$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/589cd174-ff9f-4468-b434-55095a24f148.roa File: 589cd174-ff9f-4468-b434-55095a24f148.roa (raw, json) Hash identifier: z+jj9UHlwghqehDHgStsnNd0RuLBHlC82Ylf3PCl9TU= Subject key identifier: 6E:C4:37:3B:02:23:2B:2B:DC:95:2A:A8:B2:FA:F8:00:B8:81:26:A9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5C45F1F44B87525C977B96AA3CC5C852D29614C2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/589cd174-ff9f-4468-b434-55095a24f148.roa Signing time: Wed 14 May 2025 00:00:59 +0000 ROA not before: Wed 14 May 2025 00:00:59 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:45:f1:f4:4b:87:52:5c:97:7b:96:aa:3c:c5:c8:52:d2:96:14:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:00:59 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=bbdd8c3317abbe1fdf7ee649cbf6138a6049a3bae565a33ad7afdbcc2c79925f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:73:bc:21:b6:a0:45:24:e5:e4:be:90:50:48: 30:76:ea:37:3c:8b:31:93:58:19:17:6b:7f:fb:e2: cd:a7:51:d6:75:5e:9c:f2:8e:78:16:a8:95:1d:34: 98:9d:b3:fe:f2:ba:28:1d:bf:4b:5c:8e:8f:71:ec: 48:92:d5:89:69:33:1f:51:ac:40:00:f6:e1:d1:7e: 4e:f8:2e:2a:a4:39:ac:4c:3a:b7:8b:fd:a1:dd:41: fe:4c:d4:6a:84:e3:c0:5d:d3:73:26:b4:6d:ef:c2: fb:84:46:a4:88:ca:ba:8d:ca:5b:74:dd:d2:76:97: 1e:54:cd:9d:a2:7f:a2:e2:9e:c4:12:b5:df:b5:bf: af:31:11:e4:46:d8:8f:5f:e5:44:66:9b:a3:ba:38: 65:3a:c6:a4:32:c7:51:ec:c9:d5:94:40:48:0b:a2: ce:b1:cd:fc:1d:31:de:3c:e4:36:e9:20:ad:5a:15: bf:23:c2:ae:99:ca:3b:36:db:f4:50:73:ba:8c:c7: 2b:8f:1e:54:64:80:bd:e4:c1:6d:2a:c4:ad:50:7d: 69:19:c5:d0:f3:fa:9e:2c:f5:81:b1:24:f1:05:52: 31:6c:ba:2d:4f:25:f7:63:e3:c0:53:09:2c:7b:b1: 9e:fe:9c:91:86:50:8c:7b:ba:b3:84:4c:7d:be:0e: a4:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:C4:37:3B:02:23:2B:2B:DC:95:2A:A8:B2:FA:F8:00:B8:81:26:A9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/589cd174-ff9f-4468-b434-55095a24f148.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c020::/48 Signature Algorithm: sha256WithRSAEncryption 09:33:30:d5:21:57:b2:56:65:dd:64:ab:67:fb:f2:19:fe:b9: 42:2d:3f:af:b2:48:74:98:63:02:92:f8:89:80:ed:e0:95:73: e6:88:3c:bc:f0:17:f1:cc:35:01:1f:3c:08:f7:00:7a:80:50: 2c:d9:a5:66:4e:ca:2f:cb:ab:50:2c:60:f6:66:1d:87:a7:c9: 36:6d:fb:7b:5a:b6:2f:70:ec:44:b2:98:d8:23:eb:8f:d4:3b: f9:91:1d:67:56:b2:c2:3c:95:02:f4:c4:b6:b6:91:eb:37:8c: 45:2c:01:3e:43:1d:1a:3e:95:41:33:ad:cf:82:2d:5d:2d:b3: ee:fd:93:56:08:66:d6:80:df:ea:85:19:ff:81:2b:a3:12:ef: 6e:55:e2:c7:ec:9b:0f:6f:e1:75:3a:1b:2d:66:ec:20:cd:1b: 52:6b:44:11:59:be:7c:31:01:ac:fa:0f:b5:ff:55:9f:8e:85: a4:62:3e:a8:35:03:7f:02:b0:74:12:08:18:8e:5c:51:28:8d: f9:99:bb:c5:cc:ff:25:b5:47:ae:2d:de:ac:22:d2:08:4d:7f: 80:de:1e:1f:69:ec:6d:38:7b:b2:77:0a:e4:db:ed:49:f3:3a: 0e:7c:5b:29:e3:c4:4b:e0:64:99:0d:b6:e3:7f:28:f8:61:50: 8b:66:f5:e8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXEXx9EuHUlyXe5aqPMXIUtKWFMIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMDA1OVoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAYmJkZDhjMzMxN2FiYmUxZmRmN2Vl NjQ5Y2JmNjEzOGE2MDQ5YTNiYWU1NjVhMzNhZDdhZmRiY2MyYzc5OTI1ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HO8IbagRSTl5L6QUEgwduo3PIsx k1gZF2t/++LNp1HWdV6c8o54FqiVHTSYnbP+8rooHb9LXI6PcexIktWJaTMfUaxA APbh0X5O+C4qpDmsTDq3i/2h3UH+TNRqhOPAXdNzJrRt78L7hEakiMq6jcpbdN3S dpceVM2don+i4p7EErXftb+vMRHkRtiPX+VEZpujujhlOsakMsdR7MnVlEBIC6LO sc38HTHePOQ26SCtWhW/I8Kumco7Ntv0UHO6jMcrjx5UZIC95MFtKsStUH1pGcXQ 8/qeLPWBsSTxBVIxbLotTyX3Y+PAUwkse7Ge/pyRhlCMe7qzhEx9vg6k5wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFG7ENzsCIysr3JUqqLL6+AC4gSapMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU4OWNkMTc0LWZmOWYtNDQ2OC1iNDM0LTU1MDk1YTI0ZjE0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAMAgMA0GCSqGSIb3DQEBCwUAA4IBAQAJMzDVIVeyVmXdZKtn +/IZ/rlCLT+vskh0mGMCkviJgO3glXPmiDy88BfxzDUBHzwI9wB6gFAs2aVmTsov y6tQLGD2Zh2Hp8k2bft7WrYvcOxEspjYI+uP1Dv5kR1nVrLCPJUC9MS2tpHrN4xF LAE+Qx0aPpVBM63Pgi1dLbPu/ZNWCGbWgN/qhRn/gSujEu9uVeLH7JsPb+F1Ohst ZuwgzRtSa0QRWb58MQGs+g+1/1WfjoWkYj6oNQN/ArB0EggYjlxRKI35mbvFzP8l tUeuLd6sItIITX+A3h4faextOHuydwrk2+1J8zoOfFsp48RL4GSZDbbjfyj4YVCL ZvXo -----END CERTIFICATE-----Generated at Mon Jun 2 06:24:04 2025 by rpki-client