$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6847be47-f4ca-4d44-9aa3-778c0a0660b3.roa File: 6847be47-f4ca-4d44-9aa3-778c0a0660b3.roa (raw, json) Hash identifier: /Nhzi1akfGXFdzT9oRqKkzyEHlmWsIGoEKCZIXeol7E= Subject key identifier: 20:37:3C:DC:DE:BF:8B:67:9B:C6:0D:46:05:AF:9F:44:56:8F:93:42 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 372EF0DA948B0A69C3F886D1254ED54E77703936 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6847be47-f4ca-4d44-9aa3-778c0a0660b3.roa Signing time: Wed 14 May 2025 00:00:14 +0000 ROA not before: Wed 14 May 2025 00:00:14 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:2e:f0:da:94:8b:0a:69:c3:f8:86:d1:25:4e:d5:4e:77:70:39:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:00:14 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=d622b15506321f637957082f41e939373cfef5215262db8984fb3e3892b33011, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:ec:bb:68:b6:2b:a9:d2:21:0b:82:49:2c:93: 47:63:94:ae:06:25:1e:d7:7f:db:b3:2e:b2:e3:cd: 6e:6c:0d:8b:66:f3:20:08:d7:9a:10:cb:51:13:46: 83:2f:86:5c:ac:61:3c:07:6c:c4:1f:08:9c:68:12: 15:ec:d2:c5:31:4f:6c:5a:b6:44:3f:30:20:2b:70: d1:cc:15:5d:e4:c7:1f:49:c2:c4:48:25:89:19:b2: 87:9d:f5:33:4a:94:cc:17:5d:4a:f2:14:d3:e2:94: ca:1b:e9:ab:be:e4:92:6a:c4:0a:11:b6:97:2d:0d: 6d:b6:df:77:b8:4b:4c:3a:86:1f:79:ae:ca:b2:04: 7b:6a:94:ec:dd:93:f9:4a:ae:ea:f2:e7:3b:c5:ff: 6a:a5:96:ee:79:70:56:cd:bc:c4:65:a1:9b:11:02: e1:b9:32:54:d1:6b:64:5a:bf:e4:15:c5:2e:db:17: da:ed:a6:19:ac:bf:d7:04:d3:1b:1d:88:bd:84:68: 57:cc:a9:96:df:ee:91:76:03:4b:c2:04:0e:48:78: ef:ac:fd:96:c4:14:e8:6c:95:c4:d0:5b:d5:00:dc: 59:fc:bf:eb:d4:fb:49:73:05:14:f7:fe:ac:4c:88: 11:70:a0:2d:c7:15:d8:4c:cd:d1:82:b7:76:51:a0: 8a:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:37:3C:DC:DE:BF:8B:67:9B:C6:0D:46:05:AF:9F:44:56:8F:93:42 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6847be47-f4ca-4d44-9aa3-778c0a0660b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:840::/48 Signature Algorithm: sha256WithRSAEncryption 80:d9:30:64:bd:c9:4e:5b:cc:40:ea:c2:b8:91:aa:3e:e5:9c: f3:de:33:62:68:6c:fa:e8:95:e8:ac:31:7c:1c:6a:48:c2:e4: e2:04:84:7e:9a:d8:6d:cc:27:d0:c0:cd:d2:df:e7:5c:9d:be: 52:73:2d:a1:ea:dd:07:0f:7d:36:28:e0:05:ef:e6:c4:35:01: 81:f5:d4:65:c8:ec:e8:d1:ad:b4:7f:e4:df:69:9f:0f:cc:82: b3:92:34:cc:a9:66:39:51:46:41:a6:40:f2:32:e1:4b:1d:9a: b6:29:df:63:19:d1:4d:36:4b:dc:96:d5:cf:72:71:08:bf:27: 7e:c4:16:36:fe:69:0b:83:d2:24:9d:52:8f:0b:ef:35:f8:a3: d9:36:f9:14:e8:96:59:f5:0b:6b:26:87:e5:72:4d:45:97:8d: 37:35:68:f8:17:bc:5e:e5:75:19:88:11:f3:71:ae:9a:d9:c3: e3:c0:19:05:e4:73:5b:fc:e8:86:9f:31:c6:aa:41:79:76:28: d1:aa:aa:28:5f:2d:c2:e0:3d:3a:54:59:3e:3b:cc:f2:b5:4a: d5:7c:56:cb:f3:8b:89:fc:d7:96:30:d5:32:bb:94:f7:e0:a4: b8:68:63:c6:95:ee:c9:7a:59:1d:93:1c:4d:d6:2e:f0:f6:bf: dd:a3:ef:9d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNy7w2pSLCmnD+IbRJU7VTndwOTYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMDAxNFoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAZDYyMmIxNTUwNjMyMWY2Mzc5NTcw ODJmNDFlOTM5MzczY2ZlZjUyMTUyNjJkYjg5ODRmYjNlMzg5MmIzMzAxMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+y7aLYrqdIhC4JJLJNHY5SuBiUe 13/bsy6y481ubA2LZvMgCNeaEMtRE0aDL4ZcrGE8B2zEHwicaBIV7NLFMU9sWrZE PzAgK3DRzBVd5McfScLESCWJGbKHnfUzSpTMF11K8hTT4pTKG+mrvuSSasQKEbaX LQ1ttt93uEtMOoYfea7KsgR7apTs3ZP5Sq7q8uc7xf9qpZbueXBWzbzEZaGbEQLh uTJU0WtkWr/kFcUu2xfa7aYZrL/XBNMbHYi9hGhXzKmW3+6RdgNLwgQOSHjvrP2W xBTobJXE0FvVANxZ/L/r1PtJcwUU9/6sTIgRcKAtxxXYTM3Rgrd2UaCKbQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCA3PNzev4tnm8YNRgWvn0RWj5NCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY4NDdiZTQ3LWY0Y2EtNGQ0NC05YWEzLTc3OGMwYTA2NjBiMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYQhAMA0GCSqGSIb3DQEBCwUAA4IBAQCA2TBkvclOW8xA6sK4 kao+5Zzz3jNiaGz66JXorDF8HGpIwuTiBIR+mthtzCfQwM3S3+dcnb5Scy2h6t0H D302KOAF7+bENQGB9dRlyOzo0a20f+TfaZ8PzIKzkjTMqWY5UUZBpkDyMuFLHZq2 Kd9jGdFNNkvcltXPcnEIvyd+xBY2/mkLg9IknVKPC+81+KPZNvkU6JZZ9QtrJofl ck1Fl403NWj4F7xe5XUZiBHzca6a2cPjwBkF5HNb/OiGnzHGqkF5dijRqqooXy3C 4D06VFk+O8zytUrVfFbL84uJ/NeWMNUyu5T34KS4aGPGle7JelkdkxxN1i7w9r/d o++d -----END CERTIFICATE-----Generated at Tue Jun 3 23:39:41 2025 by rpki-client