$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8926995e-bde5-49af-a989-17dd351a253f.roa File: 8926995e-bde5-49af-a989-17dd351a253f.roa (raw, json) Hash identifier: hSaYTfsjKWjnZ+Cgp2m1Gexb4gEoMxv06XLECBA40Ks= Subject key identifier: 11:27:EE:29:45:D5:23:1D:07:51:E9:00:A7:9C:DC:B3:E4:F0:F2:A0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7958514D8A3E0BB8A688DB86B400920CBDBB8C23 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8926995e-bde5-49af-a989-17dd351a253f.roa Signing time: Fri 16 May 2025 00:50:12 +0000 ROA not before: Fri 16 May 2025 00:50:12 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:58:51:4d:8a:3e:0b:b8:a6:88:db:86:b4:00:92:0c:bd:bb:8c:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:50:12 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=ad18adbce888ddb1c5c55fcf251ad8f14021b66065ee06f24dc2a50214a8fb08, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:7b:52:a4:7a:f1:e5:1c:51:4a:bf:b1:97:a0: b1:d1:a2:7f:47:50:c7:ea:e0:a0:d7:cf:98:e0:28: 67:c0:63:80:dd:b6:98:d1:a5:97:83:38:3f:bc:27: 54:ff:97:32:3d:97:2e:1c:98:89:cb:d7:4d:bc:1b: 45:f3:a0:12:2e:10:58:1a:0e:ef:b0:0e:e7:d0:7f: 1c:87:8d:37:78:f7:60:4b:d9:60:85:62:3b:08:e7: db:d2:58:87:cf:4c:ba:45:4d:0d:28:aa:0c:cf:1d: 06:fa:dd:0c:cd:78:02:f6:15:b3:5b:7d:ef:55:75: 67:fa:d9:3e:1a:1c:21:31:ff:fc:45:5c:13:65:f6: d9:eb:6a:88:4b:15:c4:1d:30:1b:48:07:16:88:c9: 68:ee:89:f2:42:80:13:dc:93:41:43:00:6f:7b:7c: 49:cb:8b:63:cf:5f:7b:32:28:97:18:a3:81:f9:b3: 3f:0d:65:5f:7a:9d:cf:78:5e:23:ab:bb:0e:a8:87: 23:56:06:d5:53:db:1d:78:01:7f:2c:2c:ca:50:a4: 46:fe:12:91:29:69:57:6a:53:10:2c:b8:d9:11:f6: 70:9b:17:2a:65:10:90:f9:b2:a5:b0:3d:a5:76:96: 6f:89:37:37:03:f2:12:90:7f:6d:62:ae:01:cd:e6: f9:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:27:EE:29:45:D5:23:1D:07:51:E9:00:A7:9C:DC:B3:E4:F0:F2:A0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8926995e-bde5-49af-a989-17dd351a253f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:8000::/40 Signature Algorithm: sha256WithRSAEncryption a0:f5:d9:17:04:d5:49:42:1c:27:80:e1:3f:9c:b0:96:62:17: a9:06:31:c0:71:39:e5:0f:93:44:f0:93:f2:c3:dc:c4:c2:46: c2:7d:86:97:3d:98:43:3a:e4:6c:63:9e:4a:b4:e2:45:f5:ed: dd:b2:9a:8f:6d:28:3f:3f:c2:de:37:4b:2d:ba:8e:c8:0f:cd: e7:28:4c:bf:14:3b:78:76:e2:03:05:f7:5a:a6:98:71:d5:9f: 26:da:b4:86:f5:7e:4f:90:81:2d:60:55:d7:6a:f5:e1:ca:88: 50:c4:ee:c9:e6:9c:18:4f:b7:ea:00:2d:13:98:47:96:d9:d4: 2f:2c:c9:19:65:60:fd:6e:e1:6a:bd:58:74:18:d6:85:52:a0: 2b:d1:25:b2:d0:63:96:82:87:57:a7:3e:ad:07:5b:2c:61:1e: 48:21:22:70:f4:d5:ff:96:7c:4d:20:96:61:69:a5:22:07:cc: 48:68:5f:d9:93:4a:8d:d4:32:f7:d9:04:fe:52:43:92:10:b5: fc:a6:88:94:00:08:8d:77:aa:96:ee:dd:a6:90:47:c3:bb:f5: b7:5d:c7:a5:a0:f5:b0:b3:2f:70:79:2d:db:89:dd:95:26:68: 64:3b:b7:f4:ab:29:05:d6:6c:d8:24:5c:a7:bb:da:34:55:14: cc:a2:ad:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeVhRTYo+C7imiNuGtACSDL27jCMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNTAxMloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYWQxOGFkYmNlODg4ZGRiMWM1YzU1 ZmNmMjUxYWQ4ZjE0MDIxYjY2MDY1ZWUwNmYyNGRjMmE1MDIxNGE4ZmIwODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArntSpHrx5RxRSr+xl6Cx0aJ/R1DH 6uCg18+Y4ChnwGOA3baY0aWXgzg/vCdU/5cyPZcuHJiJy9dNvBtF86ASLhBYGg7v sA7n0H8ch403ePdgS9lghWI7COfb0liHz0y6RU0NKKoMzx0G+t0MzXgC9hWzW33v VXVn+tk+GhwhMf/8RVwTZfbZ62qISxXEHTAbSAcWiMlo7onyQoAT3JNBQwBve3xJ y4tjz197MiiXGKOB+bM/DWVfep3PeF4jq7sOqIcjVgbVU9sdeAF/LCzKUKRG/hKR KWlXalMQLLjZEfZwmxcqZRCQ+bKlsD2ldpZviTc3A/ISkH9tYq4Bzeb5kwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBEn7ilF1SMdB1HpAKec3LPk8PKgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg5MjY5OTVlLWJkZTUtNDlhZi1hOTg5LTE3ZGQzNTFhMjUzZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+4AwDQYJKoZIhvcNAQELBQADggEBAKD12RcE1UlCHCeA4T+c sJZiF6kGMcBxOeUPk0Twk/LD3MTCRsJ9hpc9mEM65Gxjnkq04kX17d2ymo9tKD8/ wt43Sy26jsgPzecoTL8UO3h24gMF91qmmHHVnybatIb1fk+QgS1gVddq9eHKiFDE 7snmnBhPt+oALROYR5bZ1C8syRllYP1u4Wq9WHQY1oVSoCvRJbLQY5aCh1enPq0H WyxhHkghInD01f+WfE0glmFppSIHzEhoX9mTSo3UMvfZBP5SQ5IQtfymiJQACI13 qpbu3aaQR8O79bddx6Wg9bCzL3B5LduJ3ZUmaGQ7t/SrKQXWbNgkXKe72jRVFMyi rcI= -----END CERTIFICATE-----Generated at Mon Jun 2 06:33:52 2025 by rpki-client