$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c0f8903-7305-4902-a6b4-6607ce10e298.roa File: 7c0f8903-7305-4902-a6b4-6607ce10e298.roa (raw, json) Hash identifier: b9rVoMOtLNh1+S25l7e2lGByuA37OBAZhNKMVk87/Xc= Subject key identifier: 44:A3:0D:09:73:6C:C0:62:72:1E:2B:37:71:F1:85:D3:A5:67:11:19 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 056595636E12A2C2C80AFCB54E7171B38113FE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c0f8903-7305-4902-a6b4-6607ce10e298.roa Signing time: Wed 14 May 2025 00:20:07 +0000 ROA not before: Wed 14 May 2025 00:20:07 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:65:95:63:6e:12:a2:c2:c8:0a:fc:b5:4e:71:71:b3:81:13:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:20:07 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=fe342b1074f4956da79f9711e8759065e22e86b32e81378760f450a93dd1ef98, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:1a:11:47:90:20:75:fa:50:9e:c6:69:b0:09: 60:25:3c:8c:d5:cf:68:cb:be:f5:ae:9f:65:26:4a: e8:da:15:ac:6d:c7:45:05:54:7c:d2:a6:f1:1d:f8: a4:f9:48:32:ce:b1:55:d4:a2:94:3d:50:21:8c:a0: a9:cc:9e:09:07:94:4f:ce:3b:b1:ce:d1:72:05:8a: df:44:d5:8f:97:26:b2:a3:dc:3e:00:71:af:97:c5: af:10:08:92:a3:55:a1:c2:25:40:96:9c:fc:ef:71: 91:5c:70:9c:39:bd:7a:19:ed:ea:64:6e:04:1e:9f: 01:e3:1b:e9:04:5a:0d:43:ea:c1:de:b4:ce:73:2d: be:db:cb:68:0e:86:71:f4:f3:d7:69:fa:69:36:22: 61:c7:1b:97:08:f2:e5:26:b5:d7:9f:b4:1d:38:43: 62:ce:00:21:da:ea:d7:9c:be:a3:ca:2a:f8:a7:f7: 7a:44:60:ff:74:c6:ed:ae:85:7d:57:e3:9f:6e:ee: 91:c4:4d:d8:0c:6e:af:5f:7e:08:71:13:4a:99:a9: 63:7c:eb:f8:cc:bf:f8:15:01:12:3e:ef:60:a9:22: e3:34:02:32:fe:bb:fa:b5:a2:2a:4b:78:93:25:4f: 5f:4d:34:0d:d8:f4:3a:74:fc:fe:80:40:ba:c3:2b: 49:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:A3:0D:09:73:6C:C0:62:72:1E:2B:37:71:F1:85:D3:A5:67:11:19 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c0f8903-7305-4902-a6b4-6607ce10e298.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2020::/48 Signature Algorithm: sha256WithRSAEncryption 5f:c2:bf:b0:59:3d:bd:6f:43:b8:42:12:6b:70:c5:30:a3:58: f8:b5:17:a7:b1:5f:93:86:0b:3c:65:7e:0a:9b:62:d2:c7:b8: a4:d3:19:2b:18:24:1e:9f:03:fc:61:ac:ee:ae:9f:73:aa:bb: 7a:e5:38:13:0c:50:a5:d2:e2:c7:2e:a4:60:44:68:b6:85:a9: 6b:83:12:71:17:5d:44:3a:96:33:1c:24:cc:7d:4c:52:b3:c4: 30:29:f8:3e:5d:5d:3a:a6:e7:df:dc:e6:49:bb:7e:17:83:30: 0b:f0:22:05:8b:c4:7a:18:8f:2e:eb:b9:50:fd:9d:97:95:9a: af:0d:c0:45:fb:c2:7b:53:2f:49:2d:d5:30:f8:4d:27:bd:b5: 69:47:00:60:c6:11:11:43:66:fb:d1:02:05:05:2c:a1:66:69: c1:e7:bc:ec:6c:b0:26:ba:c0:d5:4a:5d:1b:ee:2b:23:70:38: 89:84:6c:52:57:dd:f0:80:a9:d0:95:1a:23:54:a2:36:52:e7: 1f:de:78:85:65:7b:72:60:e7:b3:3f:8b:33:b2:55:00:53:de: 27:a1:9e:15:cf:31:88:a7:60:7d:de:4a:da:0f:15:07:e8:f9: 7a:a8:db:d9:1c:cc:93:78:ee:30:6b:65:60:80:f3:eb:e0:7d: 0c:4e:49:80 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITBWWVY24SosLICvy1TnFxs4ET/jANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwNTE0MDAyMDA3WhcN MjUwNjE4MjM1OTU5WjB6MUkwRwYDVQQFE0BmZTM0MmIxMDc0ZjQ5NTZkYTc5Zjk3 MTFlODc1OTA2NWUyMmU4NmIzMmU4MTM3ODc2MGY0NTBhOTNkZDFlZjk4MS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6GhFHkCB1+lCexmmwCWAlPIzVz2jL vvWun2UmSujaFaxtx0UFVHzSpvEd+KT5SDLOsVXUopQ9UCGMoKnMngkHlE/OO7HO 0XIFit9E1Y+XJrKj3D4Aca+Xxa8QCJKjVaHCJUCWnPzvcZFccJw5vXoZ7epkbgQe nwHjG+kEWg1D6sHetM5zLb7by2gOhnH089dp+mk2ImHHG5cI8uUmtdeftB04Q2LO ACHa6tecvqPKKvin93pEYP90xu2uhX1X459u7pHETdgMbq9ffghxE0qZqWN86/jM v/gVARI+72CpIuM0AjL+u/q1oipLeJMlT19NNA3Y9Dp0/P6AQLrDK0ktAgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQURKMNCXNswGJyHis3cfGF06VnERkwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv N2MwZjg5MDMtNzMwNS00OTAyLWE2YjQtNjYwN2NlMTBlMjk4LnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAkBtr/ICAwDQYJKoZIhvcNAQELBQADggEBAF/Cv7BZPb1vQ7hCEmtw xTCjWPi1F6exX5OGCzxlfgqbYtLHuKTTGSsYJB6fA/xhrO6un3Oqu3rlOBMMUKXS 4scupGBEaLaFqWuDEnEXXUQ6ljMcJMx9TFKzxDAp+D5dXTqm59/c5km7fheDMAvw IgWLxHoYjy7ruVD9nZeVmq8NwEX7wntTL0kt1TD4TSe9tWlHAGDGERFDZvvRAgUF LKFmacHnvOxssCa6wNVKXRvuKyNwOImEbFJX3fCAqdCVGiNUojZS5x/eeIVle3Jg 57M/izOyVQBT3iehnhXPMYinYH3eStoPFQfo+Xqo29kczJN47jBrZWCA8+vgfQxO SYA= -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:36 2025 by rpki-client