$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa File: 5d316ef2-56e4-4581-990e-015883180353.roa (raw, json) Hash identifier: 60pN/7ITW4nhdlSWHvM83ickR1vVaplepjIUg/aFMsY= Subject key identifier: 61:7E:D0:6C:C2:BB:CB:DA:F2:EC:39:7E:53:9F:F9:F8:AB:43:3F:37 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 28D5229131109FA343C7C24A4BBA277ABE2D30F4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa Signing time: Thu 26 Jun 2025 20:09:33 +0000 ROA not before: Thu 26 Jun 2025 20:09:33 +0000 ROA not after: Thu 31 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:d5:22:91:31:10:9f:a3:43:c7:c2:4a:4b:ba:27:7a:be:2d:30:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 26 20:09:33 2025 GMT Not After : Jul 31 23:59:59 2025 GMT Subject: serialNumber=3a76c812f3b9d5f3b407fc2f3fece39a9fa204bf4d53d219a04423b4ea0940a1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:25:84:25:79:a8:e6:6d:4c:4e:2c:3f:13:2b: 2a:ab:01:13:b3:75:84:13:f5:4e:a7:36:9e:89:b0: 7b:45:da:f1:75:06:93:80:43:d2:8b:19:59:71:34: eb:2c:4c:dc:ee:64:19:dd:78:ff:29:65:33:30:1d: 8f:89:8c:2a:2b:40:95:94:68:11:e1:4a:93:39:c9: 24:8f:e4:01:1e:b5:cd:6e:3a:e5:5f:3b:36:4e:e0: 4d:a1:56:a4:07:21:cd:76:58:2c:af:ee:34:5c:62: 92:c3:86:c4:1f:8a:54:bd:78:bd:f0:37:88:24:56: 89:cc:9c:a7:94:2f:5f:b4:ef:82:89:45:22:47:80: c9:09:24:31:ee:22:ef:02:5f:99:fc:1d:dc:5b:b8: 77:1b:46:d9:8d:2a:c2:e7:8f:dc:13:ec:d6:0f:b7: 96:46:cc:bb:cc:19:00:31:00:72:e2:45:5d:65:fa: 88:49:e7:f1:0d:a5:4e:1b:07:09:00:0b:4c:91:90: 65:70:f0:f3:d3:ba:61:c4:94:61:f1:0c:9d:6e:a0: f6:c6:d2:98:9a:be:87:75:de:2b:24:cf:f2:bc:55: 35:b0:4f:6b:1e:e4:81:37:92:0b:2e:d0:90:60:85: 98:5d:da:06:0a:65:df:80:8b:da:a5:e3:a6:6b:67: ed:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:7E:D0:6C:C2:BB:CB:DA:F2:EC:39:7E:53:9F:F9:F8:AB:43:3F:37 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:4000::/40 Signature Algorithm: sha256WithRSAEncryption 3d:f3:b5:dc:8b:44:5d:64:e3:c8:7c:e2:34:1d:3e:c1:9c:b1: 5f:d9:c7:a8:21:6d:0f:34:58:b4:10:45:f6:3f:3e:ba:5f:64: 93:48:cf:e6:fb:a3:e0:05:61:7c:a0:c8:d1:36:39:a2:52:e2: 00:f7:78:69:d3:4e:3d:30:25:14:76:46:2f:a0:dc:3a:95:4b: 74:54:fe:9a:36:96:57:b9:8f:f3:7f:02:f5:ea:4e:48:02:84: bc:23:5c:73:08:76:2e:47:08:92:ff:ac:77:4f:af:05:7f:ff: 37:08:d3:13:8b:62:00:bd:81:ee:34:fa:ed:be:9c:35:0c:42: dc:5c:6c:0e:f5:75:5d:a5:4d:2e:3f:bb:63:a8:6a:81:d4:c9: a8:52:6f:8e:a7:1c:c5:86:08:e4:e9:8b:99:a9:ab:0e:c0:ff: 1e:1f:39:e6:1b:b2:02:fa:fb:67:3a:7c:7d:8b:90:ec:00:c2: 07:be:d3:e8:75:9d:15:03:13:81:93:1e:21:32:8d:45:e4:20: 8e:62:e6:7f:5d:d0:f2:25:9e:23:44:5f:35:f6:56:82:10:af: 1e:3f:e1:30:46:af:01:47:6d:1a:ba:cb:d3:c5:3c:eb:9b:5f: 00:51:4a:8c:a8:9b:89:02:a0:78:90:28:aa:56:c4:21:16:60: da:7a:a7:01 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKNUikTEQn6NDx8JKS7oner4tMPQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNjIwMDkzM1oX DTI1MDczMTIzNTk1OVowejFJMEcGA1UEBRNAM2E3NmM4MTJmM2I5ZDVmM2I0MDdm YzJmM2ZlY2UzOWE5ZmEyMDRiZjRkNTNkMjE5YTA0NDIzYjRlYTA5NDBhMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSWEJXmo5m1MTiw/EysqqwETs3WE E/VOpzaeibB7RdrxdQaTgEPSixlZcTTrLEzc7mQZ3Xj/KWUzMB2PiYwqK0CVlGgR 4UqTOckkj+QBHrXNbjrlXzs2TuBNoVakByHNdlgsr+40XGKSw4bEH4pUvXi98DeI JFaJzJynlC9ftO+CiUUiR4DJCSQx7iLvAl+Z/B3cW7h3G0bZjSrC54/cE+zWD7eW Rsy7zBkAMQBy4kVdZfqISefxDaVOGwcJAAtMkZBlcPDz07phxJRh8QydbqD2xtKY mr6Hdd4rJM/yvFU1sE9rHuSBN5ILLtCQYIWYXdoGCmXfgIvapeOma2ftHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGF+0GzCu8va8uw5flOf+firQz83MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVkMzE2ZWYyLTU2ZTQtNDU4MS05OTBlLTAxNTg4MzE4MDM1My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba80AwDQYJKoZIhvcNAQELBQADggEBAD3ztdyLRF1k48h84jQd PsGcsV/Zx6ghbQ80WLQQRfY/PrpfZJNIz+b7o+AFYXygyNE2OaJS4gD3eGnTTj0w JRR2Ri+g3DqVS3RU/po2lle5j/N/AvXqTkgChLwjXHMIdi5HCJL/rHdPrwV//zcI 0xOLYgC9ge40+u2+nDUMQtxcbA71dV2lTS4/u2OoaoHUyahSb46nHMWGCOTpi5mp qw7A/x4fOeYbsgL6+2c6fH2LkOwAwge+0+h1nRUDE4GTHiEyjUXkII5i5n9d0PIl niNEXzX2VoIQrx4/4TBGrwFHbRq6y9PFPOubXwBRSoyom4kCoHiQKKpWxCEWYNp6 pwE= -----END CERTIFICATE-----Generated at Tue Jul 1 01:16:17 2025 by rpki-client