$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52ed4ede-452e-4252-99d4-ab87dca3e810.roa File: 52ed4ede-452e-4252-99d4-ab87dca3e810.roa (raw, json) Hash identifier: f5CkRKdfSisIcXwVugNkCVUkVNmzCIB74CYHM1P1QlE= Subject key identifier: E1:D2:1C:08:85:0B:15:C0:DD:E5:FD:CA:D9:FF:90:66:84:8A:E2:5A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40133175C3CBF0A14DF4A4363C0BC94D812820EB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52ed4ede-452e-4252-99d4-ab87dca3e810.roa Signing time: Fri 16 May 2025 15:10:53 +0000 ROA not before: Fri 16 May 2025 15:10:53 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:13:31:75:c3:cb:f0:a1:4d:f4:a4:36:3c:0b:c9:4d:81:28:20:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:10:53 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=38fe2431f64ce9e9bf6e1307c81dd0f3bdce98873e63f59676ceb16f26235abd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:86:b5:4a:b4:2e:9a:1d:97:1c:77:c7:e4:97: 9a:d0:1d:8a:90:32:91:5e:86:6d:11:02:ac:a4:e9: 44:2d:22:f0:d1:ef:d6:3e:bd:a5:4e:e3:5d:54:97: b3:06:c8:38:55:b6:81:ff:0a:44:fa:f4:23:c4:4b: c6:9c:d6:47:a9:fa:cf:d3:e0:29:3c:12:21:2d:6c: c3:57:56:11:83:b1:b4:71:de:fa:c0:5b:9f:6f:0c: 7d:df:48:ca:37:98:95:44:dc:03:6b:c8:d8:90:e0: 0b:42:25:97:9e:df:37:07:9f:3c:92:57:69:e2:e4: c0:f4:a3:8c:34:02:80:4a:7a:13:08:1c:1c:f3:0c: e1:11:de:ac:23:d7:73:fc:fd:ed:2f:7a:b5:ad:90: 94:ef:41:d0:47:19:90:18:4b:de:4a:4e:aa:f0:94: 1c:f9:88:a3:58:3e:d4:66:e0:20:1a:a7:a7:d4:af: c5:e3:b0:bd:fa:70:64:e0:cc:92:2e:28:db:1a:c4: f4:23:fb:61:57:6f:9a:d7:4f:ee:a3:14:4d:e8:f6: b0:69:32:4f:8c:99:06:a4:47:c6:d9:56:96:5e:f8: db:05:1b:db:bf:b2:5c:45:f6:1f:18:c2:d2:e5:f3: 86:23:4f:3c:cf:13:2b:8e:5f:5c:e0:07:8c:9d:4b: 5e:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:D2:1C:08:85:0B:15:C0:DD:E5:FD:CA:D9:FF:90:66:84:8A:E2:5A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52ed4ede-452e-4252-99d4-ab87dca3e810.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:a000::/40 Signature Algorithm: sha256WithRSAEncryption 6b:8a:48:4d:65:a3:b8:38:22:46:e5:65:d7:4e:06:c0:c0:28: 51:a4:3c:34:48:b9:4d:1c:42:f8:b4:72:92:0d:3e:07:4a:63: ee:a2:6b:6a:30:35:f9:69:62:42:f0:90:c5:ef:3f:ae:bb:4d: c7:db:d8:e8:e1:14:46:0c:73:8e:f2:6b:f5:71:b9:3f:93:05: fe:2d:72:c2:ba:de:0a:e9:34:78:41:57:27:65:92:fc:5c:6f: 00:fb:e3:41:b6:38:f4:48:f4:f8:61:95:e8:99:03:f8:42:f7: 99:7c:19:6a:e9:fa:6b:9e:84:fa:6b:90:65:df:61:ac:e7:21: e3:c0:50:9d:89:fc:84:7d:31:b8:44:27:a1:f5:8f:50:5b:39: 2b:8d:7a:56:db:7d:d9:63:35:1a:db:63:b8:be:4b:f4:83:25: f0:25:75:7b:ea:c7:cc:84:16:74:d9:3f:75:27:ab:f4:3e:49: 26:27:b3:d4:85:0a:e6:d3:ca:19:17:f0:c4:fe:fa:76:6f:32: e8:a1:1f:30:ab:2d:9c:ef:71:51:64:99:2d:15:f8:0c:ee:3f: 67:4d:42:6c:2f:0f:3f:fa:03:14:98:17:1e:18:f0:ff:0d:4e: ed:74:3e:0c:8b:16:14:03:51:26:8c:53:24:63:b5:87:1d:69: 54:8d:0d:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQBMxdcPL8KFN9KQ2PAvJTYEoIOswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MTA1M1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMzhmZTI0MzFmNjRjZTllOWJmNmUx MzA3YzgxZGQwZjNiZGNlOTg4NzNlNjNmNTk2NzZjZWIxNmYyNjIzNWFiZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44a1SrQumh2XHHfH5Jea0B2KkDKR XoZtEQKspOlELSLw0e/WPr2lTuNdVJezBsg4VbaB/wpE+vQjxEvGnNZHqfrP0+Ap PBIhLWzDV1YRg7G0cd76wFufbwx930jKN5iVRNwDa8jYkOALQiWXnt83B588kldp 4uTA9KOMNAKASnoTCBwc8wzhEd6sI9dz/P3tL3q1rZCU70HQRxmQGEveSk6q8JQc +YijWD7UZuAgGqen1K/F47C9+nBk4MySLijbGsT0I/thV2+a10/uoxRN6PawaTJP jJkGpEfG2VaWXvjbBRvbv7JcRfYfGMLS5fOGI088zxMrjl9c4AeMnUteXQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOHSHAiFCxXA3eX9ytn/kGaEiuJaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUyZWQ0ZWRlLTQ1MmUtNDI1Mi05OWQ0LWFiODdkY2EzZTgxMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/qAwDQYJKoZIhvcNAQELBQADggEBAGuKSE1lo7g4IkblZddO BsDAKFGkPDRIuU0cQvi0cpINPgdKY+6ia2owNflpYkLwkMXvP667Tcfb2OjhFEYM c47ya/VxuT+TBf4tcsK63grpNHhBVydlkvxcbwD740G2OPRI9PhhleiZA/hC95l8 GWrp+muehPprkGXfYaznIePAUJ2J/IR9MbhEJ6H1j1BbOSuNelbbfdljNRrbY7i+ S/SDJfAldXvqx8yEFnTZP3Unq/Q+SSYns9SFCubTyhkX8MT++nZvMuihHzCrLZzv cVFkmS0V+AzuP2dNQmwvDz/6AxSYFx4Y8P8NTu10PgyLFhQDUSaMUyRjtYcdaVSN Da0= -----END CERTIFICATE-----Generated at Mon Jun 2 06:29:42 2025 by rpki-client