$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa File: 86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa (raw, json) Hash identifier: 0vdx9Jcj+qPjRh0rzmw/hgXP64S4amDdmP3UPb4uscI= Subject key identifier: 93:BC:6D:66:EE:05:E2:3F:39:B1:A8:BC:CA:C7:6A:08:5D:E5:70:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7097920780D4D25DBF3727D3ACA73E57F549F6EC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa Signing time: Tue 10 Jun 2025 15:30:30 +0000 ROA not before: Tue 10 Jun 2025 15:30:30 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 00:20:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:97:92:07:80:d4:d2:5d:bf:37:27:d3:ac:a7:3e:57:f5:49:f6:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:30:30 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=3b8de3dd9411f5bf1d0cb581df49539d048a8213604e0326f1a4e19e079f912c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d5:a6:a2:fc:d5:28:55:5e:11:09:d1:70:28: fd:ca:36:bd:43:5c:7a:39:e6:52:45:8a:18:83:ba: 3d:0b:13:c8:8a:6b:47:5c:2c:15:2f:d4:59:e1:f2: bd:8a:07:68:0a:0e:ed:21:52:cd:8b:57:80:a9:31: a4:77:64:9c:28:0c:b9:1b:d9:35:7d:4f:8e:0c:cb: e8:d7:0d:aa:b4:5d:a4:d3:df:d0:85:d7:22:a4:4b: c0:9a:90:43:3b:de:1e:a8:d0:3b:c8:4a:88:93:23: 68:d4:2c:d0:46:b5:d8:73:3b:5a:75:18:ee:fb:49: 9d:24:39:a6:e4:06:b6:c6:3a:c7:92:70:65:32:38: a3:c8:b4:98:c2:cb:0c:e0:06:6d:f9:ba:ea:c5:01: da:b0:60:0f:9a:79:6d:45:a9:32:4e:b4:30:91:d8: da:7b:78:09:3f:63:7e:c6:97:23:b7:7e:a7:c8:6d: b1:25:f1:1a:64:17:0c:48:40:6b:98:f7:cc:1d:67: 3e:56:22:5f:90:1a:c0:a0:d7:1d:4c:8e:85:01:99: 56:c3:93:2c:1a:30:0f:b0:88:80:31:6e:56:55:f2: db:22:c1:46:f5:e3:bd:12:69:c4:56:34:4f:75:38: ce:01:70:89:0d:7c:27:d6:a2:d3:c0:c8:b1:7b:75: 33:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:BC:6D:66:EE:05:E2:3F:39:B1:A8:BC:CA:C7:6A:08:5D:E5:70:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:f000::/40 Signature Algorithm: sha256WithRSAEncryption 75:c8:b9:ee:a1:f5:74:39:d7:3c:1c:37:66:d3:20:e7:28:c1: ab:90:ee:5a:27:b7:52:95:0c:9b:10:e1:40:77:ca:05:df:eb: e7:dd:7e:4c:ec:80:af:d6:24:8e:fc:83:f2:2d:9b:58:de:9a: 63:a9:b1:d0:d0:66:b5:50:b2:99:9d:11:0b:a4:2c:a2:38:69: 45:2e:c1:36:59:e7:1a:5c:7b:a0:b7:7a:0a:81:61:6d:ce:a6: 2b:54:be:d9:6b:69:96:8d:7c:c6:fc:f1:56:ef:4e:8f:44:aa: 55:b8:ba:d2:bd:d6:5f:db:5b:b3:d1:ae:fc:42:e6:fa:73:2f: 62:7f:a2:ad:6d:a4:3a:f3:b1:1e:6a:3e:60:0d:fb:fe:8f:ab: d5:35:5c:18:5b:b7:ac:c7:b4:bc:fb:03:08:26:18:8a:45:78: 58:b4:b8:3f:bd:32:ad:cd:81:58:9f:24:ac:42:f9:be:09:96: 45:ad:a9:10:82:a3:c1:e0:c1:33:2a:a7:6d:13:03:d4:4e:24: 1a:12:75:d9:2d:4a:e9:5a:91:db:70:de:74:24:ad:2b:e9:fe: d7:57:01:41:1c:8f:d4:17:23:3d:16:2d:d9:6b:08:75:53:a3: 51:81:22:e9:67:99:e9:06:0c:b8:08:1e:fa:32:01:84:88:bc: fa:d2:b4:f4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcJeSB4DU0l2/NyfTrKc+V/VJ9uwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MzAzMFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAM2I4ZGUzZGQ5NDExZjViZjFkMGNi NTgxZGY0OTUzOWQwNDhhODIxMzYwNGUwMzI2ZjFhNGUxOWUwNzlmOTEyYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNWmovzVKFVeEQnRcCj9yja9Q1x6 OeZSRYoYg7o9CxPIimtHXCwVL9RZ4fK9igdoCg7tIVLNi1eAqTGkd2ScKAy5G9k1 fU+ODMvo1w2qtF2k09/QhdcipEvAmpBDO94eqNA7yEqIkyNo1CzQRrXYcztadRju +0mdJDmm5Aa2xjrHknBlMjijyLSYwssM4AZt+brqxQHasGAPmnltRakyTrQwkdja e3gJP2N+xpcjt36nyG2xJfEaZBcMSEBrmPfMHWc+ViJfkBrAoNcdTI6FAZlWw5Ms GjAPsIiAMW5WVfLbIsFG9eO9EmnEVjRPdTjOAXCJDXwn1qLTwMixe3UztQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJO8bWbuBeI/ObGovMrHaghd5XB/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg2YzA4YjM5LTVhNDktNGVlOS1iYWFkLWE5M2U4NmQ2MmIwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8fAwDQYJKoZIhvcNAQELBQADggEBAHXIue6h9XQ51zwcN2bT IOcowauQ7lont1KVDJsQ4UB3ygXf6+fdfkzsgK/WJI78g/Itm1jemmOpsdDQZrVQ spmdEQukLKI4aUUuwTZZ5xpce6C3egqBYW3OpitUvtlraZaNfMb88VbvTo9EqlW4 utK91l/bW7PRrvxC5vpzL2J/oq1tpDrzsR5qPmAN+/6Pq9U1XBhbt6zHtLz7Awgm GIpFeFi0uD+9Mq3NgVifJKxC+b4JlkWtqRCCo8HgwTMqp20TA9ROJBoSddktSula kdtw3nQkrSvp/tdXAUEcj9QXIz0WLdlrCHVTo1GBIulnmekGDLgIHvoyAYSIvPrS tPQ= -----END CERTIFICATE-----Generated at Wed Jul 2 02:51:16 2025 by rpki-client