$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa File: 86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa (raw, json) Hash identifier: PYLYFBU6tdWMVLfrFCChyzgkzl8S0DyKrPW6nSR3gGs= Subject key identifier: 6E:C0:81:8A:D0:07:F7:66:22:98:AF:A4:6C:0A:9B:43:E4:44:65:95 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 73720AAD0A9CCBA5170E3A3FB688495FAB995162 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa Signing time: Fri 16 May 2025 15:31:40 +0000 ROA not before: Fri 16 May 2025 15:31:40 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:72:0a:ad:0a:9c:cb:a5:17:0e:3a:3f:b6:88:49:5f:ab:99:51:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:31:40 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=5fae4eed6d5214fe778f0f31be8fcbda4b0e54c4547dd98f14d173b4f144b69d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:fc:c0:e1:9b:74:7f:7e:47:85:d3:ac:8e:fb: d9:2c:ff:61:fb:d9:11:1c:b1:cc:9a:28:32:e5:15: c2:70:d0:6a:9c:ce:db:8c:a3:9b:53:0a:1b:12:86: 10:57:c6:d4:3f:82:1a:cf:bc:32:b7:86:5a:cd:7f: 5a:17:9c:1f:61:42:79:6d:2d:d0:a0:98:33:53:14: e9:21:41:9c:2b:c6:8d:9d:a3:2b:42:98:db:b6:da: c6:2c:41:58:1d:9d:d7:9d:ef:85:d7:37:89:30:a6: 56:b0:f6:e3:87:37:af:69:bb:c1:69:e3:15:e9:47: 58:ab:69:f5:13:d0:3b:24:27:2c:ba:f3:2d:4c:8f: ec:15:e6:d2:7e:70:35:fd:ea:d6:ba:72:ba:c5:09: 4b:4d:58:a8:b5:c2:94:82:85:39:3f:e4:60:a8:42: 6f:6a:ec:0f:c7:89:fe:f5:68:da:b4:78:71:93:c3: 78:08:6f:36:40:7d:91:67:37:c3:08:56:24:44:ad: 0b:a0:c6:49:12:2f:10:44:45:fb:75:96:84:db:b2: 75:53:16:73:12:2e:ea:31:34:76:83:6a:68:c6:e2: 73:26:9b:5b:44:c4:b8:d3:98:92:a3:02:9b:51:54: b4:94:c4:1b:06:45:d5:82:a4:6d:43:4e:37:fb:57: f5:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:C0:81:8A:D0:07:F7:66:22:98:AF:A4:6C:0A:9B:43:E4:44:65:95 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:f000::/40 Signature Algorithm: sha256WithRSAEncryption 8d:4d:d4:33:df:58:e9:6e:78:07:d7:c8:bd:4b:2f:40:c0:7c: 2d:2f:a8:b9:9c:d3:ce:74:2f:09:a3:1e:5e:f4:2b:ba:17:b3: 7d:27:e3:41:cc:6b:ce:4c:ac:7e:d4:a3:5e:9c:74:f9:e3:e7: cb:83:d7:0f:c4:06:4a:bc:82:8f:84:4a:e5:99:0d:e5:32:58: 6e:f4:94:06:41:6d:23:9e:8e:27:06:38:1c:73:d3:bf:d9:36: 3c:54:a1:6b:33:1b:1e:79:0f:c2:10:9e:ad:90:6c:fb:44:07: b7:98:a4:2a:86:c8:6a:5c:bc:63:3c:08:c9:f1:9a:e7:6d:27: 03:ff:1a:24:95:a7:36:d6:ad:2f:93:08:5c:6e:74:c5:6c:4a: 83:16:ee:47:f6:ba:72:bd:2c:dc:15:b7:8a:36:77:22:85:3b: b0:3f:12:07:38:52:d9:79:2d:59:bb:3f:e2:df:fa:55:87:d0: eb:3e:6e:f4:9a:07:4a:38:74:dd:42:2a:4f:a0:d6:9f:1a:de: 4e:ba:c3:41:56:13:6b:eb:65:c4:75:d9:7b:e3:8a:dc:70:4f: cd:c1:b2:44:6d:f2:c0:69:a9:e1:f1:d0:20:5a:4e:0e:65:e7: 79:55:82:bb:70:eb:f5:31:98:a8:10:23:63:7b:5c:cc:d4:9f: b6:9a:cf:6a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUc3IKrQqcy6UXDjo/tohJX6uZUWIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzE0MFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANWZhZTRlZWQ2ZDUyMTRmZTc3OGYw ZjMxYmU4ZmNiZGE0YjBlNTRjNDU0N2RkOThmMTRkMTczYjRmMTQ0YjY5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifzA4Zt0f35HhdOsjvvZLP9h+9kR HLHMmigy5RXCcNBqnM7bjKObUwobEoYQV8bUP4Iaz7wyt4ZazX9aF5wfYUJ5bS3Q oJgzUxTpIUGcK8aNnaMrQpjbttrGLEFYHZ3Xne+F1zeJMKZWsPbjhzevabvBaeMV 6UdYq2n1E9A7JCcsuvMtTI/sFebSfnA1/erWunK6xQlLTViotcKUgoU5P+RgqEJv auwPx4n+9WjatHhxk8N4CG82QH2RZzfDCFYkRK0LoMZJEi8QREX7dZaE27J1UxZz Ei7qMTR2g2poxuJzJptbRMS405iSowKbUVS0lMQbBkXVgqRtQ043+1f1OQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG7AgYrQB/dmIpivpGwKm0PkRGWVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg2YzA4YjM5LTVhNDktNGVlOS1iYWFkLWE5M2U4NmQ2MmIwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8fAwDQYJKoZIhvcNAQELBQADggEBAI1N1DPfWOlueAfXyL1L L0DAfC0vqLmc0850LwmjHl70K7oXs30n40HMa85MrH7Uo16cdPnj58uD1w/EBkq8 go+ESuWZDeUyWG70lAZBbSOejicGOBxz07/ZNjxUoWszGx55D8IQnq2QbPtEB7eY pCqGyGpcvGM8CMnxmudtJwP/GiSVpzbWrS+TCFxudMVsSoMW7kf2unK9LNwVt4o2 dyKFO7A/Egc4Utl5LVm7P+Lf+lWH0Os+bvSaB0o4dN1CKk+g1p8a3k66w0FWE2vr ZcR12XvjitxwT83BskRt8sBpqeHx0CBaTg5l53lVgrtw6/UxmKgQI2N7XMzUn7aa z2o= -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:20 2025 by rpki-client