$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ea417f3-3b4b-41d7-a7ff-22c7107de3b3.roa File: 6ea417f3-3b4b-41d7-a7ff-22c7107de3b3.roa (raw, json) Hash identifier: MZfzhc/DTaue9ouwNfOX134+/n0ZpmoZSRAdaPy57zY= Subject key identifier: B2:70:AE:99:21:05:5B:23:F4:FE:07:33:FE:D5:1E:AC:E9:16:B6:32 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 39FDB5B8806DBAEF9449DE57B9477EEF63ED8599 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ea417f3-3b4b-41d7-a7ff-22c7107de3b3.roa Signing time: Thu 26 Jun 2025 19:54:04 +0000 ROA not before: Thu 26 Jun 2025 19:54:04 +0000 ROA not after: Thu 31 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:6080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:fd:b5:b8:80:6d:ba:ef:94:49:de:57:b9:47:7e:ef:63:ed:85:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 26 19:54:04 2025 GMT Not After : Jul 31 23:59:59 2025 GMT Subject: serialNumber=7262f680c0307d8a532b7c70775056e354bd06a879efa8809d9967a2173da20b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a4:03:a7:d9:fa:07:5c:b5:c2:a2:30:7f:a3: a6:6e:c6:be:57:6d:ec:97:8b:d9:56:79:c7:9c:0c: 66:56:4b:a5:b3:fb:75:81:3a:3a:d2:6f:19:50:44: 02:30:dc:b5:25:4d:ea:1b:e4:c0:1a:3d:43:0f:6a: 74:8f:5f:e9:12:ad:81:b0:0c:d7:2f:15:df:70:c4: e0:c6:35:64:ec:bb:70:74:e8:05:d5:01:bf:54:8e: 78:b5:f8:df:bf:1c:ce:ee:ff:30:ab:e4:40:cc:a8: 82:c8:e7:2c:8d:ca:4e:4a:7b:81:d4:e0:cb:73:c7: 1f:ae:e4:77:8f:2e:bd:3e:ed:9b:91:a7:c2:9d:14: 29:e2:7d:7c:cc:08:f6:6e:ed:37:12:b7:03:fd:38: b9:7b:2d:dc:1c:ef:79:42:18:4d:e5:c8:fb:66:72: 6a:6e:71:f6:8a:6c:d4:08:f9:78:44:0c:59:3a:f6: 86:d7:54:5d:4a:28:8d:f9:c4:df:06:3e:1f:eb:a7: 10:ba:d3:94:95:9d:92:8a:4d:24:83:6e:a6:a2:b8: 3d:1e:58:d4:27:3c:d0:61:67:a0:e1:1a:27:c4:5a: 94:ad:cd:53:b9:9c:5f:ee:54:09:df:7a:af:b4:4a: 10:0e:14:86:2b:91:1c:ff:7e:a3:b0:47:3b:d5:31: 2e:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:70:AE:99:21:05:5B:23:F4:FE:07:33:FE:D5:1E:AC:E9:16:B6:32 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ea417f3-3b4b-41d7-a7ff-22c7107de3b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:6080::/46 Signature Algorithm: sha256WithRSAEncryption b7:45:6f:99:5b:e3:b0:52:d2:41:bd:ef:d5:97:2e:d7:3c:db: a7:d0:fe:8a:07:25:38:43:35:3e:35:f3:19:21:e2:f1:46:21: 85:a5:8b:58:53:7f:b9:83:10:bb:08:5d:09:e2:26:fd:2f:e6: 45:53:a2:02:a7:a8:0c:f7:52:23:63:9a:da:7c:d9:77:85:b8: ab:c5:29:ba:c0:de:ca:39:2a:92:4e:69:15:3a:f5:a3:5f:dd: e8:2a:2b:49:2c:df:47:3d:a4:6c:25:fc:38:ca:8d:b1:34:7d: a2:18:0a:1a:48:18:0a:1c:de:db:84:83:d7:f1:d5:f6:64:9f: 91:3b:04:3e:60:20:75:66:0c:52:9c:40:08:1d:30:dd:bb:10: 3b:c3:9d:18:cf:c1:e1:8b:2b:03:be:ec:bb:6f:4c:d8:f5:4e: 69:90:d0:90:78:45:5a:25:83:51:a6:4a:1c:e1:9d:21:a1:a6: f9:42:ce:d0:b7:05:2b:e0:fc:f8:f4:9e:32:c8:7c:20:23:f0: 49:5d:c7:b2:2c:f7:02:21:0b:50:1f:ab:83:91:b8:52:bd:ba: 36:4d:4f:80:3b:f9:d6:ac:ee:16:af:9c:1d:2e:29:37:41:35: c8:50:0e:6f:00:8e:63:80:98:39:7f:2c:ce:91:ea:f2:73:72: af:ff:7c:04 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOf21uIBtuu+USd5XuUd+72PthZkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNjE5NTQwNFoX DTI1MDczMTIzNTk1OVowejFJMEcGA1UEBRNANzI2MmY2ODBjMDMwN2Q4YTUzMmI3 YzcwNzc1MDU2ZTM1NGJkMDZhODc5ZWZhODgwOWQ5OTY3YTIxNzNkYTIwYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaQDp9n6B1y1wqIwf6Ombsa+V23s l4vZVnnHnAxmVkuls/t1gTo60m8ZUEQCMNy1JU3qG+TAGj1DD2p0j1/pEq2BsAzX LxXfcMTgxjVk7LtwdOgF1QG/VI54tfjfvxzO7v8wq+RAzKiCyOcsjcpOSnuB1ODL c8cfruR3jy69Pu2bkafCnRQp4n18zAj2bu03ErcD/Ti5ey3cHO95QhhN5cj7ZnJq bnH2imzUCPl4RAxZOvaG11RdSiiN+cTfBj4f66cQutOUlZ2Sik0kg26morg9HljU JzzQYWeg4RonxFqUrc1TuZxf7lQJ33qvtEoQDhSGK5Ec/36jsEc71TEuiQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLJwrpkhBVsj9P4HM/7VHqzpFrYyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZlYTQxN2YzLTNiNGItNDFkNy1hN2ZmLTIyYzcxMDdkZTNiMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba82CAMA0GCSqGSIb3DQEBCwUAA4IBAQC3RW+ZW+OwUtJBve/V ly7XPNun0P6KByU4QzU+NfMZIeLxRiGFpYtYU3+5gxC7CF0J4ib9L+ZFU6ICp6gM 91IjY5rafNl3hbirxSm6wN7KOSqSTmkVOvWjX93oKitJLN9HPaRsJfw4yo2xNH2i GAoaSBgKHN7bhIPX8dX2ZJ+ROwQ+YCB1ZgxSnEAIHTDduxA7w50Yz8HhiysDvuy7 b0zY9U5pkNCQeEVaJYNRpkoc4Z0hoab5Qs7QtwUr4Pz49J4yyHwgI/BJXceyLPcC IQtQH6uDkbhSvbo2TU+AO/nWrO4Wr5wdLik3QTXIUA5vAI5jgJg5fyzOkeryc3Kv /3wE -----END CERTIFICATE-----Generated at Mon Jun 30 23:29:02 2025 by rpki-client