$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ab62013-18bf-4521-88c7-45d3708c7675.roa File: 6ab62013-18bf-4521-88c7-45d3708c7675.roa (raw, json) Hash identifier: SFXRvvHJOxh9eo1R22NuKpGC3jtWwLYdj9d3Zx0ePUk= Subject key identifier: 7E:59:A1:8B:06:29:5F:07:7D:5A:E1:24:DA:4E:DF:12:49:55:B1:FF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36D4F82309F2A804769975651A30B610BFC6E079 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ab62013-18bf-4521-88c7-45d3708c7675.roa Signing time: Tue 13 May 2025 00:11:06 +0000 ROA not before: Tue 13 May 2025 00:11:06 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:a0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:d4:f8:23:09:f2:a8:04:76:99:75:65:1a:30:b6:10:bf:c6:e0:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:11:06 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=14be2211953ceb6a61ab4e545bb8655e64ba802e7f507083f18faba4c90198d6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:01:18:17:81:a6:d4:0c:38:fa:2c:dd:4b:b4: 78:3e:04:78:c2:1c:de:b8:59:eb:12:bc:60:50:e5: 0c:30:6f:95:2b:b1:ba:7f:21:90:56:08:51:92:c8: c9:22:68:ee:9a:35:7c:55:19:89:ea:3a:1d:ef:e6: 7d:c7:60:8b:58:1e:5b:93:ea:c8:80:79:e5:2b:7a: ba:df:be:7f:dc:ab:3f:08:3e:0b:15:78:14:ce:95: d5:dc:08:80:ae:69:d8:05:2b:51:b8:d0:07:ae:92: 5a:f2:55:ac:ac:a4:3c:02:8d:9d:3d:ff:1b:a4:6d: da:63:a5:de:1d:d3:26:11:b7:7b:46:4e:20:7e:0a: 8b:58:66:d5:7b:70:dc:f3:60:71:e5:ee:87:3b:b8: 67:aa:34:53:2a:0a:53:f2:4e:6e:68:3f:c1:b2:f5: 7d:59:7c:24:b1:12:9c:0b:b4:e2:36:8d:b8:66:02: 2e:db:d4:c1:6d:ef:cc:a7:4b:17:d1:a3:12:02:3e: af:68:89:94:d5:d3:9d:1d:61:a7:48:25:a8:cc:e4: 43:b3:f0:19:58:b9:87:1f:27:f0:85:b5:51:e7:b9: 39:91:53:b8:75:e6:db:60:4a:ea:aa:3e:3f:03:0e: 5d:b1:09:91:f2:96:cb:9b:49:a0:96:7e:64:81:7a: 8d:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:59:A1:8B:06:29:5F:07:7D:5A:E1:24:DA:4E:DF:12:49:55:B1:FF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ab62013-18bf-4521-88c7-45d3708c7675.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:a0c0::/48 Signature Algorithm: sha256WithRSAEncryption c1:bc:d5:f0:36:0a:91:38:c1:f0:07:5b:fa:4e:7d:fd:e9:8e: 41:7c:35:85:da:e4:44:d7:45:8d:5d:1c:97:98:6c:95:f6:b0: 01:c9:01:10:3a:b5:c4:27:d3:7d:81:b6:ed:c3:a3:65:1b:f1: 0d:10:c0:38:ec:30:02:7d:db:e3:fd:c6:34:e2:d7:56:c3:e0: aa:bc:1d:f8:c2:fe:46:63:51:d1:66:4d:1a:cd:cb:e5:78:c0: da:74:96:7b:44:b9:1a:a0:2b:01:21:8e:7f:fc:2d:94:85:26: f5:37:71:f7:86:9d:14:58:2a:bb:53:68:75:0d:25:55:62:f6: d3:30:b0:fe:11:85:5e:3e:4c:4f:d3:10:ab:8d:55:82:0b:b4: a8:d0:46:a5:ee:f3:e2:9d:20:76:b1:12:38:5e:7c:84:24:df: 9b:ca:8d:4b:68:3b:44:71:5c:bb:80:dd:65:de:80:ba:cf:e9: d3:c0:8b:75:ee:85:17:f4:92:f0:3d:d0:57:46:14:99:60:84: 96:76:34:9b:bd:d8:be:af:f5:cb:6b:39:96:23:21:4b:e2:91: 10:ae:13:5b:19:c3:86:89:44:7e:fc:e0:a8:f4:b3:cf:a5:d8: 5f:b2:bc:d0:09:0e:88:c0:aa:8b:20:6b:c2:1c:49:39:4f:79: 5d:7e:2f:77 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNtT4IwnyqAR2mXVlGjC2EL/G4HkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMzAwMTEwNloX DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAMTRiZTIyMTE5NTNjZWI2YTYxYWI0 ZTU0NWJiODY1NWU2NGJhODAyZTdmNTA3MDgzZjE4ZmFiYTRjOTAxOThkNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wEYF4Gm1Aw4+izdS7R4PgR4whze uFnrErxgUOUMMG+VK7G6fyGQVghRksjJImjumjV8VRmJ6jod7+Z9x2CLWB5bk+rI gHnlK3q6375/3Ks/CD4LFXgUzpXV3AiArmnYBStRuNAHrpJa8lWsrKQ8Ao2dPf8b pG3aY6XeHdMmEbd7Rk4gfgqLWGbVe3Dc82Bx5e6HO7hnqjRTKgpT8k5uaD/BsvV9 WXwksRKcC7TiNo24ZgIu29TBbe/Mp0sX0aMSAj6vaImU1dOdHWGnSCWozORDs/AZ WLmHHyfwhbVR57k5kVO4debbYErqqj4/Aw5dsQmR8pbLm0mgln5kgXqN3wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFH5ZoYsGKV8HfVrhJNpO3xJJVbH/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZhYjYyMDEzLTE4YmYtNDUyMS04OGM3LTQ1ZDM3MDhjNzY3NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8qDAMA0GCSqGSIb3DQEBCwUAA4IBAQDBvNXwNgqROMHwB1v6 Tn396Y5BfDWF2uRE10WNXRyXmGyV9rAByQEQOrXEJ9N9gbbtw6NlG/ENEMA47DAC fdvj/cY04tdWw+CqvB34wv5GY1HRZk0azcvleMDadJZ7RLkaoCsBIY5//C2UhSb1 N3H3hp0UWCq7U2h1DSVVYvbTMLD+EYVePkxP0xCrjVWCC7So0Eal7vPinSB2sRI4 XnyEJN+byo1LaDtEcVy7gN1l3oC6z+nTwIt17oUX9JLwPdBXRhSZYISWdjSbvdi+ r/XLazmWIyFL4pEQrhNbGcOGiUR+/OCo9LPPpdhfsrzQCQ6IwKqLIGvCHEk5T3ld fi93 -----END CERTIFICATE-----Generated at Mon Jun 2 06:28:02 2025 by rpki-client