$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa File: 6de13c1e-8034-41b3-90e3-760249997c22.roa (raw, json) Hash identifier: fcj4buFOGgNfQrDBMIqv8Pb9YYPqWyjn1jiETH0YGd0= Subject key identifier: 22:75:A8:B3:3D:77:22:2A:46:55:0B:30:E2:4D:78:B5:4D:E0:AD:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 438E8FF562A988C47BAF94151D60487EA2F4776D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa Signing time: Sat 31 May 2025 00:00:25 +0000 ROA not before: Sat 31 May 2025 00:00:25 +0000 ROA not after: Sat 05 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:8e:8f:f5:62:a9:88:c4:7b:af:94:15:1d:60:48:7e:a2:f4:77:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:00:25 2025 GMT Not After : Jul 5 23:59:59 2025 GMT Subject: serialNumber=77850780ce318c4bc67cfb959a5f6d2cbca8b9bf1d80a53d2704aa492403686a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:82:8a:49:ae:9b:97:00:9a:a9:3f:69:af:5e: cf:b2:93:10:16:4e:6c:c1:8e:35:13:5a:c9:08:9b: 2f:84:a5:6d:bb:43:ab:6a:b1:8b:85:23:45:5a:1a: ba:a5:42:dd:b7:b4:56:1e:4d:2f:31:cc:49:6b:f5: 9b:a3:8f:9c:76:6c:5c:00:9e:6a:b4:62:ee:25:3e: fc:d2:e5:ae:f1:ee:32:43:da:c2:28:d2:51:81:f3: 4a:20:5a:4d:86:e9:97:ff:33:86:70:8f:0e:04:0b: a7:e8:4f:fe:f5:17:be:0f:fe:2c:c5:95:73:b2:4d: 7e:e3:c0:c1:95:9a:4c:8f:28:60:a8:b9:0e:2d:be: dc:96:b7:a8:d0:e6:a6:88:0b:45:ac:84:03:cd:71: 85:da:58:cc:11:69:56:14:e2:35:7c:0d:2e:a0:07: 18:aa:45:42:7f:5f:a5:2e:c1:ec:0e:7b:49:b0:cd: 58:75:7a:99:a8:41:79:38:a8:fc:7f:37:89:5a:ba: 56:77:0b:ac:11:26:5b:81:a4:03:87:9d:59:38:7e: e8:35:ff:13:0a:c8:54:38:f3:05:d0:85:1f:c6:bc: 54:4f:4a:42:6c:6b:48:04:53:4b:61:e8:5e:f0:02: 87:ea:c9:3e:5b:28:5b:54:a8:c8:8b:dc:1b:a3:20: 92:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:75:A8:B3:3D:77:22:2A:46:55:0B:30:E2:4D:78:B5:4D:E0:AD:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:8800::/40 Signature Algorithm: sha256WithRSAEncryption 9a:b7:0b:a6:e5:7c:bb:f8:d7:29:7f:65:85:8a:b6:02:6c:97: 1a:37:30:f2:95:aa:c8:c3:56:47:39:d9:c1:e0:5b:53:74:3d: 13:5e:a0:ca:98:18:cc:98:6e:48:52:98:60:5c:36:43:57:13: 77:aa:b2:80:0c:5b:6f:04:24:02:2f:f6:26:c4:7b:21:7f:d9: f0:ec:0a:8a:df:fb:78:e7:5b:5a:85:aa:a1:8e:44:b5:46:25: e1:3c:53:d0:27:53:f0:1c:66:c5:fb:20:42:6d:f3:34:5b:ac: c0:15:1a:46:81:38:0c:4d:46:57:f4:74:fd:d5:07:b4:e4:08: ee:be:e1:e4:18:fb:6c:34:f5:b8:34:1f:d1:55:40:71:0a:66: 0d:3a:82:ef:9c:86:af:3a:4e:25:d0:46:81:a4:68:27:d8:a6: a8:70:ec:02:af:3f:d4:6b:50:26:cc:5d:e3:5a:a8:8b:8b:b9: 75:70:1a:10:10:d2:ba:a5:81:22:82:0c:bf:fa:b2:23:d7:24: cf:a4:31:17:43:1b:18:8e:53:15:24:8c:69:ee:c8:ca:b0:93: 4f:d4:46:dc:b1:2f:48:22:d4:1c:66:38:ee:16:a8:a6:75:70: d4:0f:0c:c9:77:f2:cf:75:9e:03:d6:28:0b:a4:27:8a:a2:e3: 2f:e7:04:d5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ46P9WKpiMR7r5QVHWBIfqL0d20wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUzMTAwMDAyNVoX DTI1MDcwNTIzNTk1OVowejFJMEcGA1UEBRNANzc4NTA3ODBjZTMxOGM0YmM2N2Nm Yjk1OWE1ZjZkMmNiY2E4YjliZjFkODBhNTNkMjcwNGFhNDkyNDAzNjg2YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYKKSa6blwCaqT9pr17PspMQFk5s wY41E1rJCJsvhKVtu0OrarGLhSNFWhq6pULdt7RWHk0vMcxJa/Wbo4+cdmxcAJ5q tGLuJT780uWu8e4yQ9rCKNJRgfNKIFpNhumX/zOGcI8OBAun6E/+9Re+D/4sxZVz sk1+48DBlZpMjyhgqLkOLb7clreo0OamiAtFrIQDzXGF2ljMEWlWFOI1fA0uoAcY qkVCf1+lLsHsDntJsM1YdXqZqEF5OKj8fzeJWrpWdwusESZbgaQDh51ZOH7oNf8T CshUOPMF0IUfxrxUT0pCbGtIBFNLYehe8AKH6sk+WyhbVKjIi9wboyCStQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCJ1qLM9dyIqRlULMOJNeLVN4K3IMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZkZTEzYzFlLTgwMzQtNDFiMy05MGUzLTc2MDI0OTk5N2MyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/ogwDQYJKoZIhvcNAQELBQADggEBAJq3C6blfLv41yl/ZYWK tgJslxo3MPKVqsjDVkc52cHgW1N0PRNeoMqYGMyYbkhSmGBcNkNXE3eqsoAMW28E JAIv9ibEeyF/2fDsCorf+3jnW1qFqqGORLVGJeE8U9AnU/AcZsX7IEJt8zRbrMAV GkaBOAxNRlf0dP3VB7TkCO6+4eQY+2w09bg0H9FVQHEKZg06gu+chq86TiXQRoGk aCfYpqhw7AKvP9RrUCbMXeNaqIuLuXVwGhAQ0rqlgSKCDL/6siPXJM+kMRdDGxiO UxUkjGnuyMqwk0/URtyxL0gi1BxmOO4WqKZ1cNQPDMl38s91ngPWKAukJ4qi4y/n BNU= -----END CERTIFICATE-----Generated at Tue Jun 3 23:19:23 2025 by rpki-client