$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/65af76ae-2e31-461f-a446-486317b9c9de.roa File: 65af76ae-2e31-461f-a446-486317b9c9de.roa (raw, json) Hash identifier: Xaj3EGtj2lIoafBbIl8sne89a8ptJWrhAfSuPkfOGM4= Subject key identifier: FE:48:D5:09:8D:54:0C:93:E8:70:75:AA:03:6D:3E:6E:A5:B0:F1:B4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 539B6CD47BCCDB7A0E3516DA57456C0309BF8E08 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/65af76ae-2e31-461f-a446-486317b9c9de.roa Signing time: Fri 16 May 2025 00:21:39 +0000 ROA not before: Fri 16 May 2025 00:21:39 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:a0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:9b:6c:d4:7b:cc:db:7a:0e:35:16:da:57:45:6c:03:09:bf:8e:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:21:39 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=9559020cdb8234482643bad6e65e64fde8730a66b7ee809f46f668da8750efe6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:e1:67:f9:ba:da:60:dd:53:5b:d6:51:0c:30: 54:9d:bc:79:3d:56:73:c8:ce:a4:8e:b2:5e:39:6f: 39:62:34:cd:7f:1e:26:92:1e:04:05:42:53:76:65: cb:06:02:61:f0:3c:25:ff:21:fd:53:47:be:e0:be: b7:b3:f6:7e:d0:70:7b:ed:e8:d4:e8:80:56:e5:f3: 90:98:aa:d2:84:83:cc:21:6d:5d:51:ae:c5:aa:4e: 58:1d:57:bb:88:76:b5:25:9d:e4:cd:e6:a1:67:4e: 28:2a:be:09:9a:14:29:66:bb:e0:8e:ee:13:2a:ca: 63:15:88:48:f6:c8:e6:64:40:02:83:6d:eb:3d:6b: 15:3e:56:dc:27:09:0c:7b:52:f3:b0:87:c9:27:9c: 4e:26:67:e1:d2:8d:58:d6:34:0a:51:3c:ca:5e:b9: 98:26:60:4e:07:4c:ee:0a:de:be:fe:ea:4e:2b:e7: 65:5c:3c:71:ca:2b:9c:96:fd:3c:43:4a:e7:b3:ed: 01:c4:82:4a:5d:8c:80:67:68:6c:a1:49:31:16:c8: 2c:8e:32:d6:81:08:9c:b0:93:79:d1:1e:bd:e6:4a: 61:84:d9:5b:0f:d6:8c:7e:31:a7:ef:57:12:b1:e9: f2:10:6a:9c:ad:d9:61:c5:3a:52:b6:e2:46:e4:0b: 71:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:48:D5:09:8D:54:0C:93:E8:70:75:AA:03:6D:3E:6E:A5:B0:F1:B4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/65af76ae-2e31-461f-a446-486317b9c9de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:a0c0::/46 Signature Algorithm: sha256WithRSAEncryption a5:ea:fc:19:1b:d9:e3:7d:61:55:d4:2e:b6:de:93:46:0d:58: 32:ab:4d:19:dc:f9:f0:8c:74:35:2a:fe:e9:f2:c0:e7:ae:f9: 39:77:7a:7d:9d:bf:53:66:fd:46:87:7c:50:02:de:66:0b:a4: 21:e3:06:74:c6:fe:98:fb:c7:43:cb:f1:7c:5a:af:e4:6b:eb: 0e:4e:32:49:6e:2b:58:d9:e7:e9:55:f5:de:81:3a:94:80:15: 5a:aa:dd:f5:4f:16:8f:83:1a:9f:53:13:e2:8a:94:ac:a8:84: cd:a4:77:2f:3d:d5:59:90:c8:73:e8:8d:7c:e9:a8:f7:77:b4: af:5c:de:07:db:85:52:cf:b7:e4:af:40:08:04:3a:52:38:0f: 44:40:99:aa:6b:14:51:2b:e5:ee:c0:ca:21:d5:6d:ae:bc:69: e5:12:93:7b:ac:f1:9f:ba:d4:bc:73:c5:50:3e:b9:cf:96:38: d8:2a:0c:23:57:27:b7:a7:8c:1f:40:7e:44:4f:aa:cd:63:2a: ea:af:d8:ca:b7:2c:b7:41:71:e9:a8:4b:91:1f:1a:a7:f1:4e: 15:81:8f:b7:15:43:c0:85:99:cc:4c:0d:b7:c1:3c:7b:03:32: 23:0e:b9:fc:90:e5:da:98:a0:a0:01:b4:15:f4:91:fd:a6:bb: 8e:94:cb:02 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUU5ts1HvM23oONRbaV0VsAwm/jggwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMjEzOVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAOTU1OTAyMGNkYjgyMzQ0ODI2NDNi YWQ2ZTY1ZTY0ZmRlODczMGE2NmI3ZWU4MDlmNDZmNjY4ZGE4NzUwZWZlNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+Fn+braYN1TW9ZRDDBUnbx5PVZz yM6kjrJeOW85YjTNfx4mkh4EBUJTdmXLBgJh8Dwl/yH9U0e+4L63s/Z+0HB77ejU 6IBW5fOQmKrShIPMIW1dUa7Fqk5YHVe7iHa1JZ3kzeahZ04oKr4JmhQpZrvgju4T KspjFYhI9sjmZEACg23rPWsVPlbcJwkMe1LzsIfJJ5xOJmfh0o1Y1jQKUTzKXrmY JmBOB0zuCt6+/upOK+dlXDxxyiuclv08Q0rns+0BxIJKXYyAZ2hsoUkxFsgsjjLW gQicsJN50R695kphhNlbD9aMfjGn71cSsenyEGqcrdlhxTpStuJG5AtxHQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP5I1QmNVAyT6HB1qgNtPm6lsPG0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY1YWY3NmFlLTJlMzEtNDYxZi1hNDQ2LTQ4NjMxN2I5YzlkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaaDAMA0GCSqGSIb3DQEBCwUAA4IBAQCl6vwZG9njfWFV1C62 3pNGDVgyq00Z3PnwjHQ1Kv7p8sDnrvk5d3p9nb9TZv1Gh3xQAt5mC6Qh4wZ0xv6Y +8dDy/F8Wq/ka+sOTjJJbitY2efpVfXegTqUgBVaqt31TxaPgxqfUxPiipSsqITN pHcvPdVZkMhz6I186aj3d7SvXN4H24VSz7fkr0AIBDpSOA9EQJmqaxRRK+XuwMoh 1W2uvGnlEpN7rPGfutS8c8VQPrnPljjYKgwjVye3p4wfQH5ET6rNYyrqr9jKtyy3 QXHpqEuRHxqn8U4VgY+3FUPAhZnMTA23wTx7AzIjDrn8kOXamKCgAbQV9JH9pruO lMsC -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:37 2025 by rpki-client