$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa File: 743b890a-7e61-4b72-82d0-b83a580809c5.roa (raw, json) Hash identifier: Cm8zxzJSzjdnN6OiNUY5qkHw+B0m9yoXxsbyOsCRBR0= Subject key identifier: 74:28:68:56:6D:7B:86:27:F4:AC:47:AE:08:47:68:01:03:9F:75:33 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3577221AEDFBB3A4846769F7358F630F54D9EC3B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa Signing time: Fri 23 May 2025 00:00:10 +0000 ROA not before: Fri 23 May 2025 00:00:10 +0000 ROA not after: Fri 27 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:77:22:1a:ed:fb:b3:a4:84:67:69:f7:35:8f:63:0f:54:d9:ec:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 23 00:00:10 2025 GMT Not After : Jun 27 23:59:59 2025 GMT Subject: serialNumber=4c37863a9cebd1439f4e798580d4d1a413abaa6fbb029a595bd2cbab293d7362, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:7c:09:b5:f5:5b:d7:8a:46:d6:a6:a4:ac:68: f8:14:44:ee:b3:8a:8b:79:93:5e:c6:0d:26:8d:47: 21:df:36:01:1e:1f:a0:a7:5c:0b:ef:a5:92:a8:30: 4d:83:5a:0e:57:91:cb:2f:eb:46:83:3f:54:bf:34: 7a:49:bf:a3:46:e2:32:55:d2:30:06:f1:41:ff:f8: ee:3a:f3:6e:ce:81:56:96:7a:6a:b4:40:57:2f:6b: f4:4b:38:27:0a:77:6b:67:cf:bd:60:c5:5b:83:0c: ad:16:93:b0:0e:8a:17:ed:be:66:91:c0:69:a6:77: 23:6f:e0:f4:41:03:9f:50:98:b7:67:b5:c9:e3:9e: da:db:43:c2:ce:d8:89:17:07:b0:d6:63:ab:ad:cc: 1a:79:c2:88:f3:3d:8d:97:c4:44:8f:66:25:98:ca: ef:58:58:95:e7:c3:7d:62:ee:eb:23:0a:97:26:18: c5:53:fa:c7:05:a6:d7:c0:ff:63:d9:a5:7a:a2:3a: b9:34:d8:53:01:b6:05:8c:15:29:d5:29:a4:b3:20: ff:d3:af:38:7b:fc:89:54:53:f7:7a:44:12:8e:5e: 0b:59:6f:cf:38:8d:fe:27:0b:29:ea:bd:b7:72:a7: 0c:53:59:d0:4a:db:97:b7:fb:92:3c:e8:9d:20:f1: 5a:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:28:68:56:6D:7B:86:27:F4:AC:47:AE:08:47:68:01:03:9F:75:33 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:8800::/40 Signature Algorithm: sha256WithRSAEncryption 57:31:43:15:4f:89:72:bc:90:b9:f4:0f:72:de:59:f7:e8:89: 4f:96:e2:67:89:7f:33:64:f2:6a:93:6b:e7:a4:92:7b:3a:3b: 31:ae:6b:70:26:bd:48:04:83:eb:02:62:d0:98:1b:a2:fb:f6: f1:06:46:00:f6:52:1e:7f:ba:71:ed:71:ac:b8:ec:14:5e:c9: 2e:89:78:f1:03:3a:b5:a3:cf:83:f9:c4:9e:12:a6:49:41:85: c4:bd:48:89:24:2f:45:f4:18:ed:02:63:e8:01:86:bf:e6:70: d9:b1:ac:c7:a9:c7:68:f8:3c:76:0d:c8:f3:c5:55:18:15:10: 09:56:a2:15:b0:08:a2:14:20:b5:ec:dd:36:24:1a:4a:33:26: f6:54:c7:0b:19:46:9e:5c:c6:0a:54:6a:15:87:7c:e6:e7:a3: 45:bf:21:78:41:e8:da:89:82:cd:57:ca:c0:6b:eb:d4:7a:1a: 53:a8:03:ec:4c:da:90:a7:75:23:8d:f3:fb:42:7c:08:56:3d: 83:fc:08:33:3f:09:74:d4:b1:9d:c1:2f:02:b7:30:49:f9:f4: 55:36:2f:b3:cd:a4:7e:1f:e1:a8:ec:44:6a:b0:66:30:d7:57: 75:42:cd:e4:85:88:10:cb:8f:15:35:a9:de:d8:11:9e:bf:f7: ba:8b:3a:bd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNXciGu37s6SEZ2n3NY9jD1TZ7DswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMzAwMDAxMFoX DTI1MDYyNzIzNTk1OVowejFJMEcGA1UEBRNANGMzNzg2M2E5Y2ViZDE0MzlmNGU3 OTg1ODBkNGQxYTQxM2FiYWE2ZmJiMDI5YTU5NWJkMmNiYWIyOTNkNzM2MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXwJtfVb14pG1qakrGj4FETus4qL eZNexg0mjUch3zYBHh+gp1wL76WSqDBNg1oOV5HLL+tGgz9UvzR6Sb+jRuIyVdIw BvFB//juOvNuzoFWlnpqtEBXL2v0SzgnCndrZ8+9YMVbgwytFpOwDooX7b5mkcBp pncjb+D0QQOfUJi3Z7XJ457a20PCztiJFwew1mOrrcwaecKI8z2Nl8REj2YlmMrv WFiV58N9Yu7rIwqXJhjFU/rHBabXwP9j2aV6ojq5NNhTAbYFjBUp1SmksyD/0684 e/yJVFP3ekQSjl4LWW/POI3+Jwsp6r23cqcMU1nQStuXt/uSPOidIPFa2wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHQoaFZte4Yn9KxHrghHaAEDn3UzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc0M2I4OTBhLTdlNjEtNGI3Mi04MmQwLWI4M2E1ODA4MDljNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba74gwDQYJKoZIhvcNAQELBQADggEBAFcxQxVPiXK8kLn0D3Le WffoiU+W4meJfzNk8mqTa+ekkns6OzGua3AmvUgEg+sCYtCYG6L79vEGRgD2Uh5/ unHtcay47BReyS6JePEDOrWjz4P5xJ4SpklBhcS9SIkkL0X0GO0CY+gBhr/mcNmx rMepx2j4PHYNyPPFVRgVEAlWohWwCKIUILXs3TYkGkozJvZUxwsZRp5cxgpUahWH fObno0W/IXhB6NqJgs1XysBr69R6GlOoA+xM2pCndSON8/tCfAhWPYP8CDM/CXTU sZ3BLwK3MEn59FU2L7PNpH4f4ajsRGqwZjDXV3VCzeSFiBDLjxU1qd7YEZ6/97qL Or0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:17:07 2025 by rpki-client