$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6f434a5f-0178-4cf0-a3a6-060ccfa667bc.roa File: 6f434a5f-0178-4cf0-a3a6-060ccfa667bc.roa (raw, json) Hash identifier: I5ehY0VAcsj8Tkbf+PDJDHr9MIGmATY87BqCnRdBckc= Subject key identifier: 9E:89:0C:84:80:73:B7:E2:5C:C3:DC:08:BF:D7:6F:BC:5B:8B:ED:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 62B79767C33E6A314209F2C18A3CDC5EAE7E30D8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6f434a5f-0178-4cf0-a3a6-060ccfa667bc.roa Signing time: Fri 16 May 2025 15:20:12 +0000 ROA not before: Fri 16 May 2025 15:20:12 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:b7:97:67:c3:3e:6a:31:42:09:f2:c1:8a:3c:dc:5e:ae:7e:30:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:20:12 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=729c0901bd4c57e39370f210ddf952d8f0583bbb4907b1420e43dfee770a3f07, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:68:09:be:67:fa:74:f1:44:cb:ed:7f:83:cd: 45:b1:78:4a:6c:e4:4a:2e:ad:f9:9e:42:79:fb:8d: d6:6e:25:82:47:22:05:31:0f:65:d6:ce:89:2e:3b: 14:5e:65:97:ba:d2:bf:24:12:75:14:11:c2:89:cb: b0:e5:9a:4b:7d:50:4b:ff:74:52:2b:98:9c:d8:6e: c1:0b:ac:57:c8:6f:85:d9:9a:48:8b:4e:cb:40:64: 6e:db:28:4f:d7:07:df:20:1c:73:a6:4a:2e:27:1c: 9e:62:81:a0:9b:c1:1e:f6:e4:b0:1c:45:b7:97:76: 68:67:a9:79:98:c2:56:27:d7:3b:73:6b:43:b3:3d: a7:cc:10:92:33:b4:af:e4:33:80:1c:a6:d1:b4:7d: 0b:7c:53:61:7c:96:50:3b:a4:6c:9a:4d:51:47:80: 80:5f:1c:6e:c7:99:67:f0:72:5f:62:79:b4:da:15: df:df:f7:f3:3a:c7:b8:85:38:2d:d6:40:5e:65:5b: 32:a4:a1:06:d6:2e:c0:5d:36:0e:53:e4:0e:40:81: 39:01:87:3b:ee:67:18:62:ae:84:73:77:b0:d2:00: 86:d9:d9:db:8e:92:f2:e6:c4:f9:17:a9:76:5e:64: 30:52:ee:a1:dd:8b:11:9e:91:56:16:9a:3f:9d:7b: f4:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:89:0C:84:80:73:B7:E2:5C:C3:DC:08:BF:D7:6F:BC:5B:8B:ED:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6f434a5f-0178-4cf0-a3a6-060ccfa667bc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:b000::/40 Signature Algorithm: sha256WithRSAEncryption 3c:3d:dd:40:ca:71:d1:0e:d5:fe:cc:66:a7:8a:19:3d:cd:50: 45:b4:a4:2c:7f:17:8d:da:2a:a4:35:a3:4e:bd:ca:48:25:f6: b0:7c:83:57:c1:5b:92:f3:8f:f6:39:ba:93:15:9b:8c:05:ed: 51:f2:a9:b4:b6:56:96:ae:f2:c3:47:38:2d:6c:4d:61:b5:6d: 35:a7:e2:cd:4a:3d:15:05:f8:8b:14:47:8b:4b:00:08:d6:67: 0c:96:6d:95:dc:3c:02:5a:80:59:c2:41:16:01:fc:9a:ef:0d: d7:6b:eb:b3:27:5e:e8:cd:13:e6:f1:ed:3c:90:7b:ad:15:40: d8:84:15:8d:90:29:4b:01:b7:56:e6:cb:ae:c8:d0:76:00:d5: 32:0c:14:d1:30:23:77:7d:4e:e3:b7:9d:5a:d6:5d:4a:b0:8f: 26:8d:53:4f:21:c6:ad:3f:31:c0:bb:65:32:8d:e4:ac:ed:b2: 83:1f:43:18:6a:c8:3d:3e:59:c8:af:80:92:06:e4:de:20:dc: fa:03:b1:ae:46:02:f1:e8:56:6f:28:10:c8:5d:b7:c0:90:27: c9:21:b8:2d:e4:6a:b8:7a:3b:4f:0b:99:2b:ff:bf:9a:dd:7b: 5a:bc:48:fe:6e:ff:80:d5:f4:8d:b6:ae:c0:96:2f:6c:ac:f3: ac:c3:63:40 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYreXZ8M+ajFCCfLBijzcXq5+MNgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MjAxMloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANzI5YzA5MDFiZDRjNTdlMzkzNzBm MjEwZGRmOTUyZDhmMDU4M2JiYjQ5MDdiMTQyMGU0M2RmZWU3NzBhM2YwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGgJvmf6dPFEy+1/g81FsXhKbORK Lq35nkJ5+43WbiWCRyIFMQ9l1s6JLjsUXmWXutK/JBJ1FBHCicuw5ZpLfVBL/3RS K5ic2G7BC6xXyG+F2ZpIi07LQGRu2yhP1wffIBxzpkouJxyeYoGgm8Ee9uSwHEW3 l3ZoZ6l5mMJWJ9c7c2tDsz2nzBCSM7Sv5DOAHKbRtH0LfFNhfJZQO6Rsmk1RR4CA Xxxux5ln8HJfYnm02hXf3/fzOse4hTgt1kBeZVsypKEG1i7AXTYOU+QOQIE5AYc7 7mcYYq6Ec3ew0gCG2dnbjpLy5sT5F6l2XmQwUu6h3YsRnpFWFpo/nXv0zQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ6JDISAc7fiXMPcCL/Xb7xbi+2cMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZmNDM0YTVmLTAxNzgtNGNmMC1hM2E2LTA2MGNjZmE2NjdiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMrAwDQYJKoZIhvcNAQELBQADggEBADw93UDKcdEO1f7MZqeK GT3NUEW0pCx/F43aKqQ1o069ykgl9rB8g1fBW5Lzj/Y5upMVm4wF7VHyqbS2Vpau 8sNHOC1sTWG1bTWn4s1KPRUF+IsUR4tLAAjWZwyWbZXcPAJagFnCQRYB/JrvDddr 67MnXujNE+bx7TyQe60VQNiEFY2QKUsBt1bmy67I0HYA1TIMFNEwI3d9TuO3nVrW XUqwjyaNU08hxq0/McC7ZTKN5KztsoMfQxhqyD0+WcivgJIG5N4g3PoDsa5GAvHo Vm8oEMhdt8CQJ8khuC3karh6O08LmSv/v5rde1q8SP5u/4DV9I22rsCWL2ys86zD Y0A= -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:31 2025 by rpki-client