:ea:80:0e: 32:2e:96:85 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUD4zKV3bWH7d/3eaCX/9xgurGlYowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MDExM1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAY2E0MTNhMGMzOWQ5YjQwZjA2ZmY5 MzdiZDA1OTZhZmNlMWQyMDEzN2FiNjdjYzZjM2I0MWFlMjVlMTdhOTRkNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/nFFUWcCmijRGheQCqm9UFl/EOz GG70/4BfGxvamEax1nV3p5Aatz0Y3lWbc2Rc2sXGttr5hfTdwXtqL/vWOEjRXEYb b1SdxiM7XezialWGAbgZuPTO2Mch2cDqXiWfnM+RcjWPLB/ohXXJiKsvBttZiYFe FzdPp9OhCcDTzKvJkR+ILeAWMEkFOKfUCwUD0q1kvDloB4WLoetkgr+AvGycoK/9 YOXZtjLPxbQN8dsHpXxW+HikXuENnSUBufI9IkBNTiUmll8QdCkk4U/yHCTRYkAn JYHKI1s1Ypac+DcPPyBrogzJrHEKcWmwl11xjfNacCkYitgM+HjFtURELwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPEGOYm7DPvavtesjw4TFyHoBsp/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkODM5OWE0LTU2ZDctNDdjZC1hMzAwLWRmMjg3YjRjNzZjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNuAwDQYJKoZIhvcNAQELBQADggEBACxDP2wn8YQxv6hw/GEO g5qTGvhQj2swear46RTqKOkXCW/gI/bZFdYkjdwXBS+6SMKzfQ7CZ5+ROyts4tH3 XjS+p3WyRfH8em9nUTQNcWNW6y9qiJQjQQbxSq1/50c2s4fAopFDpMai/jTQbouu lnCKEVWj2Tt5X6G7HgLtrD7sqL6QtqHqfUDCyfSzgHzPD82kxAOAAaenoNhv38Op l2YLsZL5GYq31Y47a8T4i19OKA7F9iplxaZZOBBv7pGhcCdE7rZMR47Q1CWNX9hF rJGC5qc6CYDgCSzRCyY3hp3LASb4PsHe0WmWvMAzoOuZvAMrbisWnXyrWeqADjIu loU= -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:45 2025 by rpki-client