$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa File: 5e2e2a48-a4b5-497a-978d-68330e53db91.roa (raw, json) Hash identifier: Wi0rqByhjZqOOoAdV8b3zFqgzBm/oKWsp8arIP8IHVQ= Subject key identifier: 3E:49:B6:C8:B8:05:FF:5F:55:FA:25:A0:83:B6:77:79:E5:E3:C7:41 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3BC7AFD9B4CE90F94C121F47733D00E70C6FC106 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa Signing time: Fri 23 May 2025 00:00:06 +0000 ROA not before: Fri 23 May 2025 00:00:06 +0000 ROA not after: Fri 27 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:c7:af:d9:b4:ce:90:f9:4c:12:1f:47:73:3d:00:e7:0c:6f:c1:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 23 00:00:06 2025 GMT Not After : Jun 27 23:59:59 2025 GMT Subject: serialNumber=6cefd9f268bfc5a1520b92010d674c62dd42caaa2a970af0c49beac6dbe075c4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:d8:73:25:f6:dc:59:6e:3a:2f:31:34:2e:5d: dc:0f:4c:59:e4:ed:1a:6c:df:71:6e:3b:55:0a:fb: fc:1d:01:c9:d0:34:6e:d4:2c:43:9c:41:64:66:44: 8e:db:c2:80:9f:cd:09:eb:53:d6:3a:25:f2:f9:b4: d8:8a:32:3e:6f:2b:0d:b9:ea:2f:6d:00:37:b1:8e: a6:a3:82:1c:1d:fd:7d:45:81:ad:a1:92:bb:3c:4a: 07:37:19:04:de:1d:9a:30:77:37:5c:ae:cc:3b:de: 06:af:ad:cd:84:f4:02:8f:dc:c7:18:6c:70:cc:a6: ef:03:d4:19:48:6d:a1:6e:54:31:65:df:47:e8:02: 9d:fb:53:60:b1:af:be:f7:ed:22:a0:47:96:42:39: 79:19:7a:d8:d7:e7:31:1b:f4:15:5d:07:85:8f:ae: b7:e5:7f:8e:86:ce:ff:6e:e9:04:3b:9c:c9:d3:c1: 4c:be:71:07:17:cb:85:88:2d:ec:36:c7:01:7b:a4: dc:b8:d7:06:30:35:1f:51:ad:ff:2a:76:80:74:b3: ce:3b:14:71:35:ae:ac:3d:88:15:3a:b6:20:8f:bd: 58:a7:d9:0d:b0:f0:8b:e3:a2:3c:ef:47:07:62:4c: d9:17:76:5d:c4:c5:fd:0b:ba:4d:fa:c9:6a:12:06: d4:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:49:B6:C8:B8:05:FF:5F:55:FA:25:A0:83:B6:77:79:E5:E3:C7:41 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:f000::/40 Signature Algorithm: sha256WithRSAEncryption 0b:bd:04:56:b0:4d:92:4d:a2:8c:97:c7:40:3e:e4:33:37:e3: 70:3f:3a:19:ea:71:57:75:25:bd:dd:f1:45:12:02:28:96:f1: a9:a0:d1:61:93:f3:dc:6f:70:2c:14:fe:55:77:0d:a6:f9:c4: 56:30:46:27:cb:0b:1e:4b:1c:75:6a:e0:01:58:95:e7:88:1e: 6d:6c:02:6b:43:4d:10:ef:0b:fc:6c:b9:5d:6c:d7:52:2d:6b: 8e:57:25:25:89:f1:86:f5:8c:84:51:62:56:74:53:7c:e2:c1: 36:02:88:bb:1c:f0:f1:52:14:1e:f2:8d:95:7d:4a:d1:b1:f1: ce:f1:f8:1f:e7:a7:70:86:f0:4b:df:33:1e:b0:29:78:8f:4e: f3:ab:dd:07:a5:fa:80:51:05:32:24:a2:40:56:43:f3:8a:3b: 2f:3b:a9:9e:a8:8a:06:2c:e7:61:7a:7f:a1:79:ce:3b:19:d6: c6:a4:13:a5:04:7d:13:92:c9:2c:a6:ee:53:9b:e8:5e:3b:d7: 1e:49:72:7a:59:e9:ca:3e:f3:9c:b2:6a:b4:ec:ff:f4:97:18: a7:b2:88:52:0f:42:0a:82:b1:56:2e:58:de:94:d6:3c:18:b1: 57:9e:ac:d9:c3:20:a0:d7:9c:f5:a7:f3:ed:cb:63:9f:ca:ee: 5c:0f:69:9b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUO8ev2bTOkPlMEh9Hcz0A5wxvwQYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMzAwMDAwNloX DTI1MDYyNzIzNTk1OVowejFJMEcGA1UEBRNANmNlZmQ5ZjI2OGJmYzVhMTUyMGI5 MjAxMGQ2NzRjNjJkZDQyY2FhYTJhOTcwYWYwYzQ5YmVhYzZkYmUwNzVjNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9hzJfbcWW46LzE0Ll3cD0xZ5O0a bN9xbjtVCvv8HQHJ0DRu1CxDnEFkZkSO28KAn80J61PWOiXy+bTYijI+bysNueov bQA3sY6mo4IcHf19RYGtoZK7PEoHNxkE3h2aMHc3XK7MO94Gr63NhPQCj9zHGGxw zKbvA9QZSG2hblQxZd9H6AKd+1Ngsa++9+0ioEeWQjl5GXrY1+cxG/QVXQeFj663 5X+Ohs7/bukEO5zJ08FMvnEHF8uFiC3sNscBe6TcuNcGMDUfUa3/KnaAdLPOOxRx Na6sPYgVOrYgj71Yp9kNsPCL46I870cHYkzZF3ZdxMX9C7pN+slqEgbUrwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD5Jtsi4Bf9fVfoloIO2d3nl48dBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVlMmUyYTQ4LWE0YjUtNDk3YS05NzhkLTY4MzMwZTUzZGI5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7/AwDQYJKoZIhvcNAQELBQADggEBAAu9BFawTZJNooyXx0A+ 5DM343A/OhnqcVd1Jb3d8UUSAiiW8amg0WGT89xvcCwU/lV3Dab5xFYwRifLCx5L HHVq4AFYleeIHm1sAmtDTRDvC/xsuV1s11Ita45XJSWJ8Yb1jIRRYlZ0U3ziwTYC iLsc8PFSFB7yjZV9StGx8c7x+B/np3CG8EvfMx6wKXiPTvOr3Qel+oBRBTIkokBW Q/OKOy87qZ6oigYs52F6f6F5zjsZ1sakE6UEfROSySym7lOb6F471x5JcnpZ6co+ 85yyarTs//SXGKeyiFIPQgqCsVYuWN6U1jwYsVeerNnDIKDXnPWn8+3LY5/K7lwP aZs= -----END CERTIFICATE-----Generated at Mon Jun 2 06:15:56 2025 by rpki-client