$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/710800d0-a544-4fe9-abd4-369c82fabbb3.roa File: 710800d0-a544-4fe9-abd4-369c82fabbb3.roa (raw, json) Hash identifier: 3oDQBuIol1uS1wnoPrkHCEJglq3dny+f4Is+JLgD3o0= Subject key identifier: A5:BD:7A:72:90:7E:B7:D6:29:7D:42:39:88:C7:E5:0F:A8:B3:C9:5A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 032F37645E3628D8C99C3D4733B6B4297C8BBF81 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/710800d0-a544-4fe9-abd4-369c82fabbb3.roa Signing time: Mon 19 May 2025 15:00:12 +0000 ROA not before: Mon 19 May 2025 15:00:12 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:2f:37:64:5e:36:28:d8:c9:9c:3d:47:33:b6:b4:29:7c:8b:bf:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 19 15:00:12 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=5f17079c95c2271f25958e53ff63f8609e43028c6c00d4fa6796a1bbc8c6f3f1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:22:38:bb:b0:f0:8c:78:40:32:23:63:e0:dc: 24:a3:8a:6b:a1:c4:d9:ff:4b:cb:fd:25:ca:1c:de: c8:56:bb:e8:8a:c0:dd:5a:a3:04:6f:f0:51:d8:fb: c0:cc:98:ba:59:2f:25:c5:83:50:df:80:67:dc:78: b0:b6:e0:7e:00:b6:ce:de:19:b5:06:c4:47:f9:81: 0c:9f:4f:4e:20:1a:61:39:40:61:b0:74:2c:08:a9: 86:66:0d:c7:b3:b7:3b:ca:e4:6b:a3:53:1e:f4:a5: a2:fd:4a:69:d6:53:e0:58:96:31:b0:ee:08:de:bf: 5c:f0:3e:ee:04:d7:c7:a1:b5:43:bb:91:90:ca:da: 6a:75:f1:ac:50:d2:6a:6e:8e:e9:d9:77:20:33:1d: 4d:b7:ec:1b:79:b6:95:74:06:3a:d1:47:18:c8:e1: e4:2c:f9:78:d8:b3:fa:1d:82:64:66:6b:69:ba:de: f5:31:8f:75:b6:7f:dd:6b:f1:02:a1:e8:42:63:9c: da:c7:ce:ad:99:63:ee:e4:5e:41:d8:3b:64:42:df: 0c:5d:f3:ff:e2:cd:31:4b:66:b3:91:68:4f:b5:93: e1:b5:ba:7a:b8:aa:92:c9:12:8f:d3:19:7c:9a:f9: 84:31:25:c1:52:c1:7b:64:9f:3a:28:53:a1:4b:76: 63:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:BD:7A:72:90:7E:B7:D6:29:7D:42:39:88:C7:E5:0F:A8:B3:C9:5A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/710800d0-a544-4fe9-abd4-369c82fabbb3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:800::/40 Signature Algorithm: sha256WithRSAEncryption 9b:10:1d:79:82:f3:27:a0:d2:60:d2:18:2f:4f:62:4d:3f:be: 47:d0:82:f0:35:16:5a:23:47:68:55:df:ed:e9:32:2c:40:d8: ba:27:b3:a8:ca:d6:10:76:20:bb:e7:2a:60:2f:78:c3:d2:0e: 19:80:1f:84:03:14:f2:38:fd:b5:36:14:07:f7:50:f1:ba:a4: ad:eb:51:02:07:66:8c:90:a9:fa:63:c2:5d:1d:3f:ad:21:77: d0:d7:fb:d9:2c:16:bb:eb:e6:2d:ca:fa:96:95:08:ee:cf:21: e1:22:a8:93:37:8f:62:3f:93:4c:9c:7a:e4:89:f7:ae:4d:7b: a1:b7:53:ee:06:c9:f3:4f:76:1d:5d:ab:e3:17:24:e0:27:65: 57:7c:a5:a2:f4:17:25:8c:ca:26:e0:29:cd:d8:8a:ab:01:87: fa:7a:f1:38:7e:69:b8:11:81:ae:08:27:f5:2b:0c:8f:9f:ee: 89:7a:00:da:d7:7b:24:6d:e9:6e:59:92:19:c4:5e:d1:34:f3: 5e:77:79:7c:1c:1c:9c:07:d2:7e:02:0d:3d:e9:de:d5:0b:ff: ab:f8:3e:fc:4e:42:60:2c:0f:76:21:6b:48:7b:08:e8:ac:08: a3:af:cd:e6:9b:18:ef:7b:13:15:4e:f8:47:3c:03:c2:6e:4a: f3:23:f8:e2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAy83ZF42KNjJnD1HM7a0KXyLv4EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxOTE1MDAxMloX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNANWYxNzA3OWM5NWMyMjcxZjI1OTU4 ZTUzZmY2M2Y4NjA5ZTQzMDI4YzZjMDBkNGZhNjc5NmExYmJjOGM2ZjNmMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iI4u7DwjHhAMiNj4Nwko4procTZ /0vL/SXKHN7IVrvoisDdWqMEb/BR2PvAzJi6WS8lxYNQ34Bn3HiwtuB+ALbO3hm1 BsRH+YEMn09OIBphOUBhsHQsCKmGZg3Hs7c7yuRro1Me9KWi/Upp1lPgWJYxsO4I 3r9c8D7uBNfHobVDu5GQytpqdfGsUNJqbo7p2XcgMx1Nt+wbebaVdAY60UcYyOHk LPl42LP6HYJkZmtput71MY91tn/da/ECoehCY5zax86tmWPu5F5B2DtkQt8MXfP/ 4s0xS2azkWhPtZPhtbp6uKqSyRKP0xl8mvmEMSXBUsF7ZJ86KFOhS3ZjOwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKW9enKQfrfWKX1COYjH5Q+os8laMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxMDgwMGQwLWE1NDQtNGZlOS1hYmQ0LTM2OWM4MmZhYmJiMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/ggwDQYJKoZIhvcNAQELBQADggEBAJsQHXmC8yeg0mDSGC9P Yk0/vkfQgvA1FlojR2hV3+3pMixA2Lons6jK1hB2ILvnKmAveMPSDhmAH4QDFPI4 /bU2FAf3UPG6pK3rUQIHZoyQqfpjwl0dP60hd9DX+9ksFrvr5i3K+paVCO7PIeEi qJM3j2I/k0yceuSJ965Ne6G3U+4GyfNPdh1dq+MXJOAnZVd8paL0FyWMyibgKc3Y iqsBh/p68Th+abgRga4IJ/UrDI+f7ol6ANrXeyRt6W5ZkhnEXtE08153eXwcHJwH 0n4CDT3p3tUL/6v4PvxOQmAsD3Yha0h7COisCKOvzeabGO97ExVO+Ec8A8JuSvMj +OI= -----END CERTIFICATE-----Generated at Tue Jun 3 23:33:16 2025 by rpki-client