$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/699e1901-6701-4fae-ba1b-680131cc39df.roa File: 699e1901-6701-4fae-ba1b-680131cc39df.roa (raw, json) Hash identifier: TsFccCaKFTatwrulSUIVErLPmjHSwK72+ZouDK6PUN4= Subject key identifier: 81:39:BE:D5:95:17:3C:DD:D7:EA:A1:4E:5C:C9:AD:F4:B7:E7:A3:5E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 59ECEF3D461E280A6AE31AEED91290EF9DC3DC7A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/699e1901-6701-4fae-ba1b-680131cc39df.roa Signing time: Fri 16 May 2025 15:50:49 +0000 ROA not before: Fri 16 May 2025 15:50:49 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1b::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:ec:ef:3d:46:1e:28:0a:6a:e3:1a:ee:d9:12:90:ef:9d:c3:dc:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:50:49 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=a17a6af0d4f05d2466eb01869ea61696939085e8f0bd45db9014e9a4b359c1a0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:34:f4:49:5a:e4:38:8a:61:23:48:76:68:a2: 98:05:8b:f7:87:c8:5e:3d:e8:3a:73:b8:b8:9e:18: 69:4b:e7:0f:3a:c0:e0:a5:8b:04:b7:64:95:51:f0: 5f:4a:12:e1:b1:90:a7:c5:15:03:b0:7e:6e:0c:62: 85:4a:31:f2:c1:08:91:8c:11:a7:5d:f0:44:b5:01: eb:d3:f3:63:dd:a6:20:3e:cb:4a:c3:5d:47:d8:85: 3f:01:6c:e5:4b:0d:f7:d8:41:dc:f0:c4:d7:40:99: 29:2d:21:1c:9b:38:e3:ac:33:d9:12:bb:52:85:7d: 5b:5e:c5:62:dc:37:bb:e0:b1:64:a5:33:f9:48:09: ab:ff:7f:3e:54:d3:33:1d:98:20:de:59:aa:26:60: 1d:c7:1c:94:32:89:6b:0c:33:93:4e:26:b3:0d:bd: b2:fc:56:3b:87:ef:45:cd:76:05:ba:93:5b:da:7b: d3:12:d7:c9:78:8f:49:36:68:b7:8d:f5:06:9a:d0: bb:18:92:93:ec:41:1a:ee:94:d1:d9:ba:50:a1:d3: 0b:49:85:22:f6:70:bb:14:01:d8:b1:8e:ef:97:17: 91:bc:f2:70:26:2a:41:51:be:54:e4:bf:4f:d3:03: 5b:ec:10:cc:3b:dc:3b:69:db:27:3f:cc:69:60:78: ac:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:39:BE:D5:95:17:3C:DD:D7:EA:A1:4E:5C:C9:AD:F4:B7:E7:A3:5E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/699e1901-6701-4fae-ba1b-680131cc39df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1b::/38 Signature Algorithm: sha256WithRSAEncryption 51:70:6d:c7:3d:17:4d:19:52:31:ba:e8:65:57:ac:62:32:31: f2:74:be:37:48:e2:93:7e:74:8a:fe:ea:c1:25:5f:11:56:c7: 1e:4c:63:9f:88:2a:36:0e:80:32:82:16:32:ab:31:62:7a:0d: 83:82:32:9e:db:51:45:26:b6:ab:9f:98:3d:f1:f5:19:27:43: 7f:51:86:e6:34:de:4f:29:42:6c:46:6d:87:c8:dc:ce:c9:a0: b3:09:96:f8:40:0c:16:ab:1c:17:7f:f1:31:2a:23:ee:40:5c: e5:17:3a:72:ed:19:57:5c:c5:44:24:0e:c3:6b:2a:8c:d7:28: 61:4c:1b:0f:0e:59:bb:48:bb:d1:74:d3:f4:44:ee:55:97:97: 86:b3:57:8a:b5:42:5c:24:e9:87:3d:65:71:3b:38:c9:54:5c: 4e:97:35:00:33:78:7a:07:3b:39:45:02:fc:7f:64:4b:de:c9: 74:10:8b:63:a8:73:6f:aa:9b:9c:60:60:a5:ff:c0:6a:69:b8: bb:df:c2:4c:9b:4a:52:82:1d:3d:75:36:92:0c:c9:2c:23:50: f8:83:b9:42:1b:f4:52:c8:64:ac:a7:75:39:30:9b:57:aa:63: d2:63:6e:38:2d:d0:20:a1:d5:a7:5c:c6:60:bb:81:8e:a9:f9: 5c:ef:78:fd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWezvPUYeKApq4xru2RKQ753D3HowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1NTA0OVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYTE3YTZhZjBkNGYwNWQyNDY2ZWIw MTg2OWVhNjE2OTY5MzkwODVlOGYwYmQ0NWRiOTAxNGU5YTRiMzU5YzFhMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DT0SVrkOIphI0h2aKKYBYv3h8he Peg6c7i4nhhpS+cPOsDgpYsEt2SVUfBfShLhsZCnxRUDsH5uDGKFSjHywQiRjBGn XfBEtQHr0/Nj3aYgPstKw11H2IU/AWzlSw332EHc8MTXQJkpLSEcmzjjrDPZErtS hX1bXsVi3De74LFkpTP5SAmr/38+VNMzHZgg3lmqJmAdxxyUMolrDDOTTiazDb2y /FY7h+9FzXYFupNb2nvTEtfJeI9JNmi3jfUGmtC7GJKT7EEa7pTR2bpQodMLSYUi 9nC7FAHYsY7vlxeRvPJwJipBUb5U5L9P0wNb7BDMO9w7adsnP8xpYHisYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIE5vtWVFzzd1+qhTlzJrfS356NeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5OWUxOTAxLTY3MDEtNGZhZS1iYTFiLTY4MDEzMWNjMzlkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGwAwDQYJKoZIhvcNAQELBQADggEBAFFwbcc9F00ZUjG66GVX rGIyMfJ0vjdI4pN+dIr+6sElXxFWxx5MY5+IKjYOgDKCFjKrMWJ6DYOCMp7bUUUm tqufmD3x9RknQ39RhuY03k8pQmxGbYfI3M7JoLMJlvhADBarHBd/8TEqI+5AXOUX OnLtGVdcxUQkDsNrKozXKGFMGw8OWbtIu9F00/RE7lWXl4azV4q1Qlwk6Yc9ZXE7 OMlUXE6XNQAzeHoHOzlFAvx/ZEveyXQQi2Ooc2+qm5xgYKX/wGppuLvfwkybSlKC HT11NpIMySwjUPiDuUIb9FLIZKyndTkwm1eqY9Jjbjgt0CCh1adcxmC7gY6p+Vzv eP0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:45:05 2025 by rpki-client