$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/63206b2b-d620-415f-9dee-e3c63ab27be0.roa File: 63206b2b-d620-415f-9dee-e3c63ab27be0.roa (raw, json) Hash identifier: PcWUCAjV+OISdFyNw1XttFI4/d3tTjle4yRhrLW26hU= Subject key identifier: B9:3A:50:40:C3:B1:E3:6D:2B:2D:9B:C2:52:22:FB:D6:DD:92:8D:3F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68A178ACB26FE56AC692381D14B6070613AC6D08 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/63206b2b-d620-415f-9dee-e3c63ab27be0.roa Signing time: Mon 12 May 2025 15:01:31 +0000 ROA not before: Mon 12 May 2025 15:01:31 +0000 ROA not after: Mon 16 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:8000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:a1:78:ac:b2:6f:e5:6a:c6:92:38:1d:14:b6:07:06:13:ac:6d:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 15:01:31 2025 GMT Not After : Jun 16 23:59:59 2025 GMT Subject: serialNumber=8aecc43b9886a46eb2ee35fad2aa9c08c825297eeac93fe3ed26c658e6361f92, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:29:99:83:4d:c3:e5:c3:10:67:d1:2f:ff:d8: d8:25:e6:ba:15:36:09:28:2d:5b:68:8d:de:13:c2: 04:6b:e4:a3:3e:04:61:25:13:e2:b8:43:20:b0:43: 88:1c:5c:df:21:61:b6:68:ee:79:cb:bd:c0:17:27: 3b:dd:65:34:96:b8:d6:44:89:52:fe:56:78:52:b8: 29:6e:8a:a1:46:6a:bc:b3:55:61:0e:f0:d2:9d:39: bd:4a:a8:5e:f0:46:4d:2c:24:99:6a:e3:bf:30:4b: 17:37:bd:dc:14:6d:08:46:f3:94:05:34:d9:a9:d2: 34:0a:b5:f9:ca:35:00:d4:db:5d:f4:55:eb:62:45: 85:f5:f9:c9:e9:da:b2:6e:83:6d:54:6e:72:48:c0: d1:02:41:7e:35:43:f5:cc:2e:6c:3d:38:94:e4:de: 00:46:50:87:3a:08:f4:b1:e7:53:21:13:d4:a4:73: 65:fd:0b:fb:36:5a:54:f5:7f:3a:fb:b3:b5:92:44: 1d:6b:f6:8c:1c:5e:22:fc:3a:c6:0e:75:c0:6a:0f: 85:3e:8c:59:91:cc:0b:62:5f:f4:e7:76:86:08:9c: 8b:d2:d3:8f:d8:f9:0e:d2:cd:68:47:74:d9:6a:d8: ee:ef:82:af:d0:60:4c:56:01:30:b2:cb:0d:fa:6e: 76:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:3A:50:40:C3:B1:E3:6D:2B:2D:9B:C2:52:22:FB:D6:DD:92:8D:3F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/63206b2b-d620-415f-9dee-e3c63ab27be0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:8000::/48 Signature Algorithm: sha256WithRSAEncryption 01:90:d9:bb:6a:99:8d:26:d3:1f:e6:85:75:62:37:48:2f:e4: c0:ac:c3:57:59:da:ea:5b:b6:58:50:ab:ce:a4:ae:e4:09:8d: b9:58:49:88:a7:0f:19:d7:1c:b2:92:6c:0c:e5:69:15:1d:3b: 9c:a3:48:c2:23:3a:84:ff:26:f9:24:56:d3:21:dd:33:b2:ab: 29:aa:7c:4b:3c:3e:a1:d9:da:6c:8b:00:05:75:6f:c3:e7:f7: 44:a9:e6:09:5e:8b:0a:ed:aa:9d:13:93:4b:c7:8e:0b:37:00: 81:4c:d0:76:dc:5a:94:1f:15:00:2d:93:4d:9a:a8:05:80:86: 9e:fd:ed:e4:c4:73:ca:6c:82:ca:f9:6c:c4:3d:01:93:9b:c6: 4f:f2:12:a3:23:24:47:d5:24:ae:eb:b2:52:90:6d:7d:f2:b8: 07:61:2e:6f:3b:3c:ee:eb:56:03:dd:0a:3e:35:4a:46:b7:32: f5:bf:c5:51:8b:62:39:16:15:4d:09:c8:0e:a9:de:7e:79:d7: 44:a8:17:5d:e3:e9:f2:0c:c9:15:23:2a:58:59:94:8a:d0:a1: e7:ae:d3:86:32:f7:5e:7f:b6:9f:8e:5d:ed:1f:1d:74:e7:36: 9d:08:be:b0:80:a7:6c:35:96:ce:40:ee:2f:16:3d:64:56:9d: a8:3c:86:dd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaKF4rLJv5WrGkjgdFLYHBhOsbQgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MDEzMVoX DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAOGFlY2M0M2I5ODg2YTQ2ZWIyZWUz NWZhZDJhYTljMDhjODI1Mjk3ZWVhYzkzZmUzZWQyNmM2NThlNjM2MWY5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8imZg03D5cMQZ9Ev/9jYJea6FTYJ KC1baI3eE8IEa+SjPgRhJRPiuEMgsEOIHFzfIWG2aO55y73AFyc73WU0lrjWRIlS /lZ4UrgpboqhRmq8s1VhDvDSnTm9Sqhe8EZNLCSZauO/MEsXN73cFG0IRvOUBTTZ qdI0CrX5yjUA1Ntd9FXrYkWF9fnJ6dqyboNtVG5ySMDRAkF+NUP1zC5sPTiU5N4A RlCHOgj0sedTIRPUpHNl/Qv7NlpU9X86+7O1kkQda/aMHF4i/DrGDnXAag+FPoxZ kcwLYl/053aGCJyL0tOP2PkO0s1oR3TZatju74Kv0GBMVgEwsssN+m523wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLk6UEDDseNtKy2bwlIi+9bdko0/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYzMjA2YjJiLWQ2MjAtNDE1Zi05ZGVlLWUzYzYzYWIyN2JlMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9oAAMA0GCSqGSIb3DQEBCwUAA4IBAQABkNm7apmNJtMf5oV1 YjdIL+TArMNXWdrqW7ZYUKvOpK7kCY25WEmIpw8Z1xyykmwM5WkVHTuco0jCIzqE /yb5JFbTId0zsqspqnxLPD6h2dpsiwAFdW/D5/dEqeYJXosK7aqdE5NLx44LNwCB TNB23FqUHxUALZNNmqgFgIae/e3kxHPKbILK+WzEPQGTm8ZP8hKjIyRH1SSu67JS kG198rgHYS5vOzzu61YD3Qo+NUpGtzL1v8VRi2I5FhVNCcgOqd5+eddEqBdd4+ny DMkVIypYWZSK0KHnrtOGMvdef7afjl3tHx105zadCL6wgKdsNZbOQO4vFj1kVp2o PIbd -----END CERTIFICATE-----Generated at Tue Jun 3 23:19:30 2025 by rpki-client