$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa File: 5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa (raw, json) Hash identifier: yerw3b7z7Gz6YKN/KVTKaCy376xikyjJ+jSuCsZgerY= Subject key identifier: B1:0B:F7:09:A2:95:36:DA:FE:2E:8C:DB:9A:21:4F:00:D8:A2:5F:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36A7E026BA0F64B1A269FA7B6CC72AE41B8C442C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa Signing time: Fri 16 May 2025 00:40:15 +0000 ROA not before: Fri 16 May 2025 00:40:15 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:60c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:a7:e0:26:ba:0f:64:b1:a2:69:fa:7b:6c:c7:2a:e4:1b:8c:44:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:40:15 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=c5fdd5ba7c12e42d25295471aaf941fe66e4b1078b5319ea2fce8b2c66b99881, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:4e:7b:af:29:df:1d:a4:e4:90:15:a7:f2:1e: 2c:f0:98:f5:98:a5:02:f2:fd:b6:d7:2f:ea:99:ac: e6:7a:cc:c6:7c:02:68:3e:0a:21:35:55:de:a5:7f: 6d:da:9b:c9:da:11:fd:ae:64:74:d0:4d:e4:eb:92: 8b:65:8e:34:73:40:6d:d9:cd:59:08:77:d2:e4:34: f0:32:35:57:ae:17:e0:b9:9e:c6:b9:f1:d5:c1:8d: 48:27:23:35:f0:97:55:95:68:2c:42:94:fb:58:8b: 47:fa:db:67:b2:a8:e3:81:0c:50:1c:b4:28:20:d6: 3f:e7:2d:91:bf:87:31:59:36:ff:12:56:48:60:64: 33:05:56:d4:9d:d6:45:5e:90:43:c2:e6:ed:27:d2: 96:0a:56:cf:d0:98:df:64:33:02:f3:5f:1c:0a:53: b6:96:c4:02:c4:45:03:c9:a7:b8:0d:5c:ba:0b:f6: 3b:ce:6a:b9:9c:83:a4:52:71:f8:3d:3d:30:ee:b8: 45:d0:2f:e1:c7:46:76:aa:05:8e:22:c6:9d:d4:ba: 05:51:56:93:b1:a0:78:72:55:28:fa:2c:20:3a:07: 42:2c:cb:6f:c3:cd:5e:99:d2:b9:9f:32:2d:8e:30: 2d:0e:63:fa:10:4b:65:c7:d9:dd:f0:c8:54:13:55: 98:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:0B:F7:09:A2:95:36:DA:FE:2E:8C:DB:9A:21:4F:00:D8:A2:5F:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:60c0::/46 Signature Algorithm: sha256WithRSAEncryption 4f:50:a3:f5:de:6e:18:c9:0a:8d:2b:49:dd:1e:7e:2e:6a:2c: 4c:c3:11:a0:7d:4a:71:e6:41:9e:c3:12:7b:17:fd:e4:b9:e1: f6:19:f3:35:20:c6:0b:38:b9:13:77:c6:35:80:48:03:8f:81: 10:99:fe:76:71:c3:98:0a:59:05:df:5e:b4:e0:03:af:a1:4c: d6:14:b5:cb:fd:ae:32:2c:47:7f:da:0f:b1:de:07:a8:aa:5c: 8d:bb:5c:32:1e:0a:d2:c7:bc:56:7e:d4:dc:d5:a5:0d:61:db: 9d:ad:d9:5c:42:93:e5:88:86:e4:e5:4e:00:aa:62:18:62:90: 0b:70:b3:d3:1c:49:50:77:14:6a:4c:69:23:b1:e7:9a:e9:92: d4:3d:8d:5b:c3:e6:48:33:00:59:21:6c:13:8f:f6:d2:5d:c3: d0:c7:41:b0:5c:a1:b4:59:3b:93:11:5b:0d:05:06:6b:1e:06: 5e:ad:cd:37:c3:c5:8a:52:0b:7f:ca:d5:cb:c9:59:d0:6a:a8: 6b:b5:14:12:cc:87:8d:25:fd:0d:b0:5c:55:1e:60:b3:9f:f9: b7:2b:c3:ea:aa:ef:f8:f6:21:be:a9:b4:8f:65:92:dc:7d:54: b9:19:86:64:73:48:de:5b:24:25:bb:d0:41:7d:b4:61:26:70: c9:4b:89:45 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNqfgJroPZLGiafp7bMcq5BuMRCwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNDAxNVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYzVmZGQ1YmE3YzEyZTQyZDI1Mjk1 NDcxYWFmOTQxZmU2NmU0YjEwNzhiNTMxOWVhMmZjZThiMmM2NmI5OTg4MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk57rynfHaTkkBWn8h4s8Jj1mKUC 8v221y/qmazmeszGfAJoPgohNVXepX9t2pvJ2hH9rmR00E3k65KLZY40c0Bt2c1Z CHfS5DTwMjVXrhfguZ7GufHVwY1IJyM18JdVlWgsQpT7WItH+ttnsqjjgQxQHLQo INY/5y2Rv4cxWTb/ElZIYGQzBVbUndZFXpBDwubtJ9KWClbP0JjfZDMC818cClO2 lsQCxEUDyae4DVy6C/Y7zmq5nIOkUnH4PT0w7rhF0C/hx0Z2qgWOIsad1LoFUVaT saB4clUo+iwgOgdCLMtvw81emdK5nzItjjAtDmP6EEtlx9nd8MhUE1WYGwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLEL9wmilTba/i6M25ohTwDYol9TMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVhYzc2Y2NiLTRmNTctNDE4NS1hZDJmLTA1YmYzMzhiYTM1ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaWDAMA0GCSqGSIb3DQEBCwUAA4IBAQBPUKP13m4YyQqNK0nd Hn4uaixMwxGgfUpx5kGewxJ7F/3kueH2GfM1IMYLOLkTd8Y1gEgDj4EQmf52ccOY ClkF31604AOvoUzWFLXL/a4yLEd/2g+x3geoqlyNu1wyHgrSx7xWftTc1aUNYdud rdlcQpPliIbk5U4AqmIYYpALcLPTHElQdxRqTGkjseea6ZLUPY1bw+ZIMwBZIWwT j/bSXcPQx0GwXKG0WTuTEVsNBQZrHgZerc03w8WKUgt/ytXLyVnQaqhrtRQSzIeN Jf0NsFxVHmCzn/m3K8Pqqu/49iG+qbSPZZLcfVS5GYZkc0jeWyQlu9BBfbRhJnDJ S4lF -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:28 2025 by rpki-client