$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/640f656b-d9be-4a61-baa0-b98d20cb0649.roa File: 640f656b-d9be-4a61-baa0-b98d20cb0649.roa (raw, json) Hash identifier: nalSMCs60ZxAXHHRdBpY+yHrhUZy4gfk+pPjFcT1Tbo= Subject key identifier: 29:69:A1:6D:3E:41:48:9E:8B:48:27:C4:DD:2B:1A:F2:C7:15:8E:DC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 422B8EFDD650FE53946AC623B2D1EDB572D34F09 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/640f656b-d9be-4a61-baa0-b98d20cb0649.roa Signing time: Fri 16 May 2025 00:31:41 +0000 ROA not before: Fri 16 May 2025 00:31:41 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:2b:8e:fd:d6:50:fe:53:94:6a:c6:23:b2:d1:ed:b5:72:d3:4f:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:31:41 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=09d6d162b8a70400b04ea5d2a8a1c38ca234d9c2badfe7b99f5514483a4e3854, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:79:ce:7e:eb:d9:4f:bc:c4:04:fe:b7:90:e4: 85:c6:69:0f:0d:f8:62:8d:78:e8:e6:0e:16:75:16: 9a:b0:41:e7:55:8f:00:3d:1f:f2:d5:db:b6:21:5b: 4e:5f:a5:80:a6:4e:86:fd:6c:b8:e8:d6:8e:15:a7: d2:3f:fb:fe:54:e9:74:f6:03:c0:89:22:c6:51:a8: cf:71:48:96:7d:1f:98:c1:b0:27:da:6d:c2:9d:1b: e5:09:be:4a:a4:4a:d9:46:ee:36:10:d6:61:23:f6: a2:04:c5:cc:9d:08:a4:eb:37:4c:fe:8a:b0:bd:0e: 82:4f:80:22:25:d0:02:08:f1:29:73:82:c2:35:70: 0c:8c:17:bd:91:2e:0d:9a:02:aa:29:9e:7d:13:ea: 5a:cf:ee:38:dd:fe:c0:f8:75:95:fe:54:10:bc:c5: c4:f7:c4:29:b8:23:cf:b7:90:c8:2d:b3:15:f0:eb: 56:0b:f1:db:47:9e:b3:01:f5:b8:50:da:08:cd:79: 58:0c:2a:86:16:b7:0c:44:ed:33:d5:2d:9f:82:94: 17:bb:3a:27:4d:9f:56:22:75:b5:e4:6a:07:4d:14: 3c:18:e6:1f:1e:ca:b0:52:f7:85:0e:f5:24:9b:95: 5c:45:dd:07:e3:1c:36:98:ed:09:7c:1d:ba:40:47: 00:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:69:A1:6D:3E:41:48:9E:8B:48:27:C4:DD:2B:1A:F2:C7:15:8E:DC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/640f656b-d9be-4a61-baa0-b98d20cb0649.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4000::/40 Signature Algorithm: sha256WithRSAEncryption 87:b2:87:0f:20:64:75:1a:d7:66:06:e2:a2:dd:ba:c5:33:a6: 56:45:30:17:6a:4a:c9:0a:d3:45:c2:ff:26:45:df:3f:22:47: d3:d8:a1:b9:ec:1e:01:55:a0:e6:ea:11:51:13:f1:d8:6c:da: 81:8c:44:43:59:90:bb:0a:6e:a2:e3:82:40:16:36:4f:1c:9a: bc:c4:aa:c7:60:04:b9:61:87:9d:e9:8d:b1:4a:86:ee:40:e4: 4a:6f:36:a0:9c:0c:72:be:c2:3e:36:ee:38:1f:ea:55:89:1e: 24:7d:87:2d:63:a8:7f:6f:0d:e4:51:f4:52:21:43:a7:07:5c: 22:c3:5f:5f:ca:d8:38:71:8e:b2:13:cb:f8:63:19:a5:5a:94: 77:e0:9e:74:fa:28:9b:38:fc:1e:87:1f:7b:ff:1f:cd:e0:48: 13:07:d9:a8:39:a8:17:25:97:c2:4c:1e:66:da:dd:3e:3e:8c: 9a:a3:bc:7d:5d:1f:3a:93:cd:d9:a5:82:a1:71:69:9e:89:43: 29:0d:2e:37:3f:51:da:95:34:3d:01:0a:87:6a:c4:be:1c:a1: 68:bc:14:a2:9d:ad:b2:1d:f4:4f:86:55:4c:63:93:cc:45:c1: 99:fb:04:17:7d:b5:6d:70:27:c5:6f:b0:cc:64:1e:51:26:d0: 0f:d8:d0:b8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQiuO/dZQ/lOUasYjstHttXLTTwkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMzE0MVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMDlkNmQxNjJiOGE3MDQwMGIwNGVh NWQyYThhMWMzOGNhMjM0ZDljMmJhZGZlN2I5OWY1NTE0NDgzYTRlMzg1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3nOfuvZT7zEBP63kOSFxmkPDfhi jXjo5g4WdRaasEHnVY8APR/y1du2IVtOX6WApk6G/Wy46NaOFafSP/v+VOl09gPA iSLGUajPcUiWfR+YwbAn2m3CnRvlCb5KpErZRu42ENZhI/aiBMXMnQik6zdM/oqw vQ6CT4AiJdACCPEpc4LCNXAMjBe9kS4NmgKqKZ59E+paz+443f7A+HWV/lQQvMXE 98QpuCPPt5DILbMV8OtWC/HbR56zAfW4UNoIzXlYDCqGFrcMRO0z1S2fgpQXuzon TZ9WInW15GoHTRQ8GOYfHsqwUveFDvUkm5VcRd0H4xw2mO0JfB26QEcAdwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFClpoW0+QUiei0gnxN0rGvLHFY7cMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY0MGY2NTZiLWQ5YmUtNGE2MS1iYWEwLWI5OGQyMGNiMDY0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOEAwDQYJKoZIhvcNAQELBQADggEBAIeyhw8gZHUa12YG4qLd usUzplZFMBdqSskK00XC/yZF3z8iR9PYobnsHgFVoObqEVET8dhs2oGMRENZkLsK bqLjgkAWNk8cmrzEqsdgBLlhh53pjbFKhu5A5EpvNqCcDHK+wj427jgf6lWJHiR9 hy1jqH9vDeRR9FIhQ6cHXCLDX1/K2DhxjrITy/hjGaValHfgnnT6KJs4/B6HH3v/ H83gSBMH2ag5qBcll8JMHmba3T4+jJqjvH1dHzqTzdmlgqFxaZ6JQykNLjc/UdqV ND0BCodqxL4coWi8FKKdrbId9E+GVUxjk8xFwZn7BBd9tW1wJ8VvsMxkHlEm0A/Y 0Lg= -----END CERTIFICATE-----Generated at Tue Jun 3 23:39:41 2025 by rpki-client