$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa File: 80672242-3fdf-44d8-88c6-841fcfbe1251.roa (raw, json) Hash identifier: L7UQNSGxdVitwQeDpIPZ2YjXhMyLGp8WFevMaMhSlwI= Subject key identifier: 9C:E7:59:CA:75:7F:CE:EB:39:74:E3:FE:27:96:7A:3A:9D:34:2C:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 44046865F9D870707C58AEBE527B261BC55434CA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa Signing time: Fri 16 May 2025 00:20:16 +0000 ROA not before: Fri 16 May 2025 00:20:16 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:04:68:65:f9:d8:70:70:7c:58:ae:be:52:7b:26:1b:c5:54:34:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:20:16 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=3da8de22273bd0356f0fa83c082fda70d51dff02b2d9a31fb77624cb0eab8a70, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:49:a8:2e:b3:5c:6e:39:e4:12:1d:8a:d4:9d: 87:6f:bb:ed:b5:e5:a6:86:ce:b9:7f:cc:ae:8c:b6: 2f:49:3e:fa:18:e5:d2:8d:71:f5:41:cc:33:35:11: a7:fd:ce:e9:92:8c:0d:bd:f7:2b:f1:1f:f3:25:d9: ec:55:13:e2:51:35:97:1c:d7:e9:f9:5a:1a:76:a2: 0f:03:50:db:29:41:34:b3:e8:db:12:e2:82:75:63: 55:31:75:5f:32:8e:01:44:f6:5c:c2:e0:8c:8a:03: c2:a5:7d:bc:cd:13:52:b4:09:82:5f:e4:b4:ff:6e: e0:2e:25:4d:85:ed:ea:b1:35:33:20:9b:e4:b1:1f: 00:f0:39:18:40:ab:bd:72:62:a0:e9:9a:28:a1:37: 07:cf:4f:6c:b3:9c:01:93:59:99:38:84:f1:ea:37: 33:d6:e0:34:1a:12:b0:e1:40:d1:6a:9e:b5:4d:6a: 2c:9c:b5:61:3e:d8:c1:7c:fc:92:82:44:c4:98:f6: 92:fc:14:10:25:2e:55:90:f8:ed:2e:0d:ff:d3:3d: 2c:b3:8a:77:72:47:8c:da:2d:d9:22:66:cf:ae:02: b3:ed:db:06:7c:49:4b:d0:5b:2e:fe:7b:95:f8:4b: ce:c4:64:4d:5f:72:95:56:78:9a:d9:83:85:d6:64: 47:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:E7:59:CA:75:7F:CE:EB:39:74:E3:FE:27:96:7A:3A:9D:34:2C:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:8800::/40 Signature Algorithm: sha256WithRSAEncryption 29:97:89:7b:49:31:36:9b:76:fa:15:23:07:ab:28:00:96:17: 1a:70:23:6b:fe:f1:c0:25:fb:80:3c:e0:35:ed:19:03:67:f0: 3c:d4:30:ec:cf:e6:ec:e2:3e:aa:c1:06:ff:ab:26:4f:89:06: e5:e6:ee:37:de:1c:95:6e:53:04:b0:f7:a5:ec:21:68:c0:3f: 48:dc:7b:01:9c:ef:34:4e:a7:20:39:89:02:ae:94:87:84:a4: 96:fc:3d:14:27:6d:c7:52:31:9a:a9:0f:5a:a0:95:eb:34:3d: 8e:aa:b7:5e:f5:11:4a:76:92:93:87:8e:38:7b:67:67:1b:56: 62:00:4f:a6:c0:bb:43:ec:e4:ff:e2:38:45:3c:d9:d7:62:f6: 4d:61:e6:4d:25:9d:7a:3c:ce:3b:36:80:27:43:ed:44:05:37: 69:00:cc:2b:d0:5d:a1:59:e9:b3:eb:11:b6:2a:13:9b:b9:1e: a3:34:eb:48:30:46:9e:92:57:65:b7:c7:a9:ec:1f:ce:db:ad: 3d:d0:e6:6c:fc:47:99:8e:19:65:87:af:b8:20:fc:1d:e9:14: 25:fb:7a:b8:42:45:42:0b:7a:3c:6f:7a:26:9e:33:ae:4e:19: 07:f1:f4:7e:10:1f:c0:cc:b1:89:ed:2e:fe:c7:14:fe:10:e4: e1:60:0b:f3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURARoZfnYcHB8WK6+UnsmG8VUNMowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMjAxNloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAM2RhOGRlMjIyNzNiZDAzNTZmMGZh ODNjMDgyZmRhNzBkNTFkZmYwMmIyZDlhMzFmYjc3NjI0Y2IwZWFiOGE3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkmoLrNcbjnkEh2K1J2Hb7vtteWm hs65f8yujLYvST76GOXSjXH1QcwzNRGn/c7pkowNvfcr8R/zJdnsVRPiUTWXHNfp +VoadqIPA1DbKUE0s+jbEuKCdWNVMXVfMo4BRPZcwuCMigPCpX28zRNStAmCX+S0 /27gLiVNhe3qsTUzIJvksR8A8DkYQKu9cmKg6ZoooTcHz09ss5wBk1mZOITx6jcz 1uA0GhKw4UDRap61TWosnLVhPtjBfPySgkTEmPaS/BQQJS5VkPjtLg3/0z0ss4p3 ckeM2i3ZImbPrgKz7dsGfElL0Fsu/nuV+EvOxGRNX3KVVnia2YOF1mRHBwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJznWcp1f87rOXTj/ieWejqdNCwlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgwNjcyMjQyLTNmZGYtNDRkOC04OGM2LTg0MWZjZmJlMTI1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaYgwDQYJKoZIhvcNAQELBQADggEBACmXiXtJMTabdvoVIwer KACWFxpwI2v+8cAl+4A84DXtGQNn8DzUMOzP5uziPqrBBv+rJk+JBuXm7jfeHJVu UwSw96XsIWjAP0jcewGc7zROpyA5iQKulIeEpJb8PRQnbcdSMZqpD1qgles0PY6q t171EUp2kpOHjjh7Z2cbVmIAT6bAu0Ps5P/iOEU82ddi9k1h5k0lnXo8zjs2gCdD 7UQFN2kAzCvQXaFZ6bPrEbYqE5u5HqM060gwRp6SV2W3x6nsH87brT3Q5mz8R5mO GWWHr7gg/B3pFCX7erhCRUILejxveiaeM65OGQfx9H4QH8DMsYntLv7HFP4Q5OFg C/M= -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:13 2025 by rpki-client