$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/745411de-d434-4fb7-bef2-d54990248d48.roa File: 745411de-d434-4fb7-bef2-d54990248d48.roa (raw, json) Hash identifier: bE9Wd6kfeH2erxtFItDtmBGowb4lCpRPfwGUge/dAEY= Subject key identifier: C9:EB:DC:90:F0:67:1E:A6:C1:70:A7:F0:37:D9:1C:48:EC:D3:6C:A5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 04BEBF7F46F73857E13909799DF2EC24284A768D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/745411de-d434-4fb7-bef2-d54990248d48.roa Signing time: Fri 16 May 2025 15:50:14 +0000 ROA not before: Fri 16 May 2025 15:50:14 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da16:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:be:bf:7f:46:f7:38:57:e1:39:09:79:9d:f2:ec:24:28:4a:76:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:50:14 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=5d1f614973d3b039ddaccb4ebc865bc003c6af258ec9615cdea8323034d18426, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:50:aa:6c:cc:e2:cf:b2:cc:fb:73:bd:3b:16: 3a:fa:8f:04:2d:95:0c:ae:60:11:d3:ad:a5:76:d8: 9e:de:c9:95:da:1b:72:0a:be:74:fe:cf:b6:93:00: ec:aa:67:84:7c:c2:90:b8:e9:ce:bf:aa:58:eb:3c: 21:77:7b:7b:d0:51:82:a7:b1:fc:06:b8:d4:16:57: 83:1d:14:76:36:8c:af:4e:54:56:ca:cf:08:b3:ae: 37:07:77:a1:98:4c:e4:c8:1a:ff:41:f2:9e:d8:dc: 46:3e:33:f5:0f:75:fb:b7:85:16:4b:95:af:29:d5: 78:22:6f:6b:76:c1:ee:04:bd:f0:09:1e:2d:b2:f3: 73:d7:42:75:1e:83:cc:e1:df:ec:08:96:59:e3:8c: f0:eb:e1:47:63:fe:3a:ec:a8:a2:a3:24:be:66:40: d5:e8:f8:6b:f9:21:b6:a1:db:17:09:23:3b:a1:58: c2:b9:d1:91:fa:ef:d0:cc:e9:31:ab:b7:69:ec:f0: 21:17:b0:60:69:3e:a7:68:94:59:ad:ec:87:a0:c3: 4a:f6:74:6d:48:f0:1f:5b:38:5f:3c:66:78:4e:41: bf:a5:eb:c9:dd:d6:21:92:15:3b:94:5e:be:15:80: f3:7c:2b:e2:b4:09:19:d6:a1:a1:9b:aa:b2:86:24: 04:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:EB:DC:90:F0:67:1E:A6:C1:70:A7:F0:37:D9:1C:48:EC:D3:6C:A5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/745411de-d434-4fb7-bef2-d54990248d48.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da16:800::/38 Signature Algorithm: sha256WithRSAEncryption 83:d1:f9:72:31:f1:fd:d1:bd:b8:4c:64:0e:36:09:d7:56:6d: 16:02:3c:9d:b1:05:d5:d9:5a:1c:64:06:a6:79:f7:74:40:b4: e1:e8:cb:d5:d2:87:f3:91:df:5e:5a:06:f1:de:01:e4:44:a0: 90:fd:aa:fe:0d:63:33:99:7f:36:f2:7c:50:a0:26:84:6f:4a: 5d:b5:7c:f1:15:b1:56:cd:53:2a:6d:0a:94:27:92:27:81:1a: 95:e3:6d:80:c3:0b:67:23:6f:c7:04:a3:bf:fa:d7:0c:ec:1e: 44:5f:ce:e7:52:cd:bf:42:64:6b:14:d3:57:be:44:b1:b1:cd: 02:45:1c:08:c3:c5:58:e2:91:3c:3f:a2:06:00:c0:a1:55:59: 68:e4:2b:86:b3:dd:e2:20:61:2d:e1:0c:e0:cc:d6:69:c7:2b: 80:51:56:e8:1c:c3:d2:c6:ce:e7:1e:14:d5:26:5e:3e:8d:7f: c0:00:6a:34:58:e5:2b:36:4c:6c:2d:c7:6c:eb:41:7b:23:e6: 3a:77:e1:ff:6d:38:43:08:25:e4:bf:5d:32:9c:01:44:86:46: 3c:e0:73:b3:08:0f:7b:59:8b:92:1d:31:58:96:d2:1e:3b:56: 7c:c0:22:e9:ba:fa:00:9a:53:9e:5f:59:64:06:fb:e8:c8:5b: b9:e5:fb:64 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBL6/f0b3OFfhOQl5nfLsJChKdo0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1NTAxNFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANWQxZjYxNDk3M2QzYjAzOWRkYWNj YjRlYmM4NjViYzAwM2M2YWYyNThlYzk2MTVjZGVhODMyMzAzNGQxODQyNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1CqbMziz7LM+3O9OxY6+o8ELZUM rmAR062ldtie3smV2htyCr50/s+2kwDsqmeEfMKQuOnOv6pY6zwhd3t70FGCp7H8 BrjUFleDHRR2NoyvTlRWys8Is643B3ehmEzkyBr/QfKe2NxGPjP1D3X7t4UWS5Wv KdV4Im9rdsHuBL3wCR4tsvNz10J1HoPM4d/sCJZZ44zw6+FHY/467KiioyS+ZkDV 6Phr+SG2odsXCSM7oVjCudGR+u/QzOkxq7dp7PAhF7BgaT6naJRZreyHoMNK9nRt SPAfWzhfPGZ4TkG/pevJ3dYhkhU7lF6+FYDzfCvitAkZ1qGhm6qyhiQEEQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMnr3JDwZx6mwXCn8DfZHEjs02ylMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc0NTQxMWRlLWQ0MzQtNGZiNy1iZWYyLWQ1NDk5MDI0OGQ0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFggwDQYJKoZIhvcNAQELBQADggEBAIPR+XIx8f3RvbhMZA42 CddWbRYCPJ2xBdXZWhxkBqZ593RAtOHoy9XSh/OR315aBvHeAeREoJD9qv4NYzOZ fzbyfFCgJoRvSl21fPEVsVbNUyptCpQnkieBGpXjbYDDC2cjb8cEo7/61wzsHkRf zudSzb9CZGsU01e+RLGxzQJFHAjDxVjikTw/ogYAwKFVWWjkK4az3eIgYS3hDODM 1mnHK4BRVugcw9LGzuceFNUmXj6Nf8AAajRY5Ss2TGwtx2zrQXsj5jp34f9tOEMI JeS/XTKcAUSGRjzgc7MID3tZi5IdMViW0h47VnzAIum6+gCaU55fWWQG++jIW7nl +2Q= -----END CERTIFICATE-----Generated at Mon Jun 2 06:32:19 2025 by rpki-client