$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa File: 64aa810d-cc7f-45fe-b794-d290c3a511c5.roa (raw, json) Hash identifier: 0zc3JyntMlKaa7NJBQyC8d8tWCNHpHKn6Jb308PDqcY= Subject key identifier: BC:1B:E8:B6:47:E7:84:55:61:AF:E7:54:57:9B:C9:02:C3:61:58:72 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2D64597A1F06F4368EB1E6D5F354753261DB36A8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa Signing time: Tue 10 Jun 2025 15:21:07 +0000 ROA not before: Tue 10 Jun 2025 15:21:07 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:64:59:7a:1f:06:f4:36:8e:b1:e6:d5:f3:54:75:32:61:db:36:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:21:07 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=4d9a705eea35c062976d014aa42680934d40054dbb2f4cad93a68bcbb4d3f8c4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:23:4d:57:84:3b:44:0b:67:d5:b1:e3:b1:6a: 0d:24:8b:c0:bd:45:58:7d:7f:a7:34:05:65:38:c5: cb:59:e3:15:1d:c1:02:e2:a7:e9:3a:62:38:36:28: 01:32:df:e3:3f:e3:b1:18:e4:69:49:ba:47:65:3c: 91:08:79:5d:8c:1d:33:5b:c1:63:b6:69:be:83:d2: 18:ff:db:93:ed:d6:1a:c6:3a:e3:c4:dd:49:37:25: 85:08:1e:ad:88:5d:4f:17:01:7b:2e:dd:6e:28:6e: 08:d0:3a:79:0d:ba:6d:72:2b:63:20:f5:d4:59:58: 48:41:54:6a:92:b7:73:c7:5b:3e:20:ba:e1:3e:65: d3:5d:c9:b0:35:26:b8:67:e8:1f:be:ae:3c:2b:27: d8:0f:6a:fa:7f:1c:b8:66:4b:99:8b:98:cd:53:15: 39:bd:93:ea:14:51:8d:c3:93:70:9d:fe:75:1f:12: 13:3b:e9:74:3e:42:ac:ef:dc:74:35:2c:e5:a1:a4: 5f:0b:69:43:32:b6:5e:9d:67:33:d4:c8:8e:41:4b: e1:d8:ae:9a:8d:70:0d:fa:e6:c6:81:b8:c7:71:19: e0:7f:7d:7c:2f:20:6d:09:6f:67:a5:82:c4:fb:94: c9:3a:f5:2f:d5:a0:bc:d4:d2:1f:85:1b:b7:38:32: 42:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:1B:E8:B6:47:E7:84:55:61:AF:E7:54:57:9B:C9:02:C3:61:58:72 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:e000::/40 Signature Algorithm: sha256WithRSAEncryption 88:61:6e:6e:56:af:52:52:71:37:4f:ed:8c:47:fa:bd:e8:db: dd:5a:bf:3a:2b:48:53:5f:04:1c:1d:4b:da:8b:4a:00:81:59: fb:67:48:f4:e7:90:de:27:06:e7:e3:f9:ae:8d:8d:40:13:8d: 95:35:cb:9a:35:55:c4:87:89:01:9b:92:75:aa:39:8b:e6:cf: 2e:64:9c:2b:d1:99:b5:9e:72:c0:7a:3c:60:03:1d:0a:1f:47: 8a:b3:28:28:64:ae:e3:62:71:fb:a8:4b:86:66:e8:88:5d:1d: e5:07:f3:f8:b7:54:c2:e9:ec:86:80:1a:67:67:02:78:1e:d5: 12:66:9c:4e:c5:2a:35:fa:4a:ae:a4:89:72:50:df:44:83:18: ee:45:5a:d6:06:93:6a:eb:3e:b3:d9:f4:d4:9d:58:65:ec:6d: a7:01:ce:24:68:0f:19:32:f8:63:51:32:9c:6b:8e:93:5b:a6: 4b:b4:2a:2f:eb:ac:1f:72:97:8e:ae:f3:d2:d7:e4:35:b7:12: ff:4a:b6:02:18:b0:f8:08:45:66:d4:8e:c8:89:36:6a:c2:58: a1:1e:48:62:d5:1b:d0:e1:b9:7d:21:37:dc:1d:da:d7:03:1e: d5:03:71:f3:16:cd:25:3d:db:f5:58:81:5f:6b:4a:ba:22:7a: 35:7a:8e:55 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULWRZeh8G9DaOsebV81R1MmHbNqgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MjEwN1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANGQ5YTcwNWVlYTM1YzA2Mjk3NmQw MTRhYTQyNjgwOTM0ZDQwMDU0ZGJiMmY0Y2FkOTNhNjhiY2JiNGQzZjhjNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CNNV4Q7RAtn1bHjsWoNJIvAvUVY fX+nNAVlOMXLWeMVHcEC4qfpOmI4NigBMt/jP+OxGORpSbpHZTyRCHldjB0zW8Fj tmm+g9IY/9uT7dYaxjrjxN1JNyWFCB6tiF1PFwF7Lt1uKG4I0Dp5DbptcitjIPXU WVhIQVRqkrdzx1s+ILrhPmXTXcmwNSa4Z+gfvq48KyfYD2r6fxy4ZkuZi5jNUxU5 vZPqFFGNw5Nwnf51HxITO+l0PkKs79x0NSzloaRfC2lDMrZenWcz1MiOQUvh2K6a jXAN+ubGgbjHcRngf318LyBtCW9npYLE+5TJOvUv1aC81NIfhRu3ODJCGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLwb6LZH54RVYa/nVFebyQLDYVhyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY0YWE4MTBkLWNjN2YtNDVmZS1iNzk0LWQyOTBjM2E1MTFjNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8eAwDQYJKoZIhvcNAQELBQADggEBAIhhbm5Wr1JScTdP7YxH +r3o291avzorSFNfBBwdS9qLSgCBWftnSPTnkN4nBufj+a6NjUATjZU1y5o1VcSH iQGbknWqOYvmzy5knCvRmbWecsB6PGADHQofR4qzKChkruNicfuoS4Zm6IhdHeUH 8/i3VMLp7IaAGmdnAnge1RJmnE7FKjX6Sq6kiXJQ30SDGO5FWtYGk2rrPrPZ9NSd WGXsbacBziRoDxky+GNRMpxrjpNbpku0Ki/rrB9yl46u89LX5DW3Ev9KtgIYsPgI RWbUjsiJNmrCWKEeSGLVG9DhuX0hN9wd2tcDHtUDcfMWzSU92/VYgV9rSroiejV6 jlU= -----END CERTIFICATE-----Generated at Mon Jun 30 19:43:25 2025 by rpki-client