$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa File: 71870024-8ed4-4150-a104-52f4b8c56809.roa (raw, json) Hash identifier: K3I3E9qyjLubj2IC4MAnMofV+r97td4r4vNhO4g3bSw= Subject key identifier: 69:B1:F0:AA:E6:2F:58:28:63:65:57:FD:26:04:2A:6B:9C:B8:C7:E2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 172F0C4866C69A3497389115945BB99F0C48FD1F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa Signing time: Sat 31 May 2025 00:00:11 +0000 ROA not before: Sat 31 May 2025 00:00:11 +0000 ROA not after: Sat 05 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:2f:0c:48:66:c6:9a:34:97:38:91:15:94:5b:b9:9f:0c:48:fd:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:00:11 2025 GMT Not After : Jul 5 23:59:59 2025 GMT Subject: serialNumber=44677693d14637afaef66e72af435382ef8de0e9628954f12de8a2006f7078b0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:77:d8:b5:d4:07:bc:e3:da:99:a9:b9:df:06: 4a:82:79:bc:fb:1c:5e:fb:11:f8:45:6e:d9:00:ba: 8e:67:ca:64:d0:94:04:67:7e:8c:b0:3a:20:f8:2c: 7d:59:83:f7:04:0a:6a:c5:36:86:45:cc:80:a4:b9: ca:5e:49:31:a3:9b:e7:c1:27:52:b0:30:92:c1:8c: 51:43:47:cf:df:6e:81:5f:f1:5b:ab:de:85:4d:5d: 3b:15:96:b5:3d:3a:22:86:f1:fe:ab:5b:0f:2c:ec: 42:ee:7a:84:b3:49:f8:bb:2d:36:81:a1:89:16:96: 94:16:06:1c:df:53:06:ff:d7:6f:22:f2:a3:3c:36: 04:1e:e0:79:d9:36:56:94:38:f4:46:61:b1:21:6f: 7b:94:06:2f:81:85:39:81:c0:ee:22:d5:49:17:c9: 6a:c3:06:0c:f7:bd:81:4d:a3:e5:15:3a:c9:33:ee: 6e:99:d3:ce:e7:e2:d2:cf:c5:43:19:14:7c:96:fe: fb:da:3d:e6:94:c9:73:0b:e7:1a:8d:90:f2:87:88: f6:41:97:e5:15:08:ba:8b:35:70:13:0c:ca:9d:a5: 68:9f:08:87:89:50:de:af:47:ec:75:af:46:48:21: 76:cb:f6:f7:5e:24:97:15:c9:7b:3d:b1:46:bd:94: 10:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:B1:F0:AA:E6:2F:58:28:63:65:57:FD:26:04:2A:6B:9C:B8:C7:E2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:2000::/40 Signature Algorithm: sha256WithRSAEncryption a2:7f:9d:67:b9:b4:9e:cf:dc:3a:a8:8c:de:41:7c:1c:65:22: 6b:85:7d:5e:10:a2:9d:cd:21:f1:b0:23:2d:db:6a:4c:f9:fd: 45:ee:a0:10:75:81:f3:39:de:9d:1a:86:20:cd:c4:8f:25:e2: 1f:dd:98:df:eb:fe:59:a0:15:bb:2c:f1:bf:d4:ab:66:a1:bb: dd:91:20:e5:41:bf:6d:8d:d4:dc:de:38:82:25:3d:05:88:6b: 65:95:af:5b:f7:7a:17:eb:82:77:07:3e:e6:dc:dc:08:08:68: fe:af:ef:23:ce:3f:63:84:0b:09:9a:71:36:68:16:bf:66:a6: 36:3a:8e:84:9a:bb:8f:15:69:fd:23:72:6a:f2:0a:fc:59:d6: 2e:3b:cc:d6:63:f3:b2:de:24:64:1b:42:44:6f:f5:48:3e:80: aa:01:90:ad:fa:ec:dc:98:ee:19:3d:5d:43:e3:89:9a:67:e7: af:41:9f:17:02:7c:8b:e4:12:c5:ea:cd:42:08:48:9d:90:1d: a7:71:5c:69:e5:e5:ae:65:12:72:21:2a:cb:fe:13:de:c4:11: 88:72:5f:d8:4f:ce:b5:f7:b7:db:39:75:54:59:26:16:b3:90: 04:26:12:ec:a7:66:79:47:36:c1:5c:99:a8:46:f3:00:fc:97: e4:c7:d6:74 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFy8MSGbGmjSXOJEVlFu5nwxI/R8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUzMTAwMDAxMVoX DTI1MDcwNTIzNTk1OVowejFJMEcGA1UEBRNANDQ2Nzc2OTNkMTQ2MzdhZmFlZjY2 ZTcyYWY0MzUzODJlZjhkZTBlOTYyODk1NGYxMmRlOGEyMDA2ZjcwNzhiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3fYtdQHvOPamam53wZKgnm8+xxe +xH4RW7ZALqOZ8pk0JQEZ36MsDog+Cx9WYP3BApqxTaGRcyApLnKXkkxo5vnwSdS sDCSwYxRQ0fP326BX/Fbq96FTV07FZa1PToihvH+q1sPLOxC7nqEs0n4uy02gaGJ FpaUFgYc31MG/9dvIvKjPDYEHuB52TZWlDj0RmGxIW97lAYvgYU5gcDuItVJF8lq wwYM972BTaPlFTrJM+5umdPO5+LSz8VDGRR8lv772j3mlMlzC+cajZDyh4j2QZfl FQi6izVwEwzKnaVonwiHiVDer0fsda9GSCF2y/b3XiSXFcl7PbFGvZQQ9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGmx8KrmL1goY2VX/SYEKmucuMfiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxODcwMDI0LThlZDQtNDE1MC1hMTA0LTUyZjRiOGM1NjgwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauCAwDQYJKoZIhvcNAQELBQADggEBAKJ/nWe5tJ7P3DqojN5B fBxlImuFfV4Qop3NIfGwIy3bakz5/UXuoBB1gfM53p0ahiDNxI8l4h/dmN/r/lmg Fbss8b/Uq2ahu92RIOVBv22N1NzeOIIlPQWIa2WVr1v3ehfrgncHPubc3AgIaP6v 7yPOP2OECwmacTZoFr9mpjY6joSau48Vaf0jcmryCvxZ1i47zNZj87LeJGQbQkRv 9Ug+gKoBkK367NyY7hk9XUPjiZpn569BnxcCfIvkEsXqzUIISJ2QHadxXGnl5a5l EnIhKsv+E97EEYhyX9hPzrX3t9s5dVRZJhazkAQmEuynZnlHNsFcmahG8wD8l+TH 1nQ= -----END CERTIFICATE-----Generated at Tue Jun 3 23:37:24 2025 by rpki-client