$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa File: 519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa (raw, json) Hash identifier: /RMTsZ5m67gRxf3bJAvrx/3GgMmW4kMtyniy7ho423U= Subject key identifier: D6:D7:7D:38:E9:2D:62:96:DF:2D:2C:58:95:61:E1:15:E3:1C:0B:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4199DD784A0F17ADEB56C9573F42CA7AC2AC3784 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa Signing time: Fri 16 May 2025 15:10:41 +0000 ROA not before: Fri 16 May 2025 15:10:41 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:99:dd:78:4a:0f:17:ad:eb:56:c9:57:3f:42:ca:7a:c2:ac:37:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:10:41 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=177276e13bcecf227a5a948f6df706f5af6beec50881c9f19c72a092f0115b54, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:e6:a1:80:8e:b4:0b:65:6a:09:e2:1d:a6:7f: 8f:be:89:72:88:ca:c0:8c:d9:40:03:9d:a2:34:25: fa:ca:d6:98:f5:19:a4:75:4f:83:98:53:16:05:79: 4a:a9:72:f7:cd:36:d1:cd:67:39:6c:70:82:17:5d: 3e:51:34:5d:09:86:a7:38:c3:c7:8a:c2:37:19:7c: 3d:79:ea:20:15:99:b6:b5:03:60:a0:ec:00:1a:f8: b2:67:42:11:42:89:ca:8e:5a:bb:64:8d:ea:33:36: 08:d6:bd:ba:3c:41:ec:8d:50:c4:de:d1:d6:fb:82: 8f:f2:71:48:c7:07:a0:da:99:1c:ff:20:de:a6:e2: 5d:7e:55:e0:bb:e7:d7:bf:64:25:d0:96:30:ec:bd: 5d:61:88:5f:de:9a:0f:fb:ed:05:27:b5:94:fd:7a: 45:2d:d8:46:1c:4f:ac:af:04:06:f8:16:40:fb:7f: 9e:cf:86:19:c2:ce:13:7f:5e:c1:34:3d:fb:8b:5e: 11:66:c8:77:e0:cd:f8:b3:81:a6:c3:e5:25:d2:53: 1f:69:c5:6a:28:43:fe:76:35:29:01:35:78:42:28: a3:4b:fa:b4:2c:86:80:44:e2:fd:0e:3b:9d:ea:b1: da:25:f2:1b:2e:d7:ed:39:6a:21:7d:f5:84:f4:02: 83:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:D7:7D:38:E9:2D:62:96:DF:2D:2C:58:95:61:E1:15:E3:1C:0B:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:e000::/40 Signature Algorithm: sha256WithRSAEncryption b7:44:18:5c:69:d8:db:48:cb:5e:83:96:a0:6f:f9:6d:12:7e: 9d:e6:13:2d:96:75:4b:f5:40:03:24:ab:7e:c7:ec:69:1d:5c: c4:78:79:5c:5d:01:da:1c:96:39:f6:fd:51:92:11:8d:d5:e0: 99:57:8b:bf:7e:bc:5e:67:07:58:4b:75:ca:d1:d6:1b:4a:3b: 4b:e9:9e:18:bb:ae:d3:c7:ca:4d:4d:43:b7:95:07:f7:4b:ff: 85:0a:5d:e0:9a:af:72:c9:a0:89:70:ef:d6:53:d2:4e:8f:69: bb:85:1b:07:29:f6:8b:bb:60:f2:bf:08:49:c2:01:bd:1e:69: 34:96:5e:fb:2e:a6:4c:f3:36:5a:80:c3:bd:8d:35:26:43:f7: eb:2c:7a:b7:16:0a:b9:05:9b:ea:fe:fe:0a:22:4e:c6:ee:16: af:6e:4d:d8:4a:bf:91:32:43:97:2d:57:f1:cf:62:75:75:51: e4:40:12:81:82:03:30:90:99:e9:fd:ff:89:e1:7e:87:14:76: 37:65:93:bf:37:6f:1a:7a:d8:f9:40:0b:48:49:60:4c:70:61: 77:26:49:78:e5:c0:70:83:a3:b2:b7:09:3d:b0:49:14:09:39: 77:ce:4e:24:2c:d9:b0:65:dc:48:6b:a7:33:6c:ff:83:9c:9a: ba:08:2d:eb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQZndeEoPF63rVslXP0LKesKsN4QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MTA0MVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMTc3Mjc2ZTEzYmNlY2YyMjdhNWE5 NDhmNmRmNzA2ZjVhZjZiZWVjNTA4ODFjOWYxOWM3MmEwOTJmMDExNWI1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+ahgI60C2VqCeIdpn+PvolyiMrA jNlAA52iNCX6ytaY9RmkdU+DmFMWBXlKqXL3zTbRzWc5bHCCF10+UTRdCYanOMPH isI3GXw9eeogFZm2tQNgoOwAGviyZ0IRQonKjlq7ZI3qMzYI1r26PEHsjVDE3tHW +4KP8nFIxweg2pkc/yDepuJdflXgu+fXv2Ql0JYw7L1dYYhf3poP++0FJ7WU/XpF LdhGHE+srwQG+BZA+3+ez4YZws4Tf17BND37i14RZsh34M34s4Gmw+Ul0lMfacVq KEP+djUpATV4QiijS/q0LIaAROL9Djud6rHaJfIbLtftOWohffWE9AKDnwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNbXfTjpLWKW3y0sWJVh4RXjHAtNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUxOWYwZTg4LWZhOTAtNGI2MS05NTdkLTU3ZmUxY2MyZjZjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoOAwDQYJKoZIhvcNAQELBQADggEBALdEGFxp2NtIy16DlqBv +W0Sfp3mEy2WdUv1QAMkq37H7GkdXMR4eVxdAdocljn2/VGSEY3V4JlXi79+vF5n B1hLdcrR1htKO0vpnhi7rtPHyk1NQ7eVB/dL/4UKXeCar3LJoIlw79ZT0k6PabuF Gwcp9ou7YPK/CEnCAb0eaTSWXvsupkzzNlqAw72NNSZD9+ssercWCrkFm+r+/goi TsbuFq9uTdhKv5EyQ5ctV/HPYnV1UeRAEoGCAzCQmen9/4nhfocUdjdlk783bxp6 2PlAC0hJYExwYXcmSXjlwHCDo7K3CT2wSRQJOXfOTiQs2bBl3EhrpzNs/4OcmroI Les= -----END CERTIFICATE-----Generated at Tue Jun 3 23:36:52 2025 by rpki-client