$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa File: 89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa (raw, json) Hash identifier: uQ8VTaAAxYQR8NcIJ8GaUtzLUxHzi8Nlbq2KeHvUY84= Subject key identifier: FE:ED:A7:6A:58:6F:10:2C:EF:B0:51:20:72:59:76:16:52:A8:D5:D7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7C7665DB2EA1A765A5AD7EAE67F775785A47C41C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa Signing time: Fri 16 May 2025 00:01:17 +0000 ROA not before: Fri 16 May 2025 00:01:17 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:2020::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:76:65:db:2e:a1:a7:65:a5:ad:7e:ae:67:f7:75:78:5a:47:c4:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:01:17 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=b9a71e74906c90a52271aa2150ef690969ecdd8f65df754ae9837eaea8f60818, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:6f:af:ee:53:db:cd:71:f9:0a:02:61:a0:1c: de:77:4a:2d:82:77:9a:12:e6:93:0b:97:03:0e:4d: 0f:2d:23:6d:70:d4:dd:97:92:0b:ce:23:19:69:34: 6f:d3:38:46:6f:00:b3:af:44:59:c2:68:bc:fe:a7: d9:7d:dc:ef:48:8c:87:88:c9:48:7c:a7:4a:6f:52: 49:99:59:c1:2f:be:39:ce:ed:b9:24:ae:68:92:c1: 49:52:13:d0:c5:2d:e5:10:1a:ad:3c:58:52:1c:79: 90:72:bc:92:d6:48:7f:75:6d:52:98:8b:ec:4d:f0: a7:18:76:fb:52:50:27:7d:8d:e2:09:ce:e1:cc:6e: e2:59:b0:04:57:cc:e3:a8:2e:ea:5d:7f:8e:d0:8d: 2a:bb:82:39:3f:41:3e:17:5a:f1:b5:c8:de:e6:20: ce:b2:99:6b:3b:fe:c0:c5:b7:b1:53:68:b4:cd:6c: cb:63:8b:3c:76:e6:6a:46:27:da:6f:8c:10:38:5f: 3f:5b:b1:ef:4e:d7:37:e0:71:5c:d5:08:38:af:0e: 51:1c:92:dd:de:5d:a5:79:61:5b:07:03:fe:bd:75: 44:6a:00:2b:eb:0b:f8:a9:d3:63:29:20:3d:9c:aa: 47:cb:89:83:92:f1:b7:ec:9a:6e:84:eb:d1:38:41: 37:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:ED:A7:6A:58:6F:10:2C:EF:B0:51:20:72:59:76:16:52:A8:D5:D7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:2020::/46 Signature Algorithm: sha256WithRSAEncryption 82:4c:9d:01:b7:02:4e:6e:d1:82:e9:85:ef:28:f1:d1:47:fa: b5:6b:ac:a6:3e:a6:7e:87:3f:aa:9e:cb:19:91:92:bc:b7:16: bb:f5:6c:7a:c7:5f:2f:d0:3a:76:f6:02:86:f3:57:e0:d9:f2: 11:90:5c:2b:f4:c9:36:10:b1:00:b6:c9:a5:28:f2:ec:d2:94: 7c:f7:d5:8d:0e:4e:1d:9c:52:dd:a4:1c:c8:01:72:14:51:1e: 6d:a6:2e:45:d3:34:20:0b:8a:b2:8a:b9:1d:58:85:b8:f8:83: b2:be:f9:7f:08:db:8b:db:31:26:cd:0f:42:9c:96:53:c6:3b: a6:9e:b9:e6:ca:30:49:a5:2a:65:0e:84:c9:94:a3:2c:a3:78: e8:35:57:76:ed:a5:0a:0c:37:92:a6:c5:bf:e9:34:ee:5a:68: 73:1a:09:65:b3:fa:87:48:ba:21:8b:ed:06:ec:ae:c1:5f:78: 97:5d:33:9f:5d:8c:b5:22:54:e7:40:06:9a:c9:89:32:55:a0: c2:cc:2d:4c:79:ae:75:be:cd:55:d0:96:c2:38:59:6e:af:8a: 3e:8d:a5:ae:96:49:15:99:c3:b1:b9:c8:ce:32:fd:0d:78:fb: 9b:32:ad:c3:b8:e9:8a:1e:a1:1e:8e:25:5f:59:cf:cd:34:93: ce:52:3d:5d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUfHZl2y6hp2WlrX6uZ/d1eFpHxBwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMDExN1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYjlhNzFlNzQ5MDZjOTBhNTIyNzFh YTIxNTBlZjY5MDk2OWVjZGQ4ZjY1ZGY3NTRhZTk4MzdlYWVhOGY2MDgxODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW+v7lPbzXH5CgJhoBzed0otgnea EuaTC5cDDk0PLSNtcNTdl5ILziMZaTRv0zhGbwCzr0RZwmi8/qfZfdzvSIyHiMlI fKdKb1JJmVnBL745zu25JK5oksFJUhPQxS3lEBqtPFhSHHmQcryS1kh/dW1SmIvs TfCnGHb7UlAnfY3iCc7hzG7iWbAEV8zjqC7qXX+O0I0qu4I5P0E+F1rxtcje5iDO splrO/7AxbexU2i0zWzLY4s8duZqRifab4wQOF8/W7HvTtc34HFc1Qg4rw5RHJLd 3l2leWFbBwP+vXVEagAr6wv4qdNjKSA9nKpHy4mDkvG37JpuhOvROEE3PQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP7tp2pYbxAs77BRIHJZdhZSqNXXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg5ZmJiNWM1LTBmZjktNDU0OC1iYjUwLTZlNDIxZWM2ZTI3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba9yAgMA0GCSqGSIb3DQEBCwUAA4IBAQCCTJ0BtwJObtGC6YXv KPHRR/q1a6ymPqZ+hz+qnssZkZK8txa79Wx6x18v0Dp29gKG81fg2fIRkFwr9Mk2 ELEAtsmlKPLs0pR899WNDk4dnFLdpBzIAXIUUR5tpi5F0zQgC4qyirkdWIW4+IOy vvl/CNuL2zEmzQ9CnJZTxjumnrnmyjBJpSplDoTJlKMso3joNVd27aUKDDeSpsW/ 6TTuWmhzGglls/qHSLohi+0G7K7BX3iXXTOfXYy1IlTnQAaayYkyVaDCzC1Mea51 vs1V0JbCOFlur4o+jaWulkkVmcOxucjOMv0NePubMq3DuOmKHqEejiVfWc/NNJPO Uj1d -----END CERTIFICATE-----Generated at Tue Jun 3 23:19:16 2025 by rpki-client