$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa File: 794feada-3f8b-4a7b-8954-992fddba3191.roa (raw, json) Hash identifier: tD1Ol4j3gL1asWhr+bIc1/tsZ2FZEwXG1G11m4AwRgs= Subject key identifier: D7:D0:29:F6:7F:DC:C0:26:D8:04:51:D9:C6:56:75:25:BB:70:04:3C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3B45278224882D4AA15F1454517492AD6DB9772A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa Signing time: Fri 16 May 2025 15:30:18 +0000 ROA not before: Fri 16 May 2025 15:30:18 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:45:27:82:24:88:2d:4a:a1:5f:14:54:51:74:92:ad:6d:b9:77:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:30:18 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=737e505791493a5b87dc4654dbfcd3fe61c86b57b145c0b1b82e621c0cb549fa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:a1:8b:49:29:65:0f:ad:fa:05:74:e2:60:06: bc:a4:ac:2c:d2:4b:4b:4d:b2:76:a3:72:07:1d:06: 0f:4b:3e:24:b9:79:7b:fb:28:9a:66:9b:60:1b:9d: 81:15:4a:08:8a:08:66:b3:cb:ae:d8:22:04:74:1d: f8:3b:3e:d2:b7:4c:6f:24:17:0d:e8:8d:27:13:7a: 0c:2c:b2:70:70:e5:36:1f:71:bb:74:90:57:90:3c: 2d:4d:09:d5:60:bc:f4:c6:ec:46:54:b6:0d:bb:6f: 36:38:9e:76:09:96:f2:96:fe:48:fc:b8:c6:d4:8a: 41:ab:25:06:19:92:d9:6f:27:4b:42:cb:6e:b5:ff: b9:b2:8f:48:14:27:ab:0f:ed:cf:a5:d8:bb:89:cc: 70:0f:d9:21:79:72:3f:43:03:75:05:12:eb:9d:94: 1d:9b:4d:f0:e5:d6:6c:79:58:bf:1e:5a:76:7a:61: 30:5b:60:2a:d6:d2:cb:87:c9:9e:05:48:62:29:b0: 4b:22:2c:ed:11:a7:78:48:ed:ad:72:a1:6c:34:74: 7a:a2:cc:38:f5:79:f2:5f:82:5b:cc:65:1b:a3:0c: 4f:b1:12:83:9f:62:04:a5:8e:1b:bb:bc:53:b1:c2: 7c:2d:b4:d4:1a:08:b4:bf:af:0e:a8:2a:4e:53:ae: f5:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:D0:29:F6:7F:DC:C0:26:D8:04:51:D9:C6:56:75:25:BB:70:04:3C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:a000::/40 Signature Algorithm: sha256WithRSAEncryption 34:9b:12:c4:ab:8d:15:93:f6:ef:be:68:c2:21:3d:13:64:a4: b9:45:95:f2:ea:ec:62:a0:a9:4f:1f:63:19:02:06:17:74:74: 89:62:c4:fd:bb:5b:7c:1f:4c:24:e0:18:55:61:9d:ad:54:28: 23:92:18:27:19:2c:e5:d8:07:73:a4:f6:cc:ff:30:17:78:8f: 8d:73:ed:14:8e:7f:3f:90:f6:21:38:b0:aa:15:9b:7b:2b:f9: b3:4f:05:ca:52:1e:b5:66:60:45:3c:2b:22:ce:2a:8a:5d:a3: 3e:ef:98:da:2d:15:46:f6:0f:77:64:aa:c6:19:ba:a0:df:76: 4e:2a:3f:a9:91:37:f3:32:5f:9c:78:55:30:a6:d3:af:04:37: 25:eb:98:c1:1e:dd:c6:95:e3:56:cd:52:a9:41:15:dc:36:92: 89:f8:39:d2:46:20:a3:92:97:b9:e1:97:e4:f2:7b:45:49:cd: d9:39:f6:38:8e:e6:1b:53:85:47:1c:52:a3:76:ca:9d:47:48: 44:fb:0c:5e:bc:c1:8e:a2:d4:cc:10:97:aa:ef:bb:ff:c6:2c: 99:99:30:e3:c4:32:26:b4:35:7b:bb:ac:cf:c1:8e:53:cd:57: bd:71:ad:9e:d9:ba:fe:66:d5:de:c4:28:f7:17:9f:fc:06:af: be:e3:e5:8e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUO0UngiSILUqhXxRUUXSSrW25dyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzAxOFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANzM3ZTUwNTc5MTQ5M2E1Yjg3ZGM0 NjU0ZGJmY2QzZmU2MWM4NmI1N2IxNDVjMGIxYjgyZTYyMWMwY2I1NDlmYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKGLSSllD636BXTiYAa8pKws0ktL TbJ2o3IHHQYPSz4kuXl7+yiaZptgG52BFUoIighms8uu2CIEdB34Oz7St0xvJBcN 6I0nE3oMLLJwcOU2H3G7dJBXkDwtTQnVYLz0xuxGVLYNu282OJ52CZbylv5I/LjG 1IpBqyUGGZLZbydLQstutf+5so9IFCerD+3Ppdi7icxwD9kheXI/QwN1BRLrnZQd m03w5dZseVi/Hlp2emEwW2Aq1tLLh8meBUhiKbBLIiztEad4SO2tcqFsNHR6osw4 9XnyX4JbzGUbowxPsRKDn2IEpY4bu7xTscJ8LbTUGgi0v68OqCpOU671ZwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNfQKfZ/3MAm2ARR2cZWdSW7cAQ8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5NGZlYWRhLTNmOGItNGE3Yi04OTU0LTk5MmZkZGJhMzE5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8aAwDQYJKoZIhvcNAQELBQADggEBADSbEsSrjRWT9u++aMIh PRNkpLlFlfLq7GKgqU8fYxkCBhd0dIlixP27W3wfTCTgGFVhna1UKCOSGCcZLOXY B3Ok9sz/MBd4j41z7RSOfz+Q9iE4sKoVm3sr+bNPBcpSHrVmYEU8KyLOKopdoz7v mNotFUb2D3dkqsYZuqDfdk4qP6mRN/MyX5x4VTCm068ENyXrmMEe3caV41bNUqlB Fdw2kon4OdJGIKOSl7nhl+Tye0VJzdk59jiO5htThUccUqN2yp1HSET7DF68wY6i 1MwQl6rvu//GLJmZMOPEMia0NXu7rM/BjlPNV71xrZ7Zuv5m1d7EKPcXn/wGr77j 5Y4= -----END CERTIFICATE-----Generated at Tue Jun 3 23:33:07 2025 by rpki-client