$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa File: 78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa (raw, json) Hash identifier: ptMZ7rJraYDdRNNjlDcQ39mP2FlP7EH+vr9i6tcb+50= Subject key identifier: 9E:9A:32:7F:34:40:77:06:95:50:E4:E8:3D:F5:3D:E8:AA:36:D5:55 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7DDF329D96B6C14B7386354F485A79E8E44BBAEA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa Signing time: Mon 02 Jun 2025 15:00:48 +0000 ROA not before: Mon 02 Jun 2025 15:00:48 +0000 ROA not after: Mon 07 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:df:32:9d:96:b6:c1:4b:73:86:35:4f:48:5a:79:e8:e4:4b:ba:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 2 15:00:48 2025 GMT Not After : Jul 7 23:59:59 2025 GMT Subject: serialNumber=4eaeb1039d124bb253c0a1ac71b535cf4507b381f7769f0686fb77e7384c0f2f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:59:81:de:39:1a:12:16:0b:56:34:87:a7:7c: 60:56:9f:d3:ba:c9:68:c3:e5:15:10:ce:bd:2f:fc: ae:d2:86:cb:0f:38:8c:d2:84:23:ad:c4:31:fa:7d: 7f:f3:9b:5a:ed:ff:c9:37:92:ef:b3:98:99:c4:12: d1:33:6e:d3:87:59:d2:f3:0e:1f:29:73:80:87:5d: 88:39:df:ec:3c:11:8e:25:a8:3f:a1:5b:74:e3:23: bc:e5:91:f6:57:4f:77:5e:bb:a5:c2:82:6a:1e:8b: cc:7b:f9:ad:8e:01:fc:c0:e0:12:93:fb:ef:3e:ae: 48:87:b0:e5:84:8d:91:75:96:58:d7:9d:17:6b:ab: 7a:38:8b:4c:ad:a3:9e:9e:e5:97:de:4e:ae:7a:fd: 85:90:5a:36:3c:b5:31:e9:ab:da:4c:72:fa:7d:76: fb:a8:d8:9b:0b:e5:f3:c7:ee:7c:34:13:83:c0:88: bf:0f:a2:8b:e2:a7:6f:07:7b:a9:e2:bc:11:d4:ed: 25:0d:47:55:2f:dd:ee:0e:c7:e1:fa:fb:96:2d:72: 2e:32:2f:5f:34:7b:0d:ab:5b:5c:38:2f:de:f8:d2: 9e:24:1c:9b:14:37:20:19:79:cb:87:15:d4:e9:b2: 46:1b:be:e2:9a:3f:c4:18:77:06:d1:4f:06:ba:0e: a1:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:9A:32:7F:34:40:77:06:95:50:E4:E8:3D:F5:3D:E8:AA:36:D5:55 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:9000::/40 Signature Algorithm: sha256WithRSAEncryption 1f:c9:db:d8:2c:75:58:9d:06:80:31:20:0c:6d:5b:b5:ba:9a: 4b:0b:22:83:0e:b3:73:5d:fd:1a:bd:de:7e:be:b6:b3:5f:de: 8a:d4:9b:dc:00:a6:20:8b:4b:39:a6:47:c3:fb:0a:da:05:c3: ac:1e:8c:b3:fa:f1:74:0f:73:5c:f8:ab:e6:98:73:de:35:3e: 89:8c:46:fb:a5:32:42:1b:79:c4:4c:5e:c3:7d:0f:4f:66:f3: 15:13:e1:eb:8b:80:4c:b9:4d:6b:11:44:5f:34:a5:3a:b0:2f: a1:35:f4:de:43:e7:23:a1:fe:1b:af:a4:1d:df:95:3e:39:32: 50:8e:7f:fa:47:ec:f5:21:88:7a:d9:e9:58:71:8e:dd:57:db: 26:8e:df:12:44:02:7d:92:42:5c:d3:45:c6:a5:85:ea:aa:bc: c5:44:c1:a6:53:0d:73:0f:3f:0a:70:ec:2b:ac:55:10:0c:68: 8c:d9:fe:e8:1e:9d:82:90:fb:4e:6b:49:26:48:af:9f:66:14: 42:5c:f2:e3:83:22:dc:4a:68:c7:8a:25:1a:b8:ec:fb:b1:c5: 1d:c4:fb:22:98:3f:9c:3e:0d:d3:66:a7:b4:a9:2b:e2:15:7f: 06:f3:fc:4c:73:df:72:3a:e2:00:d5:f4:cb:fa:87:9b:12:15: 7d:c9:5c:b6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfd8ynZa2wUtzhjVPSFp56ORLuuowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwMjE1MDA0OFoX DTI1MDcwNzIzNTk1OVowejFJMEcGA1UEBRNANGVhZWIxMDM5ZDEyNGJiMjUzYzBh MWFjNzFiNTM1Y2Y0NTA3YjM4MWY3NzY5ZjA2ODZmYjc3ZTczODRjMGYyZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVmB3jkaEhYLVjSHp3xgVp/Tuslo w+UVEM69L/yu0obLDziM0oQjrcQx+n1/85ta7f/JN5Lvs5iZxBLRM27Th1nS8w4f KXOAh12IOd/sPBGOJag/oVt04yO85ZH2V093XrulwoJqHovMe/mtjgH8wOASk/vv Pq5Ih7DlhI2RdZZY150Xa6t6OItMraOenuWX3k6uev2FkFo2PLUx6avaTHL6fXb7 qNibC+Xzx+58NBODwIi/D6KL4qdvB3up4rwR1O0lDUdVL93uDsfh+vuWLXIuMi9f NHsNq1tcOC/e+NKeJBybFDcgGXnLhxXU6bJGG77imj/EGHcG0U8Gug6hwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ6aMn80QHcGlVDk6D31PeiqNtVVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc4MzQzNzU0LTVkNmUtNGRlZC05YjRjLWQ5ZDcwYjZjY2FjOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9ZAwDQYJKoZIhvcNAQELBQADggEBAB/J29gsdVidBoAxIAxt W7W6mksLIoMOs3Nd/Rq93n6+trNf3orUm9wApiCLSzmmR8P7CtoFw6wejLP68XQP c1z4q+aYc941PomMRvulMkIbecRMXsN9D09m8xUT4euLgEy5TWsRRF80pTqwL6E1 9N5D5yOh/huvpB3flT45MlCOf/pH7PUhiHrZ6Vhxjt1X2yaO3xJEAn2SQlzTRcal heqqvMVEwaZTDXMPPwpw7CusVRAMaIzZ/ugenYKQ+05rSSZIr59mFEJc8uODItxK aMeKJRq47PuxxR3E+yKYP5w+DdNmp7SpK+IVfwbz/Exz33I64gDV9Mv6h5sSFX3J XLY= -----END CERTIFICATE-----Generated at Tue Jun 3 23:20:24 2025 by rpki-client